Building on the excellent pass (https://passwordstore.org), it gives me
great pleasure to announce the initial release of qubes-pass — an
inter-VM password manager and store for Qubes OS.
Check it out here!
https://github.com/Rudd-O/qubes-pass
Well if they can do that to one file, couldn't they do that to alot more others if backing up the whole vm? I would think one file is alot easier to check. Since that whole vaultvm is only dedicated to that one file for me anyways, and I don't have custom configs or scripts in it.
One cool thing I saw about paranoid mode is it take into account things in user directories that are not even user data to begin with. so ya I back up other vms that way especially templates, and especially vms with custom configs. or vms with just alot of data in alot of diff folders out of convenience.
But for the vault I just do the single file.
And so say if the database file is malware, what do you mean by qvm-backup would prevent it?
And yes "rendering it useless by changing every password". We are talking of the times you suspect it, have a hunch, if you think you can never tell when you are compromised then what else is there to go on? and what else can be done?
by a hunch I mean like noticing weird anomalies, freezes, crashes, mouse issues, lag, or just anything really, timing and sequence of events. after my account gets hacked do I still just say it could just be a random bug cause I have no proof?
if we really can't notice anything suspicious in even with live realtime network traffic, system logs, or file integrity logs, then what else are you supposed to do. Just already assume its compromised.
So you are saying qvm-backup will know if an attacker has switched up the backup file, which is well and good. But I'm assuming the vm or file is already compromised before backing it up in the first place.
Also apparently qvm-backup has not taken every file into account or there would be no need for paranoid mode. I still believe having to only verify the integrity of a single file is better then a whole vm.
Although this discussion makes me think maybe when loading the possibly compromised keepassx file I should load it in a disposable just to get the passwords, but not open it in the new vault vm I'm going to create. But then I uess I als can't copy and paste what to do about passwords 100 characters long? lol
well I thought paranoid mode just disabled copying of some non user data executables and mayb some other stuff? And yes would have to assume it might still be infected. Sounds good to me Definitely something to think about though.
Yes qvm-backup is one file but after extracted, like an iso, is alot more. But with paranoid mode then we can just treat it as hostile but it is less capable to extract data we need. If a data vm maybe even just keep the paranoid vm for like pictures and stuff right?
I mean cause if the pictures gonna be infected anyways, might as well keep them in a vm stripped or disabled of things that can do damage. All i do right now for my media-vm is disable internet access.