[Box Backup] Danger of files being erased
Alaric B Snell
boxbackup at fluffy.co.uk
Sun Feb 1 23:23:23 GMT 2004
Ben Summers wrote:
>> And also is it possible to lock the
>> backup key, like putting a passphrase on it? Of course the passphrase
>> has to be entered before using the key, which means when bbackupd or
>> bbackupquery is started.
> There's not much point in doing this. It would add little to the
> security of the system, and provide a false sense of security. Seeing as
> the key and the data on the computer you've just broken into are
> effectively equivalent, there is no reason to protect the key. An
> attacker would just read the decrypted data.
> Of course, there is the problem that if they broke in to your computer
> and stole the keys, they could then use the backup server to get copies
> of your files whenever they wanted. But this could be solved by changing
> the certificate -- and you would notice the break-in, wouldn't you?
> Security is about reacting, as well as preventing.
Is there a danger they could compromise system data, and then upload the
new compromised versions to the backups? Worse than setting the deleted
flag :-) What's done about multiple historic versions of files in the
Interestingly, the clever upload-only-changes thing could well be used
to help clear up after an exploit - reboot from a clean OS to get past
the rootkit, then ask the bbackupquery tool to list which files were
modified since the last backup run, and then hand-vet the changes...
>> - I'm really considering running it on every machine I own. I'm just
>> waiting to get more disk space.
Personally, I'm limited by bandwidth between my machines, which are all
at different ISPs (with bandwidth charges) or on ADSL - which is why my
trusty tape drives are still whirring away for now; I can use sneakernet
for my high bandwidth backup transfers ;-)
I'm wondering about performing gross trickery and taking a laptop into
each rack in turn, running the server, to do the initial
upload-everything onto, then transferring the server install to a real
server machine to then handle subsequent incrementals...
More information about the Boxbackup