On Sun, May 07, 2017 at 12:49:06PM -0500, Andrew David Wong wrote: > They're not mutually exclusive. You can do both. > > I'm the one who reported the key derivation issue [1], but even I > think qvm-backup is plenty safe as long as you use a high-entropy > passphrase. (This will no longer be an issue when we switch to scrypt > in 4.0. [1]) I personally rely on it for my most confidential data, > and I'm confident that it's not the weakest link in my setup.
FWIW, personally while I frequently use qvm-backup, I always use the password "a", and instead backup to LUKS-encrypted partitions formatted with BTRFS (for crappy authentication via BTRFS's checksums). I already rely on LUKS, so I don't see any reason to add another potential vulnerability to my setup. For my usage pattern, I'd actually prefer an option to completely remove both encryption and authentication to reduce CPU usage during backups. Based on CPU load, this appears to be the bottleneck on many of my machines (though this could be parallelized). -- https://petertodd.org 'peter'[:-1]@petertodd.org -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20170507224349.GC23545%40fedora-23-dvm. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Digital signature
