mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-12-23 18:48:59 +00:00
3fe53affc9
added links to github, crypto.is and our cheerful picture after the hackmeeting tomb seminar
331 lines
12 KiB
Plaintext
331 lines
12 KiB
Plaintext
#title Tomb - The Crypto Undertaker
|
|
#author Jaromil
|
|
|
|
<contents>
|
|
|
|
* Tomb - Crypto Undertaker
|
|
|
|
<class name="logo">
|
|
[[images/tomb_n_bats.png]]
|
|
</class>
|
|
|
|
Tomb is a simple tool to manage **encrypted storage** on GNU/Linux, from
|
|
the *hashes* of the [[http://dynebolic.org][dyne:bolic]] nesting mechanism.
|
|
|
|
Tomb aims to be an **100% free** and open source system for easy
|
|
encryption and backup of personal files, written in code that is easy
|
|
to review and links commonly shared components.
|
|
|
|
Tomb generates encrypted storage files to be opened and closed using
|
|
their associated keyfiles, which are also protected with a password
|
|
chosen by the user.
|
|
|
|
A tomb is like a locked folder that can be safely transported and
|
|
hidden in a filesystem; its keys can be kept separate, for instance
|
|
keeping the tomb file on your computer harddisk and the key files on a
|
|
USB stick.
|
|
|
|
** Documentation
|
|
|
|
"*All I know is what the words know, and dead things, and that makes
|
|
a handsome little sum, with a beginning and a middle and an end, as
|
|
in the well-built phrase and the long sonata of the dead.*"
|
|
Samuel Beckett
|
|
|
|
First of all the usual info you'd expect a software to provide:
|
|
|
|
- [[README]]
|
|
- [[ChangeLog]]
|
|
- [[TODO]]
|
|
- [[AUTHORS]]
|
|
|
|
And more below, read on...
|
|
|
|
*** How does it works
|
|
|
|
[[images/monmort.png]]
|
|
|
|
Tombs are operated from a normal file browser or from the commandline.
|
|
|
|
To open a tomb is sufficient to click on it, or use the command **tomb-open**
|
|
|
|
When a tomb is open your panel will have a little icon in the tray
|
|
reminding you that a tomb is open, offering to explore it or close it.
|
|
|
|
|
|
To make safety copies of your keys, tomb lets you "bury a key" inside
|
|
an image (using steganography techniques) and of course "exhume"
|
|
buried keys from pictures where they are hidden. Actually it is very
|
|
hard to guess when something is hidden inside a picture without
|
|
knowing the password used in steganography.
|
|
|
|
[[images/awesome-shot.png]]
|
|
|
|
See the [[manual.html][manpage]] for more information on how to operate Tomb from the
|
|
text terminal.
|
|
<example>
|
|
Tomb 1.1 - a strong and gentle undertaker for your secrets
|
|
|
|
Syntax: tomb [options] command [file] [place]
|
|
|
|
Commands:
|
|
|
|
create create a new tomb FILE and its keys
|
|
open open an existing tomb FILE on PLACE
|
|
list list all open tombs or the one called FILE
|
|
close close the open tomb called FILE (or all)
|
|
slam close tomb FILE and kill all pids using it
|
|
|
|
Options:
|
|
|
|
-s size of the tomb file when creating one (in MB)
|
|
-k path to the key to use for opening a tomb
|
|
-n don't process the hooks found in tomb
|
|
-o mount options used to open (default: rw,noatime,nodev)
|
|
|
|
-h print this help
|
|
-v version information for this tool
|
|
-q run quietly without printing informations
|
|
-D print debugging information at runtime
|
|
</example>
|
|
|
|
|
|
**** More sources of information
|
|
|
|
Tomb's documentation is being actively written as we speak, you will
|
|
find some more informations about it on the wiki found on
|
|
[[http://github.com/dyne/Tomb][github.com/dyne/Tomb]] as well on the one on [[http://crypto.is][crypto.is]].
|
|
|
|
|
|
*** Who needs Tomb
|
|
|
|
"*Democracy requires Privacy as much as Freedom of Expression.*" Anonymous
|
|
|
|
Our target community are desktop users with no time to click around,
|
|
sometimes using old or borrowed computers, operating in places
|
|
endangered by conflict where a leak of personal data can be a threat.
|
|
|
|
If you can't own a laptop then it's possible to go around with a USB
|
|
stick and borrow computers, still leaving no trace and keeping your
|
|
data safe during transports. Tomb aims to facilitate all this and to
|
|
be interoperable across popular GNU/Linux operating systems.
|
|
|
|
|
|
The internet offers plenty of free services, on the wave of the Web2.0
|
|
fuzz and the community boom, while all private informations are hosted
|
|
on servers owned by global corporations and monopolies.
|
|
|
|
It is important to keep in mind that no-one else better than *you* can
|
|
ensure the privacy of your personal data. Server hosted services and
|
|
web integrated technologies gather all data into huge information
|
|
pools that are made available to established economical and cultural
|
|
regimes.
|
|
|
|
|
|
|
|
**This software urges you to reflect on the importance of your
|
|
privacy**. World is full of prevarication and political imprisonments,
|
|
war rages in several places and media is mainly used for propaganda by
|
|
the powers in charge. Some of us face the dangers of being tracked by
|
|
oppressors opposing our self definition, independent thinking and
|
|
resistance to omologation.
|
|
|
|
<verse>
|
|
|
|
"The distinction between what is public and what is private is
|
|
becoming more and more blurred with the increasing intrusiveness of
|
|
the media and advances in electronic technology. While this
|
|
distinction is always the outcome of continuous cultural
|
|
negotiation, it continues to be critical, for where nothing is
|
|
private, democracy becomes impossible."
|
|
|
|
(from [[http://www.newschool.edu/centers/socres/privacy/Home.html][Privacy Conference, Social Research, New School University]])
|
|
</verse>
|
|
|
|
|
|
|
|
|
|
|
|
*** Aren't there enough encryption tools already?
|
|
|
|
[[images/foster_privacy.png]]
|
|
|
|
We've felt the urgency of publishing Tomb for other operating systems
|
|
than dyne:bolic since the current situation in personal desktop
|
|
encryption is far from optimal.
|
|
|
|
[[http://en.wikipedia.org/wiki/TrueCrypt][TrueCrypt]] makes use of statically linked libraries so that its code is
|
|
hard to audit, plus is [[http://lists.freedesktop.org/archives/distributions/2008-October/000276.html][not considered free]] by free operating system
|
|
distributors because of liability reasons, see [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034][Debian]], [[https://bugs.edge.launchpad.net/ubuntu/+bug/109701][Ubuntu]], [[http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html][Suse]],
|
|
[[http://bugs.gentoo.org/show_bug.cgi?id=241650][Gentoo]] and [[https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt][Fedora]].
|
|
|
|
[[http://tom.noflag.org.uk/cryptkeeper.html][Cryptkeeper]] is the best alternative to Tomb out there and its main
|
|
advantage consists in not needing root access on the machine it's
|
|
being used. But Cryptkeeper still has drawbacks: it uses [[http://www.arg0.net/encfs][EncFS]] which
|
|
implements weaker encryption than dm-crypt and it doesn't promotes the
|
|
separated storage of keys.
|
|
|
|
At last, the [[https://we.riseup.net/debian/automatically-mount-encrypted-home][Encrypted home]] mechanisms on operating systems as Debian
|
|
and Ubuntu adopt encryption algorithms as strong as Tomb does, but
|
|
they need to be configured when the machine is installed, they cannot
|
|
be easily transported and again they don't promote separated storage
|
|
of keys.
|
|
|
|
With Tomb we try to overcome all these limitations providing strong
|
|
encryption, encouraging users to separate keys from data and letting
|
|
them transport tombs around easily. Also to facilitate auditing and
|
|
customization we intend to:
|
|
|
|
- write short and readable code, linking shared libs
|
|
- provide easy to use graphical interfaces and desktop integration
|
|
- keep the development process open and distributed using GIT
|
|
- distribute Tomb under the GNU General Public License v3
|
|
|
|
If you believe this is a worthy effort, you are welcome to [[http://dyne.org/donate][support it]].
|
|
|
|
*** Where do we learn more from
|
|
|
|
Here below some articles that are useful to understand Tomb more in
|
|
detail and to get in touch with the difficult job of a Crypto
|
|
Undertaker:
|
|
|
|
- [[TKS1-draft.pdf][TKS1 - An anti-forensic, two level, and iterated key setup scheme]]
|
|
- [[New_methods_in_HD_encryption.pdf][New Methods in Hard Disk Encryption]]
|
|
- [[Luks_on_disk_format.pdf][LUKS On-Disk Format Specification]]
|
|
- [[LinuxHDEncSettings.txt][Linux hard disk encryption settings]]
|
|
|
|
|
|
** Downloads
|
|
|
|
For licensing information see the [[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]]
|
|
|
|
Below a list of formats you can download this application: ready to be
|
|
run with some of the interfaces developed, as a library you can use to
|
|
build your own application and as source code you can study.
|
|
|
|
|
|
*** Debian and Ubuntu GNU/Linux
|
|
|
|
Visit our brand new [[http://apt.dyne.org][APT.dyne.org]] repository, there you can tune into
|
|
our software channel via an easy to use installer, so you can always
|
|
stay up to date with our **freshly brewed software, from the upstream
|
|
tap!**
|
|
|
|
|
|
|
|
*** Arch GNU/Linux and derivatives
|
|
|
|
Tomb is [[https://aur.archlinux.org/packages.php?ID=48257][packaged in AUR]], check it out !
|
|
|
|
|
|
*** Source Code
|
|
|
|
Latest stable release is 1.1 (May 2011), see the [[ftp://ftp.dyne.org/tomb/ChangeLog][ChangeLog]].
|
|
|
|
Source releases are signed by [[http://jaromil.dyne.org][Jaromil]] using [[http://www.gnupg.org][GnuPG]] and MD5 hashes.
|
|
|
|
On [[http://ftp.dyne.org/tomb][ftp.dyne.org/tomb]] you can find all present and past Tomb releases,
|
|
plus binaries that are occasionally built for various architectures.
|
|
|
|
The bleeding edge version is developed on [[http://github.com/dyne/Tomb][GitHub/dyne/Tomb]]: you can
|
|
clone the repository free and anonymously, as well contribute to
|
|
development interacting with us via GitHub (fork, code and then
|
|
request a pull).
|
|
|
|
To compile fresh code out of Git you first have to generate the
|
|
auto-tools build environment giving the command:
|
|
|
|
<example>
|
|
autoreconf -i
|
|
</example>
|
|
|
|
and then you can proceed with the usual configure && make mantra, may
|
|
the source be with you.
|
|
|
|
|
|
*** App1e/O$X
|
|
|
|
There are several possibilities of porting Tomb to run on those
|
|
expensive and fancy-schmancy toys.
|
|
|
|
A good plan can be that of using TrueCrypt's version of cryptsetup
|
|
which seems to be already ported for the purpose, with a bit of
|
|
desktop integration and shell scripting it should be all set,
|
|
[[http://dyne.org/contact][let us know]] if you like to join our team on this task.
|
|
|
|
|
|
*** Win$loth
|
|
|
|
There are rumored plans to port Tomb on Win or at least make it
|
|
possible to open tomb files under Win: this could be possible
|
|
especially using [[http://www.freeotfe.org][FReeOTFE]] or adding compatibility in [[http://www.sdean12.org/SecureTrayUtil.htm][SecureTrayUtil]]
|
|
and contributions are welcome in those directions.
|
|
|
|
However we strongly **encourage people in need of strong encryption to
|
|
not use Winslows**, or at least to not generate encrypted partitions
|
|
with it, since it can contain backdoors in the random number
|
|
generation, as pointed by Bruce Schneier and Niels Ferguson in this
|
|
[[http://www.schneier.com/essay-198.html][short essay about the Dual_EC_DRBG]].
|
|
|
|
|
|
** Development
|
|
|
|
|
|
*** Stage of development
|
|
|
|
Tomb is an evolution of the 'mknest' tool developed for the [[http://dynebolic.org][dyne:bolic]]
|
|
GNU/Linux distribution, which is used by its 'nesting' mechanism to
|
|
encrypt the Home directory of users.
|
|
|
|
As such, it uses well tested and reviewed routines and its shell code
|
|
is pretty readable. The name transition from 'mknest' to 'tomb' is
|
|
marked by the adaptation of mknest to work on Debian based operating
|
|
systems.
|
|
|
|
At present time Tomb is easy to install and use, it mainly consists of
|
|
a Shell script and some auxiliary C code for desktop integration
|
|
(GTK), making use of GNU tools and the cryptographic API of the Linux
|
|
kernel.
|
|
|
|
*** People involved
|
|
|
|
[[images/tomb_crew_hkm11.jpg]]
|
|
|
|
Tomb is designed and written by [[http://jaromil.dyne.org][Jaromil]].
|
|
|
|
Tomb's artwork is contributed by [[http://monmort.blogspot.com][Món Mort]].
|
|
|
|
Tomb includes code by Hellekin O. Wolf and Anathema.
|
|
|
|
Testing and fixes are contributed by Dreamer, Shining, Mancausoft,
|
|
Asbesto and Boyska.
|
|
|
|
Most research we refer to is documented by Clemens Fruhwirth who also
|
|
developed Cryptsetup together with Christophe Saout.
|
|
|
|
Here below a cheerful picture of Tomb's developers meeting at the
|
|
[[http://http://hackmeeting.org][hackmeeting]] 2011 in Firenze...
|
|
|
|
|
|
*** How can you help
|
|
|
|
Code is pretty short and readable: start looking around it and the
|
|
materials found in doc/ which are good pointers at security measures
|
|
to be further implemented.
|
|
|
|
Have a look in the TODO file to see what our plans are.
|
|
|
|
At the moment we can use some good help in porting this tool on
|
|
M$/Windows and Apple/OSX, still keeping the minimal approach we all
|
|
love: write short code and make it readable.
|
|
|
|
Please report any issue you encounter on [[http://github.com/dyne/Tomb][github.com/dyne/Tomb]]
|
|
|
|
|
|
Get in touch with developers via mail using this web page
|
|
[[http://dyne.org/contact][dyne.org/contact]] or via chat on [[http://irc.dyne.org][irc.dyne.org]] channel #tomb
|
|
|
|
We do have a mailinglist too, but its in Italian language, just
|
|
contact us if you like to subscribe.
|
|
|