parazyd.org/1/git/tomb/file/ChangeLog.md.gph

  URI:

tChangeLog.md - tomb - the crypto undertaker
HTML git clone git://parazyd.org/tomb.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
tChangeLog.md (8937B)
---
1 # Tomb ChangeLog
2
3 ## 2.4
4 ### April 2017
5
6 This release introduces a major new feature with support for
7 asymmetric encryption of Tomb keys using public/private GPG key
8 pairs. It is now possible to protect a Tomb key using a GPG key (which
9 can also be password-less for automations) as well encrypt a Tomb key
10 for multiple recipients (list of GPG ids). Other improvements include:
11 a fix to the 'slam' command with better detection of running programs
12 using 'lsof' (new optional dependency); a fix to 'forge' key creation
13 to really use 512 bits long keys to really trigger usage of AES256;
14 correct support for opening tombs in read-only mode; update of the
15 Tomber python wrapper in extras. Documentation has been updated.
16
17 ## 2.3
18 ### January 2017
19
20 Fix to bug occurring when using ZSh version 5.3 or higher. Fix to
21 inclusion of final newline in keys generated with 2.2, only affecting
22 third-party software. Removed chmod/chown of tombs when open. Enhanced
23 continuous integration script with regression tests with usage of old
24 stable versions of Tomb and shellcheck linting. Improved parser and
25 post-hooks to avoid usage of external binaries (grep and cat) also
26 improving security when decrypting keys. Fix for clean execution via
27 sudo nopasswd. Updated extras/gtomb to latest stable version. Various
28 documentation updatesabout kdf, using images as keys, deniability and
29 gpg-agent usage. New experimental port to Android platforms in extras.
30
31 ## 2.2
32 ### December 2015
33
34 New Qt5 desktop tray in extras/qt-tray.
35 New Zenity based Gtk interface in extras/gtomb (experimental).
36 Better resizing procedure recovers from failure without starting over
37 with a new dig. Fixes for correct handling of bind-hooks mountpoints
38 containing whitespaces, implying a refactoring of how the mtab is
39 parsed, along with workaround for Debian bugs. Updated all strings to
40 report MiB sizes. Fix to correctly show last time opened. Fix to EUID
41 detection and to installed manpage permissions.
42
43 ## 2.1.1
44 ### August 2015
45
46 Added translations to Italian and Swedish.
47 Minor documentation updates.
48
49
50 ## 2.1
51 ### July 2015
52
53 All users updating should close their tombs first, then update and
54 reopen them with this new version. However, lacking to do so will not
55 cause any data loss, just an unclean umount of tombs.
56
57 This new stable release including several bugfixes to smooth the user
58 experience in various situations. Documentation is reviewed and
59 extended and translations are updated.
60
61 More in detail, fixes to: mountpoint removal, language localization,
62 gtk-2 pinentry themeing, udisk2 compatibility (/run/media/$USER
63 mountpoint support), handling of key failures, kdf documentation,
64 swish-e file contents search and encrypted swap detection.
65
66 Deniability is improved by allowing any filename to be used for tombs
67 (also without .tomb extension). Code has been overall cleaned up.
68
69
70 ## 2.0.1
71 ### December 2014
72
73 Fix for usage with GnuPG 1.4.11, a problem affecting long term
74 GNU/Linux distribution releases like Ubuntu 12.04 and Mint 13.
75 Minor messaging fixes.
76
77 ## 2.0
78 ### November 2014
79
80 Tomb goes international: now translated to Russian, French, Spanish
81 and German.
82
83 The usability has improved: steganographed images can now be used
84 directly as keys using `-k`. Tomb now works also across ssh
85 connections: it is possible to pipe cleartext secrets from stdin using
86 `-k cleartext` but that requires the --unsafe flag.
87
88 The security is also improved by avoiding most uses of temporary
89 files. The privilege escalation model has been simplified and sudo is
90 called only when needed. All code has been refactored for readability
91 and integration with zsh features. Signal handlers are now in place,
92 global arrays are used to keep track of temp files. Namespace has been
93 revisioned and corrected, described in [HACKING](docs/HACKING.txt).
94
95 ## 1.5.3
96 ### June 2014
97
98 Various usability fixes and documentation updates. Password changing
99 and key changing procedures have been refactored and dev-mode
100 operation from scripts has been tested against a few new wrappers
101 being developed. A strings file is made available for translators.
102
103 ## 1.5.2
104 ### February 2014
105
106 Removed automatic guessing of key file besides tomb to encourage
107 users to keep tomb and key separated, but also to simplify the
108 code in key retrieval and avoid a bug occurring in the previous
109 version.
110
111 ## 1.5.1
112 ### February 2014
113
114 Fix to stdin piping of keys, which were not correctly processed
115 nor were deleted from volatile memory (tmpfs).
116
117 Version is now updated accordingly.
118
119 ## 1.5
120 ### January 2014
121
122 Minor bugfixes to documentation, error handling, support for
123 multiple and encrypted swap partitions and qr code engraving.
124
125 This release also includes some minor code refactoring of
126 load_key() and loop mount checks. Also the tray app is updated
127 to gtk-3 and works simply with a tomb name as argument.
128
129 Documentation was updated accordingly.
130
131 ## 1.4
132 ### June 2013
133
134 This release fixes an important bug affecting Tomb 1.3.* which
135 breaks backward compatibility with older tombs and invalidates
136 keys created using 1.3 or 1.3.1. For more information about it
137 read the file KNOWN_BUGS.
138
139 New features are also included:
140 indexing and search of file contents, engraving of keys into paper
141 printable QRCodes for backup purposes and improvements in key
142 encryption. A setkey command is added to change the key file that
143 is locking a Tomb.
144
145 This release restores backward compatibility
146 with tombs created before the 1.3 release series.
147
148 ## 1.3.1 (DEPRECATED, see [KNOWN_BUGS](KNOWN_BUGS.md))
149 ### June 2013
150
151 Major bugfixes following the recent refactoring.
152
153 This release fixes various advanced commands as search/index, KDF key
154 protection against dictionary attacks and steganographic hiding of
155 keys. It provides compatibility across GnuPG 1.4.11 and .12 which
156 broke the decoding of keys. Usage of commandline option is made
157 consistent and full paths are honored.
158
159 A new test suite is included and documentation is updated accordingly.
160
161 ## 1.3 (DEPRECATED, see [KNOWN_BUGS](KNOWN_BUGS.md))
162 ### May 2013
163
164 A refactoring of Tomb's main script internals was made, including
165 a new messaging system, machine parsable output, cleaner code and
166 updated compatibility to Debian 7. A new search feature lets users
167 index and run fast filename searches in their open tombs. Creation
168 of tombs is broken out in three steps (dig, forge and lock).
169
170 Source distribution includes experimental add-ons for a python
171 GUI, KDF key encryption and a key "undertaker". Documentation was
172 updated.
173
174
175 ## 1.2
176 ### Nov 2011
177
178 Includes an Important fix to password parsing for spaces and
179 extended chars, plus a new 'passwd' command to change a key's
180 password. Tomb now checks for swap to avoid its usage (see SWAP
181 section in manpage) and warns the user when the tomb is almost
182 full.
183
184 ## 1.1
185 ### May 2011
186
187 Fixes to mime types, icons and desktop integration.
188
189 A new 'list' command provides an overview on all tombs currently open.
190
191 Now a tomb cannot be mounted multiple times, the message console has
192 colors and better messages.
193
194 Different mount options (like read-only) can also be specified by hand on the commandline.
195
196 ## 1.0
197 ### March 2011
198
199 Clean and stable. Now passwords are handled exclusively using
200 pinentry. Also support for steganography of keys (bury and exhume)
201 was added to the commandline.
202
203 Commandline and desktop operations are well separated so that tomb can be used via remote terminal.
204
205 A new command 'slam' immediately closes a tomb killing all processes that keep it busy.
206
207 ## 0.9.2
208 ### February 2011
209
210 The tomb-open wizard now correctly guides you through the creation
211 of new tombs and helps when saving the keys on external USB
212 storage devices. The status tray now reliably closes its tomb.
213
214 ## 0.9.1
215 ### February 2011
216
217 Sourcecode cleanup, debugging and testing.
218
219 Integrated some feedback after filing Debian's ITP and RFS.
220
221 ## 0.9
222 ### January 2011
223
224 Tomb is now a desktop application following freedesktop standards:
225 it provides a status tray and integrates with file managers.
226
227 The main program has been thoroughly tested and many bugs were fixed.
228
229 ## August 2010
230
231 The first usable version of Tomb goes public among hacker friends
232
233 ## During the year 2009
234
235 Tomb has been extensively tested, perfectioned and documented
236 after being used by its author.
237
238 ## Sometime in 2007
239
240 [MKNest](http://code.dyne.org/dynebolic/tree/dyneII/startup/bin/mknest)
241 was refactored to work on the Debian distribution and since
242 then renamed to Tomb. [dyne:bolic](http://www.dynebolic.org) specific dependencies where
243 removed, keeping Zsh as the shell script it is written with.
244
245 ## Back in 2005
246
247 The "nesting" feature of [dyne:bolic](http://www.dynebolic.org)
248 GNU/Linux lets users encrypt their home in a file, using a shell script and a graphical
249 interface called Taschino.
250
251 Taschino included a shell script wrapping cryptsetup to encrypt
252 loopback mounted partitions with the algo AES-256 (cbc-essiv
253 mode): this script was called 'mkNest' and its the ancestor of
254 Tomb.