2011-02-06 16:44:01 +00:00
|
|
|
|
|
|
|
TODO and Roadmap for Tomb
|
|
|
|
|
|
|
|
you are welcome to send patches to jaromil@dyne.org
|
|
|
|
|
2011-09-27 10:16:19 +00:00
|
|
|
Issue tracking is now handled via GitHub, see http://github.com/dyne/Tomb
|
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
Roadmap notes:
|
2011-09-27 10:16:19 +00:00
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
* Release 3.0
|
2014-04-15 10:56:00 +00:00
|
|
|
|
2018-01-03 18:53:30 +00:00
|
|
|
*** [#A] integrate the zenroom for custom crypto functions
|
|
|
|
https://decodeproject.github.io/lua-zenroom
|
|
|
|
|
|
|
|
*** [#A] study cryptsetup 2.0 and integrate it
|
|
|
|
|
|
|
|
In particular kernel keystore functionalities
|
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
*** [#A] support BtrFS and snapshots
|
|
|
|
*** [#B] modular encryption system support
|
2014-04-15 10:56:00 +00:00
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
to go beyond dm-crypt/cryptsetup
|
2014-04-15 10:56:00 +00:00
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
ecryptfs, tc-play
|
2014-04-15 10:56:00 +00:00
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
needs tomb marks appended at end of tombs
|
2014-04-15 10:56:00 +00:00
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
*** [#B] udev rules to avoid usb automount of keyplug in gnome
|
|
|
|
*** [#B] sign and verify tomb script integrity
|
2014-04-15 10:56:00 +00:00
|
|
|
*** [#B] analyse and show tomb entropy using libdisorder
|
2015-02-20 10:40:41 +00:00
|
|
|
*** [#B] use inotify on tomb
|
2014-04-15 10:56:00 +00:00
|
|
|
inotify can also count when was the last time tomb was used and
|
|
|
|
unmount it automatically after a timeout, see how much free space
|
|
|
|
is left and warn when the space is almost finished
|
|
|
|
|
2018-01-03 18:53:30 +00:00
|
|
|
*** DONE [#A] system to split passwords in parts
|
|
|
|
CLOSED: [2018-01-03 Wed 19:48]
|
|
|
|
|
|
|
|
solved with secrets.dyne.org
|
|
|
|
*** DONE [#B] make a graphical tomb undertaker (gnome-druid in glade?)
|
|
|
|
CLOSED: [2018-01-03 Wed 19:49]
|
|
|
|
|
|
|
|
solved by gtomb and qtomb
|
|
|
|
|
2014-04-15 10:56:00 +00:00
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
** Notes from #CybRes
|
|
|
|
|
2014-04-15 10:56:00 +00:00
|
|
|
|
|
|
|
*** mlocall per swap )vecna) rompigli il caz su github
|
|
|
|
*** steganografia migliore con outguess? (vecna)
|
|
|
|
*** velocita' creazione : fallocate -l 10G (scuall8907@gm)
|
|
|
|
|
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
* DONE Release 2.0 :100%:
|
|
|
|
|
|
|
|
** [#A] support for ZFS filesystem (revisioning, bitrot)
|
|
|
|
** [#A] support for partition-based tombs
|
|
|
|
** DONE [#B] Internationalization using gettext
|
|
|
|
|
|
|
|
Started generating the strings, still need to figure out how to
|
|
|
|
install it
|
|
|
|
|
|
|
|
** DONE [#B] better tomb locksmith code for key management
|
|
|
|
** DONE [#B] backup keys on qrcodes
|
|
|
|
** DONE [#B] indeep security analysis of possible vulnerabilities
|
|
|
|
** [#C] more gtk dialogs for configurations? keep it minimal!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* DONE Release 1.0 :100%:
|
2011-02-06 16:44:01 +00:00
|
|
|
|
2011-05-09 08:32:08 +00:00
|
|
|
** TODO [#C] make one single status handle more tombs
|
|
|
|
** TODO [#C] decorate creation wizard with ASCII art
|
2011-02-13 11:29:07 +00:00
|
|
|
|
2011-05-09 08:32:08 +00:00
|
|
|
** DONE [#B] remove gnome dependencies from tomb core :jaromil:
|
2011-02-13 11:29:07 +00:00
|
|
|
|
|
|
|
gksu is deeply connected to gnome in all its packages. actually
|
|
|
|
libgksu2-dev is and that doesn't helps.
|
|
|
|
|
|
|
|
gksu binary is a very simple and dirty code, we should have
|
|
|
|
tomb-ask to use the libgksu library for privilege escalation, but
|
|
|
|
then this would add the dependency into C linking...
|
|
|
|
|
|
|
|
the solution is for now to detect if gksu is present, else fallback
|
|
|
|
to sudo and provide it an interface to ask the password graphically
|
|
|
|
via pinentry
|
2011-02-07 08:44:13 +00:00
|
|
|
|
2011-05-09 08:32:08 +00:00
|
|
|
** DONE [#B] SLAM tomb and kill all applications using it :anathema:
|
|
|
|
|
|
|
|
using lsof and fuser(1) we can do that easily
|
2011-02-07 08:44:13 +00:00
|
|
|
|
2011-05-09 08:32:08 +00:00
|
|
|
we should ask user confirmation when closing a tomb if to slam
|
|
|
|
|
|
|
|
tomb-askpass will become tomb-ask managing such user interaction,
|
|
|
|
using libassuan and pinentry from the gpg project.
|
2011-02-13 11:29:07 +00:00
|
|
|
|
2011-05-09 08:32:08 +00:00
|
|
|
** DONE [#B] fix operation without DISPLAY (over SSH) :hellekin:
|
2011-02-12 16:54:53 +00:00
|
|
|
** DONE [#A] steganography to store tomb key :jaromil:
|
|
|
|
|
|
|
|
steghide can hide keys in JPG, BMP, WAV or AU files it also takes
|
|
|
|
care of compressing end encrypting the key file so we don't
|
|
|
|
necessarily need gpg... it has Serpent and AES256 (CBC)
|
|
|
|
|
2011-02-09 12:06:45 +00:00
|
|
|
** DONE [#A] use a posix thread instead of fork for status close :jaromil:
|
|
|
|
** DONE [#A] use a config file to map bind mounts :jaromil:
|
|
|
|
|
|
|
|
done as file 'bind-hooks' inside tom. also 'post-hooks' is executed
|
|
|
|
as user in case symlinks are needed and so
|
|
|
|
|
|
|
|
using mount -o bind we can trigger actions to be made after mounting
|
|
|
|
a tomb so that personal directories appear in the home folder.
|
|
|
|
|
|
|
|
** DONE [#A] desktop integration the freedesktop way :jaromil:
|
|
|
|
** DONE [#B] debian packaging with desktop integration :jaromil:
|
2011-09-27 10:16:19 +00:00
|
|
|
** DONE [#A] Avoid overwriting key on exhume on same filename
|
|
|
|
** DONE [#A] Should refuse opening a tomb that is already open :jaromil:
|
|
|
|
|
2011-02-09 12:06:45 +00:00
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
* TODO Porting to MS/Windows
|
2011-02-13 14:42:30 +00:00
|
|
|
|
|
|
|
using FReeOTFE http://www.freeotfe.org
|
|
|
|
|
|
|
|
or at least make it compatible with http://www.sdean12.org/SecureTrayUtil.htm
|
|
|
|
|
|
|
|
* TODO Porting to Apple/OSX
|
|
|
|
|
2015-02-20 10:40:41 +00:00
|
|
|
still to be investigated what's there that supports cryptsetup-luks volumes. hditool, tcplay...
|
2011-02-13 14:42:30 +00:00
|
|
|
|