Qubes 4.x Backup setting should not be set to save (replace) default settings by default
21 views
Skip to first unread message
Teqleez Motley
Feb 13, 2019, 10:49:18 AM2/13/19
to qubes-devel googlegroup
Hi all,
In the GUI qubes backup tool, when making a new backup, there is this info right below where one enters the optional password:
"Save settings as default backup profile: [X](tick box)"
"WARNING: password will be saved in dom0 in plain text."
Two questions:
a) Where exactly does qubes save this password/backup settings (file+folder, please)
b) It seems to be ticked by default (per 4.0.1-RC/December, not the latest bugfix which I am about to prepare to upgrade to...), in case that is not changed this last month, isn't that default setting actually bad (for the personal...) security?
What if a person does not pay attention to that second sentence (making a backup in a rush, thinking one knows this tool, so not reading all info each time, etc..., but enters a password to protect the current backup, then unknowingly saves it as plain text...
I'd say that the check box should at least be UNchecked by default.
Besides, it is not obvious that that is what one wants as default: To actually save the new settings (loose/replace the last default..) without making a concious choice, so for that reason alone it should not be checked.
--
Regards,
Teqleez
In the GUI qubes backup tool, when making a new backup, there is this info right below where one enters the optional password:
"Save settings as default backup profile: [X](tick box)"
"WARNING: password will be saved in dom0 in plain text."
Two questions:
a) Where exactly does qubes save this password/backup settings (file+folder, please)
b) It seems to be ticked by default (per 4.0.1-RC/December, not the latest bugfix which I am about to prepare to upgrade to...), in case that is not changed this last month, isn't that default setting actually bad (for the personal...) security?
What if a person does not pay attention to that second sentence (making a backup in a rush, thinking one knows this tool, so not reading all info each time, etc..., but enters a password to protect the current backup, then unknowingly saves it as plain text...
I'd say that the check box should at least be UNchecked by default.
Besides, it is not obvious that that is what one wants as default: To actually save the new settings (loose/replace the last default..) without making a concious choice, so for that reason alone it should not be checked.
--
Regards,
Teqleez
Sven Semmler
Feb 13, 2019, 6:44:25 PM2/13/19
to qubes...@googlegroups.com, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This thread might be better located in qubes-users.
On 2/13/19 9:49 AM, Teqleez Motley wrote:
> a) Where exactly does qubes save this password/backup settings
> (file+folder, please)
/etc/qubes/backup/qubes-manager-backup.conf
> b) It seems to be ticked by default (per 4.0.1-RC/December, not
> the latest bugfix which I am about to prepare to upgrade to...), in
> case that is not changed this last month, isn't that default
> setting actually bad (for the personal...) security?
It depends... one could argue that if an attacker has *any* access to
dom0 it's game over. So unless you tend to leave your PC unlocked and
walk away ... in which case the saved backup password should be the
least of your issues.
/Sven
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlxkq9MACgkQ2m4We49U
H7ZoCQ/9HYPWOrBeiUxwSEQeqs4+Tm6QXp2ix8KmX9PNQZ2HQhmd/2EzER99VdSO
B4obqlPdLc0Hr86RtwJbMFXrTjFe7HaM8ujMJPjVsvPZkEdpsMSlxZOLGDG6geL5
AYnr+ypRFJvguucSK6/CdoYj50N2wYZVxSieBHv4vVy2RO9T5bz/ihWu5EehsURs
5aV1iEqhMfi3t3qhxKdKQUyPMW9OqHcmOoHb+mFX/TCRgYIFKWbsjHq7Vi4fG9iz
8lwfKzDewoVkDyvZPjZMSRxmUf7Wop3+yzHjNsqlIrA98XnrxNBupF9PkfzoU3yl
zRjJREnQ+QDcv8ivoW7WXhSxY0gBBYj9Kk8B6/XJe5ERXYPmDUdzw/YxBHJJx5q2
BSDSZHCjw++JvwyhRzPdtJAyQixa/JhwsdIz0Q1aYMEDo9kSfESXhIxH1UEJrRnv
QzJcHvHtknu/W+8W9Fo9IQsi9+jhgEl/uh+qwyaxPG0DsCa/uQ7TZ+ywLCnmed4d
eEUpj/A4My5O7WM17eVuU9rFo+ZQPGquqPqE0Gl0xwlSfxFsvLieS2NEfSL/M3rr
+jNl/TogUM0h2bMV3W/zU5wXGj+2ZeL/nkq3kinrL75IdnJMqhdlfjgGOeg0XgkB
p9Rm7ghegDcY2/dvDNRu1uN1HDaZb+5kSWEdlzgr2I6JWt6azdg=
=MaKW
-----END PGP SIGNATURE-----
Hash: SHA256
This thread might be better located in qubes-users.
On 2/13/19 9:49 AM, Teqleez Motley wrote:
> a) Where exactly does qubes save this password/backup settings
> (file+folder, please)
> b) It seems to be ticked by default (per 4.0.1-RC/December, not
> the latest bugfix which I am about to prepare to upgrade to...), in
> case that is not changed this last month, isn't that default
> setting actually bad (for the personal...) security?
dom0 it's game over. So unless you tend to leave your PC unlocked and
walk away ... in which case the saved backup password should be the
least of your issues.
/Sven
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlxkq9MACgkQ2m4We49U
H7ZoCQ/9HYPWOrBeiUxwSEQeqs4+Tm6QXp2ix8KmX9PNQZ2HQhmd/2EzER99VdSO
B4obqlPdLc0Hr86RtwJbMFXrTjFe7HaM8ujMJPjVsvPZkEdpsMSlxZOLGDG6geL5
AYnr+ypRFJvguucSK6/CdoYj50N2wYZVxSieBHv4vVy2RO9T5bz/ihWu5EehsURs
5aV1iEqhMfi3t3qhxKdKQUyPMW9OqHcmOoHb+mFX/TCRgYIFKWbsjHq7Vi4fG9iz
8lwfKzDewoVkDyvZPjZMSRxmUf7Wop3+yzHjNsqlIrA98XnrxNBupF9PkfzoU3yl
zRjJREnQ+QDcv8ivoW7WXhSxY0gBBYj9Kk8B6/XJe5ERXYPmDUdzw/YxBHJJx5q2
BSDSZHCjw++JvwyhRzPdtJAyQixa/JhwsdIz0Q1aYMEDo9kSfESXhIxH1UEJrRnv
QzJcHvHtknu/W+8W9Fo9IQsi9+jhgEl/uh+qwyaxPG0DsCa/uQ7TZ+ywLCnmed4d
eEUpj/A4My5O7WM17eVuU9rFo+ZQPGquqPqE0Gl0xwlSfxFsvLieS2NEfSL/M3rr
+jNl/TogUM0h2bMV3W/zU5wXGj+2ZeL/nkq3kinrL75IdnJMqhdlfjgGOeg0XgkB
p9Rm7ghegDcY2/dvDNRu1uN1HDaZb+5kSWEdlzgr2I6JWt6azdg=
=MaKW
-----END PGP SIGNATURE-----
awokd
Feb 13, 2019, 6:59:51 PM2/13/19
to qubes...@googlegroups.com
Teqleez Motley wrote on 2/13/19 3:49 PM:
https://github.com/QubesOS/qubes-issues/issues/4777, but it's in
/etc/qubes/backup/qubes-manager-backup.conf.
> b) It seems to be ticked by default (per 4.0.1-RC/December, not the latest bugfix which I am about to prepare to upgrade to...), in case that is not changed this last month, isn't that default setting actually bad (for the personal...) security?
>
> What if a person does not pay attention to that second sentence (making a backup in a rush, thinking one knows this tool, so not reading all info each time, etc..., but enters a password to protect the current backup, then unknowingly saves it as plain text...
> I'd say that the check box should at least be UNchecked by default.
> Besides, it is not obvious that that is what one wants as default: To actually save the new settings (loose/replace the last default..) without making a concious choice, so for that reason alone it should not be checked.
>
Not sure why it's checked by default. I have to clear it every time too.
Could try submitting a code change for it and see if it gets merged, or
a new issue.
> Hi all,
> In the GUI qubes backup tool, when making a new backup, there is this info right below where one enters the optional password:
>
> "Save settings as default backup profile: [X](tick box)"
> "WARNING: password will be saved in dom0 in plain text."
>
> Two questions:
>
> a) Where exactly does qubes save this password/backup settings (file+folder, please)
Looks like this happened to be resolved 7 days ago with
> In the GUI qubes backup tool, when making a new backup, there is this info right below where one enters the optional password:
>
> "Save settings as default backup profile: [X](tick box)"
> "WARNING: password will be saved in dom0 in plain text."
>
> Two questions:
>
> a) Where exactly does qubes save this password/backup settings (file+folder, please)
https://github.com/QubesOS/qubes-issues/issues/4777, but it's in
/etc/qubes/backup/qubes-manager-backup.conf.
> b) It seems to be ticked by default (per 4.0.1-RC/December, not the latest bugfix which I am about to prepare to upgrade to...), in case that is not changed this last month, isn't that default setting actually bad (for the personal...) security?
>
> What if a person does not pay attention to that second sentence (making a backup in a rush, thinking one knows this tool, so not reading all info each time, etc..., but enters a password to protect the current backup, then unknowingly saves it as plain text...
> I'd say that the check box should at least be UNchecked by default.
> Besides, it is not obvious that that is what one wants as default: To actually save the new settings (loose/replace the last default..) without making a concious choice, so for that reason alone it should not be checked.
>
Could try submitting a code change for it and see if it gets merged, or
a new issue.
Andrew David Wong
Feb 13, 2019, 11:51:23 PM2/13/19
to Teqleez Motley, qubes-devel googlegroup
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Please file an issue for this:
https://www.qubes-os.org/doc/reporting-bugs/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlxk87MACgkQ203TvDlQ
MDBH0Q//dDNFmpB5kAMuGWdRmgdBsX0qJmkNIGkjO6nwNPqMmRP7HtEbTsTRM8nq
fqK4MZPNVJIxgYBKR7105jBy69IC58uAOWO3o2abcD9V6Npy6gT6qyiyzPhQgV2V
4Ce0m6GHW1KUBYOdf80f0O3VSGNSkmjUp9hPfwQjUypp4ooX3WgRAqx/+Ok2y2R5
TVoAxO+A3R2/jnmUT2MDTyU4nr7/ZJUztsk93yUykZthR8ImD89oKwb9WQrsoxdT
R5/rHsNjkj6BqmnYM2+QDnxAF8VXa79VV7JvSVB8hWf6Qty6D9TISkHcitbIKQaA
Qb3Ujnl+yp2z/P+WsBvbK7k+SF8U3Jac++ey4iQzn6Yn4Hv5g2eMLUXNLTfUzaiH
6W88KepSUY+dOCIdStJsmuUsNrNP9KPUsk9d4GigAUel0GzYqcvn5HKUWbvoPpVE
tzfmVHfRwgmZsNCMO3Z2cCmCiW2kFANetn2KTltMyeL0EumE2LSBFqNOcgr8+rOz
qizUKTdQUuyxd53GjXsLH9wZuSgtA5jeI7184S/4RpSIE5eoQoorxwvA/4ipuAEj
fvV0THAsDO1hJJGrmI9uQyq0frbzgcsLpY/Nk5nl4U8NNesyjZHgvMkCqrCiMFci
XhHgWOj0fsBBcwWWJLv6MROFso1u0c84kTZ4dFTpQGCEyoNG8fc=
=iRKk
-----END PGP SIGNATURE-----
Hash: SHA512
https://www.qubes-os.org/doc/reporting-bugs/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlxk87MACgkQ203TvDlQ
MDBH0Q//dDNFmpB5kAMuGWdRmgdBsX0qJmkNIGkjO6nwNPqMmRP7HtEbTsTRM8nq
fqK4MZPNVJIxgYBKR7105jBy69IC58uAOWO3o2abcD9V6Npy6gT6qyiyzPhQgV2V
4Ce0m6GHW1KUBYOdf80f0O3VSGNSkmjUp9hPfwQjUypp4ooX3WgRAqx/+Ok2y2R5
TVoAxO+A3R2/jnmUT2MDTyU4nr7/ZJUztsk93yUykZthR8ImD89oKwb9WQrsoxdT
R5/rHsNjkj6BqmnYM2+QDnxAF8VXa79VV7JvSVB8hWf6Qty6D9TISkHcitbIKQaA
Qb3Ujnl+yp2z/P+WsBvbK7k+SF8U3Jac++ey4iQzn6Yn4Hv5g2eMLUXNLTfUzaiH
6W88KepSUY+dOCIdStJsmuUsNrNP9KPUsk9d4GigAUel0GzYqcvn5HKUWbvoPpVE
tzfmVHfRwgmZsNCMO3Z2cCmCiW2kFANetn2KTltMyeL0EumE2LSBFqNOcgr8+rOz
qizUKTdQUuyxd53GjXsLH9wZuSgtA5jeI7184S/4RpSIE5eoQoorxwvA/4ipuAEj
fvV0THAsDO1hJJGrmI9uQyq0frbzgcsLpY/Nk5nl4U8NNesyjZHgvMkCqrCiMFci
XhHgWOj0fsBBcwWWJLv6MROFso1u0c84kTZ4dFTpQGCEyoNG8fc=
=iRKk
-----END PGP SIGNATURE-----
Teqleez Motley
Feb 14, 2019, 7:22:49 AM2/14/19
to qubes-devel googlegroup
> > b) It seems to be ticked by default (per 4.0.1-RC/December, not the
> > latest bugfix which I am about to prepare to upgrade to...), in
> > case that is not changed this last month, isn't that default
> > setting actually bad (for the personal...) security?
> >
>
https://github.com/QubesOS/qubes-issues/issues/4819
> > latest bugfix which I am about to prepare to upgrade to...), in
> > case that is not changed this last month, isn't that default
> > setting actually bad (for the personal...) security?
> >
>
--
Regards,
Teqleez
Reply all
Reply to author
Forward
0 new messages