Tomb/TODO.org

• Release 1.0
  • fix operation without DISPLAY (over SSH)
  • SLAM tomb and kill all applications using it
  • steganography to store tomb key
  • incremental backup system using bup
  • make one single status handle more tombs
  • decorate creation wizard with ASCII art
  • use a posix thread instead of fork for status close
  • use a config file to map bind mounts
  • desktop integration the freedesktop way
  • debian packaging with desktop integration
• Release 2.0
  • use inotify on tomb
  • udev rules to avoid usb automount of keyplug in gnome
  • sign and verify tomb script integrity (executed as root)
  • tomb locksmith for key management
  • system to split keys in parts (ssss)
  • transport keys and integrity checksums on qrcodes
  • analyse and show tomb entropy using libdisorder
  • indeep security analysis of possible vulnerabilities
  • more gtk dialogs for configurations? keep it minimal!

TODO and Roadmap for Tomb

you are welcome to send patches to jaromil@dyne.org

TODO Release 1.0   85%

[A] fix operation without DISPLAY (over SSH)   hellekin

TODO [A] SLAM tomb and kill all applications using it

using fuser(1) we can do that easily, but we should ask user confirmation.

now tomb-dialog or something like that would be useful it askpass and dialog might melt together into one binary later.

TODO [A] steganography to store tomb key

steghide can hide keys in JPG, BMP, WAV or AU files it also takes care of compressing end encrypting the key file so we don't necessarily need gpg… it has Serpent and AES256 (CBC)

[B] incremental backup system using bup   jaromil

tombs are modifed only where needed so file changes are local to the file segment where data is stored. i've tested this idea and it works! bup makes incremental backups using git as a backend, big up apenwarr :) on git://github.com/apenwarr/bup

TODO [C] make one single status handle more tombs

TODO [C] decorate creation wizard with ASCII art

DONE [A] use a posix thread instead of fork for status close   jaromil

DONE [A] use a config file to map bind mounts   jaromil

done as file 'bind-hooks' inside tom. also 'post-hooks' is executed as user in case symlinks are needed and so

using mount -o bind we can trigger actions to be made after mounting a tomb so that personal directories appear in the home folder.

DONE [A] desktop integration the freedesktop way   jaromil

DONE [B] debian packaging with desktop integration   jaromil

TODO Release 2.0   00%

100% backward compatible with tombs created with 1.0

[A] use inotify on tomb

inotify can also count when was the last time tomb was used and unmount it automatically after a timeout

[A] udev rules to avoid usb automount of keyplug in gnome

[A] sign and verify tomb script integrity (executed as root)

[B] tomb locksmith for key management

a graphical tool or text wizard to move keys in/out steganography as well split them

[B] system to split keys in parts (ssss)

[B] transport keys and integrity checksums on qrcodes

[B] analyse and show tomb entropy using libdisorder

[B] indeep security analysis of possible vulnerabilities

[C] more gtk dialogs for configurations? keep it minimal!