Tomb/doc/web/views/index.muse

#title Tomb - The Crypto Undertaker
#author Jaromil

<contents>

* Tomb - Crypto Undertaker

<class name="logo">
[[images/tomb_n_bats.png]]
</class>

Tomb is a simple tool to manage **encrypted storage** on GNU/Linux, from
the *hashes* of the [[http://dynebolic.org][dyne:bolic]] nesting mechanism.

Tomb aims to be an **100% free** and open source system for easy
encryption and backup of personal files, written in code that is easy
to review and links commonly shared components.

Tomb generates encrypted storage files to be opened and closed using
their associated keyfiles, which are also protected with a password
chosen by the user.

A tomb  is like  a locked  folder that can  be safely  transported and
hidden in  a filesystem; its keys  can be kept  separate, for instance
keeping the tomb file on your computer harddisk and the key files on a
USB stick.

** Documentation 

  "*All I know is what the words know, and dead things, and that makes
  a handsome little sum, with a beginning and a middle and an end, as
  in the well-built phrase and the long sonata of the dead.*"
  Samuel Beckett

First of all the usual info you'd expect a software to provide: 

 - [[README]]
 - [[ChangeLog]]
 - [[TODO]]
 - [[AUTHORS]]

And more below, read on...

*** How does it works

[[images/monmort.png]]

Tombs are operated from a normal file browser or from the commandline.

To open a tomb is sufficient to click on it, or use the command **tomb-open**

When a tomb is open your panel will have a little icon in the tray
reminding you that a tomb is open, offering to explore it or close it.


To make safety copies of your keys, tomb lets you "bury a key" inside
an image (using steganography techniques) and of course "exhume"
buried keys from pictures where they are hidden. Actually it is very
hard to guess when something is hidden inside a picture without
knowing the password used in steganography.

[[images/awesome-shot.png]]

See the [[manual.html][manpage]] for more information on how to operate Tomb from the
text terminal.
<example>
Tomb 1.0 - a strong and gentle undertaker for your secrets

Syntax: tomb [options] command [file] [place]

Commands:

 create     create a new tomb FILE and its keys
 open       open an existing tomb FILE on PLACE
 close      closes the tomb open on PLACE
 bury       hide a tomb key FILE inside a jpeg PLACE
 exhume     extract a tomb key FILE from a jpeg PLACE

Options:

 -s     size of the tomb file when creating one (in MB)
 -k     path to the key to use for opening a tomb
 -n     don't process the hooks found in tomb

 -h     print this help
 -v     version information for this tool
 -q     run quietly without printing informations
 -D     print debugging information at runtime

For more informations on Tomb read the manual: man tomb
Please report bugs on <http://bugs.dyne.org>.
</example>

*** Who needs Tomb

 "*Democracy requires Privacy as much as Freedom of Expression.*" Anonymous

Our target community are desktop users with no time to click around,
sometimes using old or borrowed computers, operating in places
endangered by conflict where a leak of personal data can be a threat.

If you can't own a laptop then it's possible to go around with a USB
stick and borrow computers, still leaving no trace and keeping your
data safe during transports. Tomb aims to facilitate all this and to
be interoperable across popular GNU/Linux operating systems.


The internet offers plenty of free services, on the wave of the Web2.0
fuzz and the community boom, while all private informations are hosted
on servers owned by global corporations and monopolies.

It is important to keep in mind that no-one else better than *you* can
ensure the privacy of your personal data.  Server hosted services and
web integrated technologies gather all data into huge information
pools that are made available to established economical and cultural
regimes.



**This software urges you to reflect on the importance of your
privacy**. World is full of prevarication and political imprisonments,
war rages in several places and media is mainly used for propaganda by
the powers in charge. Some of us face the dangers of being tracked by
oppressors opposing our self definition, independent thinking and
resistance to omologation.

<verse>

  "The  distinction between  what is  public  and what  is private  is
   becoming more and more blurred with the increasing intrusiveness of
   the  media  and  advances  in electronic  technology.   While  this
   distinction   is  always   the  outcome   of   continuous  cultural
   negotiation,  it continues  to be  critical, for  where  nothing is
   private, democracy becomes impossible."

(from [[http://www.newschool.edu/centers/socres/privacy/Home.html][Privacy Conference, Social Research, New School University]])
</verse>





*** Aren't there enough encryption tools already?

[[images/foster_privacy.png]]

We've felt the urgency of publishing Tomb for other operating systems
than dyne:bolic since the current situation in personal desktop
encryption is far from optimal.

[[http://en.wikipedia.org/wiki/TrueCrypt][TrueCrypt]] makes use of statically linked libraries so that its code is
hard to audit, plus is [[http://lists.freedesktop.org/archives/distributions/2008-October/000276.html][not considered free]] by free operating system
distributors because of liability reasons, see [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034][Debian]], [[https://bugs.edge.launchpad.net/ubuntu/+bug/109701][Ubuntu]], [[http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html][Suse]],
[[http://bugs.gentoo.org/show_bug.cgi?id=241650][Gentoo]] and [[https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt][Fedora]].

[[http://tom.noflag.org.uk/cryptkeeper.html][Cryptkeeper]] is the best alternative to Tomb out there and its main
advantage consists in not needing root access on the machine it's
being used. But Cryptkeeper still has drawbacks: it uses [[http://www.arg0.net/encfs][EncFS]] which
implements weaker encryption than dm-crypt and it doesn't promotes the
separated storage of keys.

At last, the [[https://we.riseup.net/debian/automatically-mount-encrypted-home][Encrypted home]] mechanisms on operating systems as Debian
and Ubuntu adopt encryption algorithms as strong as Tomb does, but
they need to be configured when the machine is installed, they cannot
be easily transported and again they don't promote separated storage
of keys.

With Tomb we try to overcome all these limitations providing strong
encryption, encouraging users to separate keys from data and letting
them transport tombs around easily. Also to facilitate auditing and
customization we intend to:
 
 - write short and readable code, linking shared libs
 - provide easy to use graphical interfaces and desktop integration
 - keep the development process open and distributed using GIT
 - distribute Tomb under the GNU General Public License v3

If you believe this is a worthy effort, you are welcome to [[http://dyne.org/donate][support it]].

*** Where do  we learn more from

Here below some articles that are useful to understand Tomb more in
detail and to get in touch with the difficult job of a Crypto
Undertaker:

 - [[TKS1-draft.pdf][TKS1 - An anti-forensic, two level, and iterated key setup scheme]]
 - [[New_methods_in_HD_encryption.pdf][New Methods in Hard Disk Encryption]]
 - [[Luks_on_disk_format.pdf][LUKS On-Disk Format Specification]]
 - [[LinuxHDEncSettings.txt][Linux hard disk encryption settings]]


** Downloads

For licensing information see the [[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]]

Below a list of formats you can download this application: ready to be
run with some of the interfaces developed, as a library you can use to
build your own application and as source code you can study.

*** Source Code

Latest stable release is 1.0 (March 2011), see the [[ftp://ftp.dyne.org/tomb/ChangeLog][ChangeLog]].

Source releases are signed by [[http://jaromil.dyne.org][Jaromil]] using [[http://www.gnupg.org][GnuPG]] and MD5 hashes.

On [[http://ftp.dyne.org/tomb][ftp.dyne.org/tomb]] you can find all present and past Tomb releases,
plus binaries that are occasionally built for various architectures.

The bleeding edge version is developed on our [[http://code.dyne.org][code repository]] using
**GIT**, you can clone the repository free and anonymously

<example>
       git clone git://code.dyne.org/tomb.git
</example>

To compile the git master repository you first have to generate the
auto-tools build environment giving the command:

<example>
       autoreconf -i
</example>

and then you can proceed with the usual configure && make mantra, may
the source be with you.

*** Debian GNU/Linux

To install the tomb and tomb-gtk package using apt, add this line to
your software sources (/etc/apt/source/list)

<example>
 deb http://apt.dyne.org/debian stable main
</example>


*** Ubuntu GNU/Linux

If you use Lucid (10.04) add to your software sources this PPA

<example>
 ppa:jaromil/rastasoft
</example>

else if you are using Maverick or other older versions, you can still
try to install the packages, as they should work well, by adding these
two sources to /etc/apt/source.list

<example>
deb http://ppa.launchpad.net/jaromil/rastasoft/ubuntu lucid main
deb-src http://ppa.launchpad.net/jaromil/rastasoft/ubuntu lucid main
</example>

Don't forget to add the necessary gnupg key of our repository:

<example>
gpg --keyserver pgpkeys.mit.edu --recv-key 51A68D7A75FB7217
gpg -a --export 51A68D7A75FB7217 | sudo apt-key add -
</example>


*** App1e/O$X

There are several possibilities of porting Tomb to run on those
expensive and fancy-schmancy toys.

A good plan can be that of using TrueCrypt's version of cryptsetup
which seems to be already ported for the purpose, with a bit of
desktop integration and shell scripting it should be all set,
[[http://dyne.org/contact][let us know]] if you like to join our team on this task.


*** Win$loth

There are rumored plans to port Tomb on Win or at least make it
possible to open tomb files under Win: this could be possible
especially using [[http://www.freeotfe.org][FReeOTFE]] or adding compatibility in [[http://www.sdean12.org/SecureTrayUtil.htm][SecureTrayUtil]]
and contributions are welcome in those directions.

However we strongly **encourage people in need of strong encryption to
not use Winslows**, or at least to not generate encrypted partitions
with it, since it can contain backdoors in the random number
generation, as pointed by Bruce Schneier and Niels Ferguson in this
[[http://www.schneier.com/essay-198.html][short essay about the Dual_EC_DRBG]].


** Development


*** Stage of development

Tomb is an evolution of the 'mknest' tool developed for the [[http://dynebolic.org][dyne:bolic]]
GNU/Linux distribution, which is used by its 'nesting' mechanism to
encrypt the Home directory of users.

As such, it uses well tested and reviewed routines and its shell code
is pretty readable. The name transition from 'mknest' to 'tomb' is
marked by the adaptation of mknest to work on Debian based operating
systems.

At present time Tomb is easy to install and use, it mainly consists of
a Shell script and some auxiliary C code for desktop integration
(GTK), making use of GNU tools and the cryptographic API of the Linux
kernel.

*** People involved

Tomb is designed and written by [[http://jaromil.dyne.org][Jaromil]].

Tomb's artwork is contributed by [[http://monmort.blogspot.com][Món Mort]].

Testing and fixes are contributed by Dreamer, Hellekin O. Wolf,
Shining, Mancausoft and Asbesto.

Most research we refer to is documented by Clemens Fruhwirth who also
developed Cryptsetup together with Christophe Saout.

*** How can you help

Code is pretty short and readable: start looking around it and the
materials found in doc/ which are good pointers at security measures
to be further implemented.

Have a look in the TODO file to see what our plans are.

At the moment we can use some good help in porting this tool on
M$/Windows and Apple/OSX, still keeping the minimal approach we all
love.

Please report bugs on the tracker at http://bugs.dyne.org

Get in touch with developers via mail using this web page
http://dyne.org/contact or via chat on http://irc.dyne.org