Tomb/doc/TODO.org

• Release 3.0
  • integrate the zenroom for custom crypto functions
  • study cryptsetup 2.0 and integrate it
  • support BtrFS and snapshots
  • modular encryption system support
  • udev rules to avoid usb automount of keyplug in gnome
  • sign and verify tomb script integrity
  • analyse and show tomb entropy using libdisorder
  • use inotify on tomb
  • system to split passwords in parts
  • make a graphical tomb undertaker (gnome-druid in glade?)
  • Notes from #CybRes
    • mlocall per swap )vecna) rompigli il caz su github
    • steganografia migliore con outguess? (vecna)
    • velocita' creazione : fallocate -l 10G (scuall8907@gm)
• Release 2.0
  • support for ZFS filesystem (revisioning, bitrot)
  • support for partition-based tombs
  • Internationalization using gettext
  • better tomb locksmith code for key management
  • backup keys on qrcodes
  • indeep security analysis of possible vulnerabilities
  • more gtk dialogs for configurations? keep it minimal!
• Release 1.0
  • make one single status handle more tombs
  • decorate creation wizard with ASCII art
  • remove gnome dependencies from tomb core
  • SLAM tomb and kill all applications using it
  • fix operation without DISPLAY (over SSH)
  • steganography to store tomb key
  • use a posix thread instead of fork for status close
  • use a config file to map bind mounts
  • desktop integration the freedesktop way
  • debian packaging with desktop integration
  • Avoid overwriting key on exhume on same filename
  • Should refuse opening a tomb that is already open
• Porting to MS/Windows
• Porting to Apple/OSX

TODO and Roadmap for Tomb

you are welcome to send patches to jaromil@dyne.org

Issue tracking is now handled via GitHub, see http://github.com/dyne/Tomb

Roadmap notes:

Release 3.0

[A] integrate the zenroom for custom crypto functions

https://decodeproject.github.io/lua-zenroom

[A] study cryptsetup 2.0 and integrate it

In particular kernel keystore functionalities

[A] support BtrFS and snapshots

[B] modular encryption system support

to go beyond dm-crypt/cryptsetup

ecryptfs, tc-play

needs tomb marks appended at end of tombs

[B] udev rules to avoid usb automount of keyplug in gnome

[B] sign and verify tomb script integrity

[B] analyse and show tomb entropy using libdisorder

[B] use inotify on tomb

inotify can also count when was the last time tomb was used and unmount it automatically after a timeout, see how much free space is left and warn when the space is almost finished

DONE [A] system to split passwords in parts

CLOSED: [2018-01-03 Wed 19:48]

solved with secrets.dyne.org

DONE [B] make a graphical tomb undertaker (gnome-druid in glade?)

CLOSED: [2018-01-03 Wed 19:49]

solved by gtomb and qtomb

Notes from #CybRes

mlocall per swap )vecna) rompigli il caz su github

steganografia migliore con outguess? (vecna)

velocita' creazione : fallocate -l 10G (scuall8907@gm)

DONE Release 2.0   100%

[A] support for ZFS filesystem (revisioning, bitrot)

[A] support for partition-based tombs

DONE [B] Internationalization using gettext

Started generating the strings, still need to figure out how to install it

DONE [B] better tomb locksmith code for key management

DONE [B] backup keys on qrcodes

DONE [B] indeep security analysis of possible vulnerabilities

[C] more gtk dialogs for configurations? keep it minimal!

DONE Release 1.0   100%

TODO [C] make one single status handle more tombs

TODO [C] decorate creation wizard with ASCII art

DONE [B] remove gnome dependencies from tomb core   jaromil

gksu is deeply connected to gnome in all its packages. actually libgksu2-dev is and that doesn't helps.

gksu binary is a very simple and dirty code, we should have tomb-ask to use the libgksu library for privilege escalation, but then this would add the dependency into C linking…

the solution is for now to detect if gksu is present, else fallback to sudo and provide it an interface to ask the password graphically via pinentry

DONE [B] SLAM tomb and kill all applications using it   anathema

using lsof and fuser(1) we can do that easily

we should ask user confirmation when closing a tomb if to slam

tomb-askpass will become tomb-ask managing such user interaction, using libassuan and pinentry from the gpg project.

DONE [B] fix operation without DISPLAY (over SSH)   hellekin

DONE [A] steganography to store tomb key   jaromil

steghide can hide keys in JPG, BMP, WAV or AU files it also takes care of compressing end encrypting the key file so we don't necessarily need gpg… it has Serpent and AES256 (CBC)

DONE [A] use a posix thread instead of fork for status close   jaromil

DONE [A] use a config file to map bind mounts   jaromil

done as file 'bind-hooks' inside tom. also 'post-hooks' is executed as user in case symlinks are needed and so

using mount -o bind we can trigger actions to be made after mounting a tomb so that personal directories appear in the home folder.

DONE [A] desktop integration the freedesktop way   jaromil

DONE [B] debian packaging with desktop integration   jaromil

DONE [A] Avoid overwriting key on exhume on same filename

DONE [A] Should refuse opening a tomb that is already open   jaromil

TODO Porting to MS/Windows

using FReeOTFE http://www.freeotfe.org

or at least make it compatible with http://www.sdean12.org/SecureTrayUtil.htm

TODO Porting to Apple/OSX

still to be investigated what's there that supports cryptsetup-luks volumes. hditool, tcplay…