Re: additional security (II)

[tarsnap <tarsnap@infopower.nl>]

On Mon, 31 Mar 2014 12:08:45 +0200
Arnt Gulbrandsen <arnt@gulbrandsen.priv.no> wrote:

> Why?
> 
> Tarsnap makes it hard to store nothing, but easy to store just a key
> that allow only making backups. So if the NSA breaches your computer,
> they can learn enough to make backups in your name. They cannot read
> your existing backups (or even the backups they made).
> 
> It leaves you open to a DoS, I suppose. An attacker can spend your
> money.
> 
> Arnt
> 

This is new to me. Is the same keyfile not also used to restore
(i.e. read) my backups? In that case I think 'our friends' (NSA and
such) do have a way of reading my backups, or am I wrong?
Or do you mean that I can separate the restore key from the
keyfile and store it somewhere else for later use?
That would be a solution too. But I've tried to read the keyfile, and
all I saw was one sequence of ASCII characters, no separate sections.
Or is that because I didn't do any restore yet?

I must admit, I do not really know a lot of the inner workings of
tarsnap, so please forgive me if I'm talking nonsense (again?).

thanks