In fairness, any computer that has been physically compromised is no longer secure, period.
Every attack against an otherwise secure system requires these two steps:
1. Compromise a computer or environment by gaining physical access and changing something about the computer/environment (e.g. creating a false passphrase screen, or installing a hidden camera).
2. Trick the user into giving up their passphrase/private key after step (1) is complete.
Once a machine or environment is compromised, it's just a matter of time before (2) happens and your security is broken. Physical access to a machine or environment where a passphrase is entered is required because network security is (effectively) perfect with modern crypto.
If you are truly paranoid, you'd have to constantly secure your environment and physical hardware, and whenever either went out of your physical control, not use your passphrase/private key. Full stop.
"In fairness" about what? How is client's computer compromise related to server compromise? If someone gets access to, for example, Tarsnap servers, the attackers can do nothing apart from deleting your backups. If the same happens to Backblaze (who have some interesting understanding of "security", BTW: http://i.imgur.com/t3NCm3X.png), they can get full access to your backups.
I don't consider Tarsnap's actual storage to be part of the cryptosystem – it's no different than the data simply being "in transit" indefinitely – so "compromising" a Tarsnap server has no real meaning from a cryptographic point of view.
I totally agree with you about Backblaze; at least with Tarsnap, the physical machines and environments that are actually part of the cryptosystem are in your own control.
Oh, and the "in fairness" was that compromised clients have the same problem as compromised servers. Perhaps I could have worded it better – I don't have any problem with what you wrote at all.
Every attack against an otherwise secure system requires these two steps:
1. Compromise a computer or environment by gaining physical access and changing something about the computer/environment (e.g. creating a false passphrase screen, or installing a hidden camera).
2. Trick the user into giving up their passphrase/private key after step (1) is complete.
Once a machine or environment is compromised, it's just a matter of time before (2) happens and your security is broken. Physical access to a machine or environment where a passphrase is entered is required because network security is (effectively) perfect with modern crypto.
If you are truly paranoid, you'd have to constantly secure your environment and physical hardware, and whenever either went out of your physical control, not use your passphrase/private key. Full stop.