3.0 KiB
- Release 1.0
- make one single status handle more tombs
- decorate creation wizard with ASCII art
- remove gnome dependencies from tomb core
- SLAM tomb and kill all applications using it
- fix operation without DISPLAY (over SSH)
- steganography to store tomb key
- use a posix thread instead of fork for status close
- use a config file to map bind mounts
- desktop integration the freedesktop way
- debian packaging with desktop integration
- Release 2.0
- use inotify on tomb
- udev rules to avoid usb automount of keyplug in gnome
- sign and verify tomb script integrity (executed as root)
- make a gnome tomb undertaker using gnome-druid in glade
- tomb locksmith for key management
- system to split keys in parts (ssss)
- transport keys and integrity checksums on qrcodes
- analyse and show tomb entropy using libdisorder
- indeep security analysis of possible vulnerabilities
- more gtk dialogs for configurations? keep it minimal!
- Porting to Win$loth
- Porting to Apple/OSX
TODO and Roadmap for Tomb
you are welcome to send patches to jaromil@dyne.org
Release 1.0 90%
TODO [C] make one single status handle more tombs
TODO [C] decorate creation wizard with ASCII art
DONE [B] remove gnome dependencies from tomb core jaromil
gksu is deeply connected to gnome in all its packages. actually libgksu2-dev is and that doesn't helps.
gksu binary is a very simple and dirty code, we should have tomb-ask to use the libgksu library for privilege escalation, but then this would add the dependency into C linking…
the solution is for now to detect if gksu is present, else fallback to sudo and provide it an interface to ask the password graphically via pinentry
DONE [B] SLAM tomb and kill all applications using it anathema
using lsof and fuser(1) we can do that easily
we should ask user confirmation when closing a tomb if to slam
tomb-askpass will become tomb-ask managing such user interaction, using libassuan and pinentry from the gpg project.
DONE [B] fix operation without DISPLAY (over SSH) hellekin
DONE [A] steganography to store tomb key jaromil
steghide can hide keys in JPG, BMP, WAV or AU files it also takes care of compressing end encrypting the key file so we don't necessarily need gpg… it has Serpent and AES256 (CBC)
DONE [A] use a posix thread instead of fork for status close jaromil
DONE [A] use a config file to map bind mounts jaromil
done as file 'bind-hooks' inside tom. also 'post-hooks' is executed as user in case symlinks are needed and so
using mount -o bind we can trigger actions to be made after mounting a tomb so that personal directories appear in the home folder.
DONE [A] desktop integration the freedesktop way jaromil
DONE [B] debian packaging with desktop integration jaromil
TODO Release 2.0 00%
100% backward compatible with tombs created with 1.0
[A] use inotify on tomb
inotify can also count when was the last time tomb was used and unmount it automatically after a timeout
[A] udev rules to avoid usb automount of keyplug in gnome
[A] sign and verify tomb script integrity (executed as root)
[B] make a gnome tomb undertaker using gnome-druid in glade
[B] tomb locksmith for key management
a graphical tool or text wizard to move keys in/out steganography as well split them
[B] system to split keys in parts (ssss)
[B] transport keys and integrity checksums on qrcodes
[B] analyse and show tomb entropy using libdisorder
[B] indeep security analysis of possible vulnerabilities
[C] more gtk dialogs for configurations? keep it minimal!
TODO Porting to Win$loth
using FReeOTFE http://www.freeotfe.org
or at least make it compatible with http://www.sdean12.org/SecureTrayUtil.htm
TODO Porting to Apple/OSX
still to be investigated what's there that supports cryptsetup-luks volumes