New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reconsider obligatory encryption for qvm-backup
to make backups much smaller
#8308
Comments
See #4308 (comment), especially this part:
|
@rustybird thank you for the link. If was 5 years ago, maybe it is time to reconsider. Maybe, it is a good thing to allow users to compress and encrypt their backups better that Qubes OS does. It can be done in some offline VM or even |
Duplicate of #4308 |
This appears to be a duplicate of an existing issue. If so, please comment on the appropriate existing issue instead. If anyone believes this is not really a duplicate, please leave a comment briefly explaining why. We'll be happy to take another look and, if appropriate, reopen this issue. Thank you. |
@DemiMarie that would be great, the project of @tasket looks quite nice and interesting. Nonetheless, I was hoping for some discussion, at least small, if it is a good idea to reconsider this decision from 2018, because a lot of time passed and I am not sure that it was right. I do not see problems in giving back the ability to create unencrypted backups that will be processed (compressed, encrypted and etc) by the users themselves in a better way than Qubes OS currently can. It is unfortunate that the issue was closed without discussion the points I spend time providing in the first post. |
Please note that the issue tracker (qubes-issues) is not intended to serve as a discussion venue. Instead, we've created a designated forum for discussion and support. (By contrast, the issue tracker is more of a technical tool intended to support our developers in their work.) Thank you for your understanding!
That's because you posted it in the wrong place. As I wrote above:
Closing an issue as a duplicate isn't a statement about the content of the issue. It's a statement about whether the issue seems to be a duplicate. If you want a closed issue to be reconsidered or reopened, then post your comment on that issue. But, in this case, since you want a discussion about a design decision, it would probably be even better to post on qubes-devel or the forum. |
@andrewdavidwong OK, thank you. |
How to file a helpful issue
The problem you're addressing (if any)
Currently
qvm-backup
does not support making backups without encryption.It is obviously was made intentionally.
I propose to reconsider this approach, for these reasons:
qvm-backup
is not adding any additional security, only makes everything slower and adds battery-drain.User case-example for bad compression of current
qvm-backup
:=> If there were not obligatory encryption, the user would make backup in any of these 2 ways and than pack it with
lzma
with huge dictionary as whole or some deduplication tool, making it ~ 12-15 GiB in total, so making the backup almost 10 times smaller. At least as I see it.And it is a case not only for Windows VMs, but for all data and all qubes, including fedora-based templates and hvms, and even common user data in all qubes.
Over all, I think the points are quite convincing. I see no reasons why it has to be obligatory in the first place. Maybe we should discuss this decision and reconsider if possible?
The solution you'd like
qvm-backup
optional.qubes-backup
should still force encryption, because it targets less advanced users.The value to a user, and who that user might be
The text was updated successfully, but these errors were encountered: