Will google drive be able to see the contents of my Qubes backup file or access its information?
And what would be the best backup service to keep my Qubes backup file safe?
Your Qubes backup is encrypted no? If so, I wouldn’t be overly concerned. However when it come to Quantum computing, encryption can be cracked much easier I think. Food for thought!
Backups are encrypted (and their integrity can be verified, but that’s not your question).
Only one file in the backup archive is not encrypted, it is called backup-header
and its contents are described in this documentation page:
(Note that the integrity of backup-header
can still be verified, but again, that’s not a measure that affects confidentiality.)
As far as I understand it quantum computers only break asymmetric ciphers. Traditional symmetric encryption (which I believe is what Qubes uses) isn’t at risk. As long as you have a high-entropy passphrase, you should be fine.
“If a backup is created […] that includes the dom0 home, the backup file contains the dom0 username in cleartext.”
Grover’s algorithm can weaken symmetric ciphers.
You can’t just use a quantum computer to calculate the key, but the symmetric ciphers are not always quantum safe, at least not with current key lengths.
Oh. Thank you @rustybird!
For clarification, that information appeared in the backup docs page that I linked but I didn’t identify dom0user
as the username used in dom0!
It’s obvious in hindsight, and very relevant to your question @adamrichards. My mistake!
Look for this line in the Emergency backup recovery (v4) page:
dom0-home/dom0user.000.enc
The “cloud” = “someone else’s computer”, so when using something secure like Qubes that doesn’t follow, at least, to me.
The contents? Definitely not. The metadata? Yes, but whether that matters depends on you.
In this example, Google already knows it’s your account, so you’re not anonymous to begin with.
“Current key lengths” include AES-256, which is what Qubes backups use, and which is widely believed to be quantum-safe. (Anyway, it’s the best option available, and it’s used to protect far more valuable secrets than any of us in this thread have.)
A single disaster or accident can destroy all of your data and backups if they’re all stored in one place. Security also includes availability. Proper 3-2-1 backup entails having an off-site backup somewhere (that’s the “1”). For many people, it would be impractical to manage good off-site backups by themselves.
However just in case it’s not obvious, off site backup can also be as simple as an encrypted USB drive kept at a friends house or at work.
I am not inclined towards “cloud” storage in general, but even if I were, my network bandwidth would make it prohibitively slow.
Who uses “Google” anything anymore or cloud computing? That just blows ,my mind!
Use any variant of “LInux/Unix” for security reasons and there are many now a days. One must come to understand that there are going to be some things you are going to have to give and decisions you are going to have to make.
Sure, but if your workplace and friends houses are all near you, then that might not be far enough. It depends on how much risk you’re willing to tolerate with your backups. Also, the further away your backups are, the less frequently you’re likely to update them by sneakernet. For example, maybe you have a friend or relative who lives very far away from you. You can store an encrypted USB drive at their place. But how often are you going to visit to update the contents? If you lose all of your other backups except that one, will you be okay if your most recent backup is a month old? A year? You could set up a NAS at their place and update over an encrypted tunnel, but now there’s a lot more that can go wrong, and you’re volunteering to be a part-time mini-data-center admin (not to mention costing your friend or relative electricity, generating heat and noise in their place, taking up their space, bugging them for any physical interactions with hardware that might be required, and so on). Not everyone is in the same life situation, so there’s no one-size-fits-all solution. Outsourcing all of the remote infrastructure to cloud storage providers and giving them only encrypted blobs just makes sense for a lot of people.
Google Cloud revenue was $26.28 billion last year, so quite a few people, apparently:
Good points about sneakernet remote backups.
In my particular case work is far enough away from home that the same natural disaster is unlikely to hit both places without killing me (at which point I don’t care about my backups). And since it’s work, I go there often enough for the considerations you’ve brought up.
But as always peoples’ mileage may differ. It’s good to bring up all options and all arguments pro- and con-…
Yes the “uninformed” unfortunately
Nothing is 100% secure. Even Qubes has it’s own security risks.
Yes, exactly! Privacy and anonymity are different. Google allows to store encrypted data on their server as far as I can remember, but the authentication process isn’t anonymity-safe. They may allow you to use the cloud as anonymous a bit and then ask you for some phone number etc