twebpage updates - tomb - the crypto undertaker HTML git clone git://parazyd.org/tomb.git DIR Log DIR Files DIR Refs DIR README DIR LICENSE --- DIR commit f35bbb151516b17cfcefa54fd9bd5ebd8cbc8ccf DIR parent c352501a717d3d8fb1f2634d1359fc2e8b966a56 HTML Author: Jaromil <jaromil@dyne.org> Date: Wed, 9 Mar 2011 17:51:52 +0100 webpage updates Diffstat: A doc/web/views/images/foster_privac… | 0 M doc/web/views/index.muse | 127 ++++++++++++++++++++++--------- A doc/web/views/manual.man | 183 +++++++++++++++++++++++++++++++ 3 files changed, 273 insertions(+), 37 deletions(-) --- DIR diff --git a/doc/web/views/images/foster_privacy.png b/doc/web/views/images/foster_privacy.png Binary files differ. DIR diff --git a/doc/web/views/index.muse b/doc/web/views/index.muse t@@ -36,19 +36,108 @@ First of all the usual info you'd expect a software to provide: And more below, read on... +*** How does it works + +[[images/monmort.png]] + +Tombs are operated from a normal file browser or from the commandline. + +To open a tomb is sufficient to click on it, or use the command **tomb-open** + +When a tomb is open your panel will have a little icon in the tray +reminding you that a tomb is open, offering to explore it or close it. + +[[images/awesome-shot.png]] + +To make safety copies of your keys, tomb lets you "bury a key" inside +an image (using steganography techniques) and of course "exhume" +buried keys from pictures where they are hidden. Actually it is very +hard to guess when something is hidden inside a picture without +knowing the password used in steganography. + +See the [[manual.html][manpage]] for more information on how to operate Tomb from the +text terminal. +<example> +Tomb 1.0 - a strong and gentle undertaker for your secrets + +Syntax: tomb [options] command [file] [place] + +Commands: + + create create a new tomb FILE and its keys + open open an existing tomb FILE on PLACE + close closes the tomb open on PLACE + bury hide a tomb key FILE inside a jpeg PLACE + exhume extract a tomb key FILE from a jpeg PLACE + +Options: + + -s size of the tomb file when creating one (in MB) + -k path to the key to use for opening a tomb + -n don't process the hooks found in tomb + + -h print this help + -v version information for this tool + -q run quietly without printing informations + -D print debugging information at runtime + +For more informations on Tomb read the manual: man tomb +Please report bugs on <http://bugs.dyne.org>. +</example> + *** Who needs Tomb + Democracy requires Privacy as much as Freedom of Expression. + Our target community are desktop users with no time to click around, sometimes using old or borrowed computers, operating in places endangered by conflict where a leak of personal data can be a threat. -If you don't own a laptop then it's possible to go around with a USB +If you can't own a laptop then it's possible to go around with a USB stick and borrow computers, still leaving no trace and keeping your data safe during transports. Tomb aims to facilitate all this and to be interoperable across popular GNU/Linux operating systems. + +The internet offers plenty of free services, on the wave of the Web2.0 +fuzz and the community boom, while all private informations are hosted +on servers owned by global corporations and monopolies. + +It is important to keep in mind that no-one else better than *you* can +ensure the privacy of your personal data. Server hosted services and +web integrated technologies gather all data into huge information +pools that are made available to established economical and cultural +regimes. + + + +**This software urges you to reflect on the importance of your +privacy**. World is full of prevarication and political imprisonments, +war rages in several places and media is mainly used for propaganda by +the powers in charge. Some of us face the dangers of being tracked by +oppressors opposing our self definition, independent thinking and +resistance to omologation. + +<verse> + + "The distinction between what is public and what is private is + becoming more and more blurred with the increasing intrusiveness of + the media and advances in electronic technology. While this + distinction is always the outcome of continuous cultural + negotiation, it continues to be critical, for where nothing is + private, democracy becomes impossible." + +(from [[http://www.newschool.edu/centers/socres/privacy/Home.html][Privacy Conference, Social Research, New School University]]) +</verse> + + + + + *** Aren't there enough encryption tools already? +[[images/foster_privacy.png]] + We've felt the urgency of publishing Tomb for other operating systems than dyne:bolic since the current situation in personal desktop encryption is far from optimal. t@@ -82,42 +171,6 @@ customization we intend to: If you believe this is a worthy effort, you are welcome to [[http://dyne.org/donate][support it]]. - -*** How does it works - -[[images/monmort.png]] - -Tombs are operated from a normal file browser or from the commandline. - -To open a tomb is sufficient to click on it, or use the command **tomb-open** - -When a tomb is open your panel will have a little icon in the tray -reminding you that a tomb is open, offering to explore it or close it. - -[[images/awesome-shot.png]] - -See the [[manual][manpage]] for more information on how to operate Tomb from the -text terminal. -<example> - . version 0.9.2 (Feb/2011) by Jaromil @ dyne.org - . -[*] Syntax: tomb [options] command [file] [mountpoint] - . -[*] Commands: - . create create a new encrypted storage FILE and keys - . open open an existing tomb FILE on MOUNTPOINT - . close closes the tomb on MOUNTPOINT - . -[*] Options: - . -s size of the storage file when creating one (MB) - . -k path to the key to use for decryption - . - . -h print this help - . -v version information for this tool - . -q run quietly without printing information - . -D print debugging information while running -</example> - *** Where do we learn more from Here below some articles that are useful to understand Tomb more in DIR diff --git a/doc/web/views/manual.man b/doc/web/views/manual.man t@@ -0,0 +1,183 @@ +.TH tomb 1 "February 12, 2011" "tomb" + +.SH NAME +Tomb \- the Crypto Undertaker + +.SH SYNOPSIS +.B +.IP "tomb [options] command [arguments]" +.B +.IP "tomb-open [file]" +.B +.IP "tomb-status mountpoint" + +.SH DESCRIPTION + +Tomb is an application to manage the creation and access of encrypted +storage files: it can be operated from commandline and it can +integrate with a user's graphical desktop. + +Tomb generates encrypted storage files to be opened and closed using +their associated keys, which are also protected with a password chosen +by the user. To create, open and close tombs a user will need super +user rights to execute the tomb commandline utility. + +A tomb is like a locked folder that can be safely transported and +hidden in a filesystem; it encourages users to keep their keys +separate from tombs, for instance keeping a tomb file on your computer +harddisk and its key file on a USB stick. + +For simplified use, the command \fItomb-open\fR starts a wizard that +guides users in the creation of a new tomb or, if a tomb file is +specified as \fIargument\fR, it opens it and makes it accessible in a +default location under the /media folder, starting the status tray +applet (\fItomb-status\fR) if a desktop is present. + + +.SH COMMANDS + +.B +.IP "create" +Creates a new encrypted storage tomb and its key, named as specified +by the given \fIargument\fR. + +.B +.IP "open" +Opens an existing tomb file specified in the \fIfirst argument\fR. If +a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR +where the tomb should be made accessible, if not then the tomb is +mounted in a directory named after the filename and inside /media. + +.B +.IP "close" +Closes a currently open tomb. When \fIan argument\fR is specified, it +should point to the tomb mount on /dev/mapper; if not specified and +only one tomb is open then it will be closed; if multiple tombs are +open, the command will list them on the terminal. The special +\fIargument\fR 'all' will close all currently open tombs. + +.B +.IP "bury" +Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond +argument\fR) using steganography: the image will change in a way that +cannot be noticed by human eyes and the presence of the key inside it +isn't detectable without the right password. This option is useful to +backup tomb keys in unsuspected places; it uses steghide and the +serpent encryption algorithm. + +.B +.IP "exhume" +Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file +(\fIsecond argument\fR) known to be containing it, if the right password is +given. This is used to recoved buried keys from unsuspected places. + +.SH OPTIONS +.B +.B +.IP "-s \fI<MBytes>\fR" +When creating a tomb, this option must be used to specify the size of +the new \fIfile\fR to be created, in megabytes. +.B +.IP "-k \fI<keyfile>\fR" +When opening a tomb, this option can be used to specify the location +of the key to use. Keys are created with the same name of the tomb +file adding a '.gpg' suffix, but can be later renamed and transported +on other media. When a key is not found, the program asks to insert a +USB storage device and it will look for the key file inside it. +.B +.IP "-n" +Skip processing of post-hooks and bind-hooks if found inside the tomb. +See the \fIHOOKS\fR section in this manual for more information. +.B +.IP "-h" +Display a help text and quit +.B +.IP "-v" +Display version and quit +.B +.IP "-q" +Run more quietly +.IP "-D" +Print more information while running, for debugging purposes + +.SH HOOKS + +Hooks are special files that can be placed inside the tomb and trigger +actions when it is opened and closed; there are two kinds of such +files: \fIbind-hooks\fR and \fIpost-hooks\fR can be placed in the +base root of the tomb. + +.B +.IP "bind-hooks" +This hook file consists of a simple two column list of files or +directories inside the tomb to be made directly accessible inside the +current user's home directory. Tomb will use the "mount \-o bind" +command to bind locations inside the tomb to locations found in $HOME +so in the first column are indicated paths relative to the tomb and in +the second column are indicated paths relative to $HOME contents, for +example: + + mail mail + .gnupg .gnupg + .fmrc .fetchmailrc + .mozilla .mozilla + +.B +.IP "post-hooks" +This hook file gets executed as user by tomb right after opening it; +it can consist of a shell script of a binary executable that performs +batch operations every time a tomb is opened. + +.SH PRIVILEGE ESCALATION + +The tomb commandline tool needs to acquire super user rights to +execute most of its operations: to do so it uses sudo(8), while +pinentry(1) is adopted to collect passwords from the user. + +Tomb executes as super user only those commands requiring it, while it +executes desktop applications as processes owned by the user. + + +.SH BUGS +Please report bugs on the tracker at http://bugs.dyne.org + +Get in touch with developers via mail using this web page +http://dyne.org/contact or via chat on http://irc.dyne.org + +.SH AUTHORS + +Tomb is designed and written by Denis Roio aka Jaromil. + +Tomb's artwork is contributed by Jordi aka Mon Mort + +Testing and fixes are contributed by Dreamer and Hellekin O. Wolf + +Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth + +.SH COPYING + +This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR> + +Permission is granted to copy, distribute and/or modify this manual +under the terms of the GNU Free Documentation License, Version 1.1 or +any later version published by the Free Software Foundation. +Permission is granted to make and distribute verbatim copies of this +manual page provided the above copyright notice and this permission +notice are preserved on all copies. + +.SH AVAILABILITY + +The most recent version of Tomb sourcecode and up to date +documentation is available for download from its website on +\fIhttp://tomb.dyne.org\fR. + +.SH SEE ALSO + +.B +.IP cryptsetup(8) + +GnuPG website on http://www.gnupg.org + +DM-Crypt website on http://www.saout.de/misc/dm-crypt + +LUKS website, http://code.google.com/p/cryptsetup