Tomb/README.muse

#title Tomb - The Crypto Undertaker
#author Jaromil

<contents>

* Tomb - RIP


<example>
    .....                                                ..
 .H8888888h.  ~-.                                  . uW8"
 888888888888x  `>        u.      ..    .     :    `t888
X~     `?888888hx~  ...ue888b   .888: x888  x888.   8888   .
'      x8.^"*88*"   888R Y888r ~`8888~'888X`?888f`  9888.z88N
 `-:- X8888x        888R I888>   X888  888X '888>   9888  888E
      488888>       888R I888>   X888  888X '888>   9888  888E
    .. `"88*        888R I888>   X888  888X '888>   9888  888E
  x88888nX"      . u8888cJ888    X888  888X '888>   9888  888E
 !"*8888888n..  :   "*888*P"    "*88%""*88" '888!` .8888  888"
'    "*88888888*      'Y"         `~    "    `"`    `%888*%"
        ^"***"`                                        "`

  a simple commandline tool to manage encrypted storage  v.0.9
            http://tomb.dyne.org            by Jaromil @ dyne.org
</example>

** Introduction

Tomb aims to be an 100% free and open source system for easy
encryption and backup of personal files, written in code that is easy
to review and links commonly shared components.

At present time Tomb is easy to install and use, it mainly consists of
a Shell script and some auxiliary C code for desktop integration,
making use of GNU tools and the cryptographic API of the Linux kernel.

*** Who needs Tomb

Our target community are desktop users with no time to click around,
sometimes using old or borrowed computers, operating in places
endangered by conflict where a leak of personal data can be a threat.

If you don't own a laptop then it's possible to go around with a USB
stick and borrow computers, still leaving no trace and keeping your
data safe during transports. Tomb aims to facilitate all this and to
be interoperable across popular GNU/Linux operating systems.

*** Aren't there enough encryption tools already?

We've felt the urgency of publishing Tomb for other operating systems
than dyne:bolic since the current situation with [[http://en.wikipedia.org/wiki/TrueCrypt][TrueCrypt]] is far from
optimal.  TrueCrypt makes use of statically linked libraries, its code
is not hosted on CVS and is [[http://lists.freedesktop.org/archives/distributions/2008-October/000276.html][not considered free]] by GNU/Linux
distributions because of liability reasons, see [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034][Debian]], [[https://bugs.edge.launchpad.net/ubuntu/+bug/109701][Ubuntu]][4],
Suse[5], Gentoo[6] and Fedora[7].

Seen from this perspective, Tomb is intended as a rewrite of most
functionalities offered by TrueCrypt in a new application, confident
it won't take much relying on previous experience and aiming at:
 
 - short and readable code, linking shared libs and common components 
 - easy graphical interface, simple for ad-hoc (DIY-deniable)
 - transparent and distributed development hosted using GIT
 - GNU General Public License v3

[1] http://en.wikipedia.org/wiki/TrueCrypt
[2] http://lists.freedesktop.org/archives/distributions/2008-October/000276.html
[3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034
[4] https://bugs.edge.launchpad.net/ubuntu/+bug/109701
[5] http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html
[6] http://bugs.gentoo.org/show\_bug.cgi?id=241650
[7] https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt

*** How does it works

Tomb generates 'key files' and protects them with a password choosen
by the user; the key files are then used to encrypt loop-back mounted
partitions, like single files containing a filesystem inside: this way
keys can be separated from data for safer transports when
required.

** Downloads

For licensing information see the [[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]]

Below a list of formats you can download this application: ready to be
run with some of the interfaces developed, as a library you can use to
build your own application and as source code you can study.

*** Code repository

Latest stable release is 0.9 (25 January 2011) more about it in the
[[ftp://ftp.dyne.org/tomb/NEWS][NEWS]] and [[ftp://ftp.dyne.org/tomb/ChangeLog][ChangeLog]]

Source releases are checked and signed by [[http://jaromil.dyne.org][Jaromil]] using [[http://www.gnupg.org][GnuPG]].

On [[ftp://ftp.dyne.org/tomb][ftp.dyne.org/tomb]] you find all present and past Tomb releases,
source code for extra plugins and more binaries that we occasionally
build for various architectures.

The bleeding edge version is developed on our [[http://code.dyne.org][code repository]] using
**GIT**, you can clone the repository free and anonymously

<example>
       git clone git://code.dyne.org/tomb.git
</example>


** Development


*** Stage of development

Tomb is an evolution of the 'mknest' tool developed for the dyne:bolic
GNU/Linux distribution, which is used by its 'nesting' mechanism to
encrypt the Home directory of users.

As such, it uses well tested and reviewed routines and its shell code
is pretty readable. The name transition from 'mknest' to 'tomb' is
marked by the adaptation of mknest to work on the Debian operating
system, used by its author in the past 3 years.

*** How can you help

Code is pretty short and readable: start looking around it and the
materials found in doc/ which are good pointers at security measures
to be further implemented.

Have a look in the TODO file to see what our plans are.

At the moment we can use some good help in porting this tool on
M$/Windows and Apple/OSX, still keeping the minimal approach we all
love.
manpage, documentation and fixes for the new release includes also timeout to ask_usbkey, correct naming of tomb reference documentation for encryption settings, webpage updates and artworks 2011-01-28 11:26:35 +00:00			`#title Tomb - The Crypto Undertaker`
			`#author Jaromil`

			`<contents>`

			`* Tomb - RIP`


			`<example>`
			`..... ..`
			`.H8888888h. ~-. . uW8"`
			888888888888x `> u. .. . : `t888
			X~ `?888888hx~ ...ue888b .888: x888 x888. 8888 .
			' x8.^"88" 888R Y888r ~`8888~'888X`?888f` 9888.z88N
			`-:- X8888x 888R I888> X888 888X '888> 9888 888E
			`488888> 888R I888> X888 888X '888> 9888 888E`
			.. `"88* 888R I888> X888 888X '888> 9888 888E
			`x88888nX" . u8888cJ888 X888 888X '888> 9888 888E`
			!"8888888n.. : "888P" "88%""*88" '888!` .8888 888"
			' "88888888 'Y" `~ " `"` `%888*%"
			^"***"` "`

			`a simple commandline tool to manage encrypted storage v.0.9`
			`http://tomb.dyne.org by Jaromil @ dyne.org`
			`</example>`

			`** Introduction`

			`Tomb aims to be an 100% free and open source system for easy`
			`encryption and backup of personal files, written in code that is easy`
			`to review and links commonly shared components.`

			`At present time Tomb is easy to install and use, it mainly consists of`
			`a Shell script and some auxiliary C code for desktop integration,`
			`making use of GNU tools and the cryptographic API of the Linux kernel.`

			`*** Who needs Tomb`

			`Our target community are desktop users with no time to click around,`
			`sometimes using old or borrowed computers, operating in places`
			`endangered by conflict where a leak of personal data can be a threat.`

			`If you don't own a laptop then it's possible to go around with a USB`
			`stick and borrow computers, still leaving no trace and keeping your`
			`data safe during transports. Tomb aims to facilitate all this and to`
			`be interoperable across popular GNU/Linux operating systems.`

			`*** Aren't there enough encryption tools already?`

			`We've felt the urgency of publishing Tomb for other operating systems`
			`than dyne:bolic since the current situation with [[http://en.wikipedia.org/wiki/TrueCrypt][TrueCrypt]] is far from`
			`optimal. TrueCrypt makes use of statically linked libraries, its code`
			`is not hosted on CVS and is [[http://lists.freedesktop.org/archives/distributions/2008-October/000276.html][not considered free]] by GNU/Linux`
			`distributions because of liability reasons, see [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034][Debian]], [[https://bugs.edge.launchpad.net/ubuntu/+bug/109701][Ubuntu]][4],`
			`Suse[5], Gentoo[6] and Fedora[7].`

			`Seen from this perspective, Tomb is intended as a rewrite of most`
			`functionalities offered by TrueCrypt in a new application, confident`
			`it won't take much relying on previous experience and aiming at:`

			`- short and readable code, linking shared libs and common components`
			`- easy graphical interface, simple for ad-hoc (DIY-deniable)`
			`- transparent and distributed development hosted using GIT`
			`- GNU General Public License v3`

			`[1] http://en.wikipedia.org/wiki/TrueCrypt`
			`[2] http://lists.freedesktop.org/archives/distributions/2008-October/000276.html`
			`[3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034`
			`[4] https://bugs.edge.launchpad.net/ubuntu/+bug/109701`
			`[5] http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html`
			`[6] http://bugs.gentoo.org/show\_bug.cgi?id=241650`
			`[7] https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt`

			`*** How does it works`

			`Tomb generates 'key files' and protects them with a password choosen`
			`by the user; the key files are then used to encrypt loop-back mounted`
			`partitions, like single files containing a filesystem inside: this way`
			`keys can be separated from data for safer transports when`
			`required.`

			`** Downloads`

			`For licensing information see the [[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]]`

			`Below a list of formats you can download this application: ready to be`
			`run with some of the interfaces developed, as a library you can use to`
			`build your own application and as source code you can study.`

			`*** Code repository`

			`Latest stable release is 0.9 (25 January 2011) more about it in the`
			`[[ftp://ftp.dyne.org/tomb/NEWS][NEWS]] and [[ftp://ftp.dyne.org/tomb/ChangeLog][ChangeLog]]`

			`Source releases are checked and signed by [[http://jaromil.dyne.org][Jaromil]] using [[http://www.gnupg.org][GnuPG]].`

			`On [[ftp://ftp.dyne.org/tomb][ftp.dyne.org/tomb]] you find all present and past Tomb releases,`
			`source code for extra plugins and more binaries that we occasionally`
			`build for various architectures.`

			`The bleeding edge version is developed on our [[http://code.dyne.org][code repository]] using`
			`GIT, you can clone the repository free and anonymously`

			`<example>`
			`git clone git://code.dyne.org/tomb.git`
			`</example>`


			`** Development`


			`*** Stage of development`

			`Tomb is an evolution of the 'mknest' tool developed for the dyne:bolic`
			`GNU/Linux distribution, which is used by its 'nesting' mechanism to`
			`encrypt the Home directory of users.`

			`As such, it uses well tested and reviewed routines and its shell code`
			`is pretty readable. The name transition from 'mknest' to 'tomb' is`
			`marked by the adaptation of mknest to work on the Debian operating`
			`system, used by its author in the past 3 years.`

			`*** How can you help`

			`Code is pretty short and readable: start looking around it and the`
			`materials found in doc/ which are good pointers at security measures`
			`to be further implemented.`

			`Have a look in the TODO file to see what our plans are.`

			`At the moment we can use some good help in porting this tool on`
			`M$/Windows and Apple/OSX, still keeping the minimal approach we all`
			`love.`