rapenne-s
commented
1 year ago As the backup is a tar archive, I'd just add an extra file containing the instructions. It's way easier to figure how to use it than reading the header.
If I extract a tar with unknown content and that I find a README file in it, I'm more likely to read the README than looking at some backup-header file.
We could provide an option to include emergency backup restore instructions (for that backup version) as plain text immediately following the backup header (or otherwise packaged with the backup blob such that the result is a single file).
To be honest, I'm not sure whether this would be a good idea. The main benefit is that it would prevent scenarios in which a user in the distant future has an old Qubes backup but can no longer figure out how to recover data from it. If the emergency restore instructions are saved in a different file, it's possible for that separate file to be lost or the two to become separated.
One drawback is that it would increase the size of the backup (which is why it should be optional). A bigger potential concern is whether it would increase the attack surface of the backup restore process. If the text were included in what gets HMACed, it shouldn't be a problem.