mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-29 16:24:07 +00:00
Merge pull request #143 from myqlarson/patch-1
Reviewed README.md for proper English
This commit is contained in:
commit
22945a78ce
42
README.md
42
README.md
@ -21,45 +21,45 @@ Updates on website: http://dyne.org/software/tomb
|
||||
Get the stable .tar.gz signed release for production use!
|
||||
Download it from https://files.dyne.org/tomb
|
||||
|
||||
# What is Tomb, the crypto undertaker
|
||||
# What is Tomb, the crypto undertaker?
|
||||
|
||||
Tomb aims to be a free and open source system for easy encryption and
|
||||
backup of personal files, written in code that is easy to review and
|
||||
links shared GNU/Linux components.
|
||||
|
||||
At present time, Tomb consists of a simple shell script (Zsh) using
|
||||
At present, Tomb consists of a simple shell script (Zsh) using
|
||||
standard filesystem tools (GNU) and the cryptographic API of the Linux
|
||||
kernel (cryptsetup and LUKS). Tomb can also produce machine parsable
|
||||
output to facilitate its use inside graphical applications.
|
||||
|
||||
# How does it works
|
||||
# How does it work?
|
||||
|
||||
For the instructions on how to get started using Tomb, see [INSTALL](INSTALL.md).
|
||||
|
||||
This tool can be used to dig .tomb files (Luks volumes), forge keys
|
||||
This tool can be used to dig .tomb files (LUKS volumes), forge keys
|
||||
protected by a password (GnuPG symmetric encryption) and use the keys
|
||||
to lock the tombs. Tombs are like single files whose contents are
|
||||
unaccessible in absence of the key they were locked with and its
|
||||
inaccessible in the absence of the key they were locked with and its
|
||||
password.
|
||||
|
||||
Once open the tombs are just like normal folders and can contain
|
||||
Once open, the tombs are just like normal folders and can contain
|
||||
different files, plus they offer advanced functionalities like bind
|
||||
and execution hooks and fast search, or they can be slammed close even
|
||||
if busy. Keys can be stored on separate media like USB sticks, NFC or
|
||||
if busy. Keys can be stored on separate media like USB sticks, NFC, or
|
||||
bluetooth devices to make the transport of data safer: one always
|
||||
needs both the tomb and the key, plus its password, to access it.
|
||||
|
||||
The tomb script takes care of several details to improve the security
|
||||
of tombs in every day usage: adopting pinentry for passwords,
|
||||
of tombs in everyday usage: adopting PIN entry for passwords,
|
||||
facilitating the storage of backup keys using image steganography,
|
||||
listing open tombs and selectively closing them, warning the user
|
||||
about their size and last time they were used, etc.
|
||||
|
||||
# How secure is this?
|
||||
|
||||
Death is the only sure thing in life. Said that, Tomb is a pretty
|
||||
secure tool especially because it keeps minimal, its source is always
|
||||
open and its code is easy to review with a bit of shell script
|
||||
Death is the only sure thing in life. That said, Tomb is a pretty
|
||||
secure tool especially because it is kept minimal, its source is always
|
||||
open, and its code is easy to review with a bit of shell script
|
||||
knowledge.
|
||||
|
||||
All encryption tools being used in Tomb are included as default in
|
||||
@ -76,13 +76,13 @@ Tomb is an evolution of the 'mknest' tool developed for the dyne:bolic
|
||||
GNU/Linux distribution, which is used by its 'nesting' mechanism to
|
||||
encrypt the Home directory of users, a system implemented already in
|
||||
2001. Since then, the same shell routines kept being maintained and in
|
||||
2007 they were adapted to work on various other GNU/Linux distributions.
|
||||
2007, they were adapted to work on various other GNU/Linux distributions.
|
||||
|
||||
As of today, Tomb is a well stable tool also used in mission critical
|
||||
situations by a number of activists in endangered zones. It has been
|
||||
As of today, Tomb is a very stable tool also used in mission critical
|
||||
situations by a number of activists in dangerous zones. It has been
|
||||
reviewed by forensics analysts and it can be considered to be safe for
|
||||
military grade use, where the integrity of informations stored depend
|
||||
from the user's behaviour and the strenght of a standard AES-256
|
||||
military grade use where the integrity of information stored depends on
|
||||
the user's behaviour and the strength of a standard AES-256
|
||||
(XTS plain) encryption algorithm.
|
||||
|
||||
# Use stable releases in production
|
||||
@ -90,12 +90,12 @@ from the user's behaviour and the strenght of a standard AES-256
|
||||
Anyone planning to use Tomb to store and access secrets should not use
|
||||
the latest development version in Git, but use instead the .tar.gz
|
||||
release on https://files.dyne.org/tomb . The stable version will
|
||||
always insure backward compatibility with older tombs: we make sure it
|
||||
always ensure backward compatibility with older tombs: we make sure it
|
||||
creates sane tombs and keys by running various tests before releasing
|
||||
it. The development version in Git might introduce sudden bugs and is
|
||||
not granted to produce backward or forward compatible tombs and keys.
|
||||
not guaranteed to produce backward- or forward-compatible tombs and keys.
|
||||
Only developers and testers should use the Git version to report bugs,
|
||||
test new features and develop patches.
|
||||
test new features, and develop patches.
|
||||
|
||||
So be warned: do not use the latest Git version in production
|
||||
environments, but use a stable release versioned and packed as
|
||||
@ -109,8 +109,8 @@ Translations are also needed: they can be contributed via this website
|
||||
https://poeditor.com/join/project?hash=33bdefea2e46b26f512a0caae55fbbb5
|
||||
or simply sending the .po file. Start from `extras/po/tomb.pot`.
|
||||
|
||||
Code is pretty short and readable: start looking around it and the
|
||||
materials found in doc/ which are good pointers at security measures
|
||||
The code is pretty short and readable: start looking around and the
|
||||
materials found in `doc/` which are good pointers at security measures
|
||||
to be further implemented.
|
||||
|
||||
For the bleeding edge visit https://github.com/dyne/Tomb
|
||||
|
Loading…
Reference in New Issue
Block a user