From 34bc37401bab976067a48961dc05223c4179ac75 Mon Sep 17 00:00:00 2001 From: Jaromil Date: Wed, 20 Sep 2023 16:36:48 +0200 Subject: [PATCH] many corrections to tomb's webpage --- src/pages/software/tomb.md | 554 ++++++++++++++++--------------------- 1 file changed, 231 insertions(+), 323 deletions(-) diff --git a/src/pages/software/tomb.md b/src/pages/software/tomb.md index 77714b6..6742a80 100644 --- a/src/pages/software/tomb.md +++ b/src/pages/software/tomb.md @@ -1,323 +1,231 @@ ---- -layout: ../../layouts/Layout.astro -title: "Tomb :: File Encryption on GNU/Linux" -description: "Tomb is an 100% free and open source system for file encryption on GNU/Linux. It simply makes gpg dm-crypt and cryptsetup usable in a variety of situations." -cover: "https://dyne.org/social/tomb.png" ---- - -# Tomb - -## Hidden File Encryption -![](https://www.dyne.org/wp-content/uploads/2011/10/tomb_n_bats.png "tomb_n_bats") - -Tomb is a **100% free and open source** tool for file encryption that facilitates managing secret files. Tomb is written in code that is easy to review and links commonly shared components. - -Tomb generates encrypted storage folders to be opened and closed using their associated key files, which are also protected with a password chosen by the user. - -A tomb is like a locked folder that can be safely transported and hidden in a filesystem; its keys can be kept separate, for instance keeping the tomb file on your computer's hard disk and the key files on a USB stick. - -Tomb is a simple tool to manage **encrypted storage** on GNU/Linux, from the *hashes* of the [dyne:bolic](http://dynebolic.org/) nesting mechanism. - -**Tomb works only on GNU/Linux systems**. - -If you are already familiar, [download the tar.gz](https://files.dyne.org/tomb) and jump to the - -[Installation instructions](https://github.com/dyne/Tomb/blob/master/INSTALL.md) - - - -## How does our file encryption on Linux work - -![Tomb logo by monmort](https://www.dyne.org/wp-content/uploads/2011/11/monmort1.png) - -Tomb is a simple shell script, you can just download the source\ -distribution and copy it in your path, it will check for requirements installed. - -Tombs are operated from a terminal command line and require **root access** to the machine (or just sudo access to the script). - -Here is a nice review made by the Linux Action Show guys on August 2014, they recommend it as a replacement for TrueCrypt on GNU/Linux.\ -\ -Please note that user permission problems are due to the fact they are not using **sudo**. We do recommend using it. - -To create a 100MB tomb called “secret” do: - -``` -tomb dig -s 100 secret.tomb -tomb forge secret.tomb.key -tomb lock secret.tomb -k secret.tomb.key -``` - -To open it, do -``` -tomb open secret.tomb -k secret.tomb.key -``` -and after you are done -``` -tomb close -``` -or if you are in a hurry -``` -tomb slam all -``` -will close immediately all open tombs, killing all applications using them. Multiple tombs can be used at the same time, also folders and files inside them can be bound to files and folders inside your $HOME, placing all configurations where the applications expect them. - -Tomb can do much more, like execution hooks, steganography of keys and fast search over filenames and contents: `man tomb`. - -![awesome-shot](https://www.dyne.org/wp-content/uploads/2011/11/awesome-shot.png) - -There are also some graphical user interfaces, mime-type registrations and things to make it easier to use on the desktop, look in **extras/**. - -Here below is a snapshot of the command line help (tomb -h): - -```man - Tomb 3.0.0 - The Crypto Undertaker - - Copyright (C) 2007-2023 Dyne.org Foundation, License GNU GPL v3+ - This is free software: you are free to change and redistribute it - For the latest source code go to - - Syntax: tomb [options] command [arguments] - - Commands: - - // Creation: - dig create a new empty TOMB file of size -s in MiB - forge create a new KEY file and set its password - lock installs a lock on a TOMB to use it with KEY - - // Operations on tombs: - open open an existing TOMB (-k KEY file or - for stdin) - index update the search indexes of tombs - search looks for filenames matching text patterns - list list of open TOMBs and information on them - ps list of running processes inside open TOMBs - close close a specific TOMB (or 'all') - slam slam a TOMB killing all programs using it - resize resize a TOMB to a new size -s (can only grow) - - // Operations on keys: - passwd change the password of a KEY (needs old pass) - setkey change the KEY locking a TOMB (needs old key and pass) - - Options: - - -s size of the tomb file when creating/resizing one (in MiB) - -k path to the key to be used ('-k -' to read from stdin) - -n don't launch the execution hooks found in tomb - -p preserve the ownership of all files in tomb - -o options passed to commands: open, lock, forge (see man) - -f force operation (i.e. even if swap is active) - -g use a GnuPG key to encrypt a tomb key - -r provide GnuPG recipients (separated by comma) - -R provide GnuPG hidden recipients (separated by comma) - --sudo super user exec alternative to sudo (doas or none) - - -h print this help - -v print version, license and list of available ciphers - -q run quietly without printing informations - -D print debugging information at runtime - - For more information on Tomb read the manual: man tomb - Please report bugs on . -``` - -## [![foster\_privacy](https://www.dyne.org/wp-content/uploads/2012/06/foster_privacy.png)](https://www.dyne.org/wp-content/uploads/2012/06/foster_privacy.png)Why should one trust this script? - -Good question, which ultimately we shouldn’t answer: it is up to anyone using such a delicate tool to assess its reliability, based on a common understanding of code and opinions of trusted peers. - -We believe that complexity hides insecurity, therefore Tomb is open source and just a script you can read and check for what it does. We do our best to keep it short and easy to read. - -[Documentation for code literates](https://github.com/dyne/Tomb/blob/master/tomb) - -All dependencies used in Tomb are common GNU/Linux components, well peer-reviewed and found in most distributions. Plus there is no cloud and no network connection needed: Tomb works entirely offline, of course. - -## Who needs Tomb - -> “*Democracy requires Privacy as much as Freedom of Expression.*” Anonymous - -Our target community are desktop users with no time to click around, sometimes using old or borrowed computers, operating in places endangered by conflict where a leak of personal data can be a threat. - -If you can’t own a laptop then it’s possible to go around with a USB stick and borrow computers, still leaving no trace and keeping your data safe during transports. Tomb aims to facilitate all this and to be interoperable across popular GNU/Linux operating systems. - -The internet offers plenty of free services, on the wave of the Web2.0 fuzz and the community boom, while all private information is hosted on servers owned by global corporations and monopolies. - -> The distinction between what is public and what is private is becoming more and more blurred with the increasing intrusiveness of the media and advances in electronic technology. While this distinction is always the outcome of continuous cultural negotiation, it continues to be critical, for where nothing is private, democracy becomes impossible. - -It is important to keep in mind that no one else better than *you* can ensure the privacy of your data. Server-hosted services and web-integrated technologies gather all data into huge information pools that are made available to established economical and cultural regimes. - -**This software urges you to reflect on the importance of your privacy**. The world is full of prevarication and political imprisonments, war rages in several places and media is mainly used for propaganda by the powers in charge. Some of us face the dangers of being tracked by oppressors opposing our self-definition, independent thinking and resistance to homologation. - -## Aren’t there enough encryption tools? - -We’ve felt the urgency of publishing Tomb for other operating systems than dyne:bolic since the current situation in personal desktop encryption is far from optimal. - -[TrueCrypt](http://en.wikipedia.org/wiki/TrueCrypt) makes use of statically linked libraries so that its code is hard to audit, plus is [not considered free](http://lists.freedesktop.org/archives/distributions/2008-October/000276.html) by operating system distributors because of liability reasons, see [Debian](http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034), [Ubuntu](https://bugs.edge.launchpad.net/ubuntu/+bug/109701), [Suse](http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html), [Gentoo](http://bugs.gentoo.org/show_bug.cgi?id=241650) and [Fedora](https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt). - -[EncFS](http://www.arg0.net/encfs) is the best alternative to Tomb out there and its main advantage consists in not needing root access on the machine it’s being used. But still has drawbacks: it implements weaker encryption than dm-crypt and it doesn’t promote the separated storage of keys. - -At last, encrypted home mechanisms on operating systems such as Debian and Ubuntu adopt encryption algorithms as strong as Tomb does, but they need to be configured when the machine is installed, they cannot be easily transported and again they don’t promote separated storage of keys. - -##### Where do we learn from - -Here below some articles that are useful to understand Tomb more in detail and to get in touch with the difficult job of a Crypto Undertaker: - -* [TKS1 – An anti-forensic, two-level, and iterated key setup scheme](http://tomb.dyne.org/TKS1-draft.pdf) -* [New Methods in Hard Disk Encryption](http://tomb.dyne.org/New_methods_in_HD_encryption.pdf) -* [LUKS On-Disk Format Specification](http://tomb.dyne.org/Luks_on_disk_format.pdf) -* [Linux hard disk encryption settings](http://tomb.dyne.org/LinuxHDEncSettings.txt) - -With Tomb we try to overcome all these limitations by providing strong encryption, encouraging users to separate keys from data and letting them transport tombs around easily. Also to facilitate auditing and customization we intend to: - -* write short and readable code, linking shared libs -* provide easy to use graphical interfaces and desktop integration -* keep the development process open and distributed using GIT -* distribute Tomb under the GNU General Public License v3 - -If you believe this is a worthy effort, you are welcome to [support it](https://www.dyne.org/donate). - -# Downloads - -Do not use the latest Git version in production environments, but use a stable release versioned and packed as a tarball. The stable version will always ensure backward compatibility with older tombs: we make sure it creates sane tombs and keys by running various tests before releasing it. The development version in Git might introduce sudden bugs and is not guaranteed to produce backwards- or forward-compatible tombs and keys. - -For licensing information see the [GNU General Public License](http://www.gnu.org/copyleft/gpl.html) - -## Source package - -[Downloads](https://files.dyne.org/tomb) - -The latest release is signed by Tomb’s maintainer [Jaromil](http://jaromil.dyne.org). - -## Support - -Donations are very welcome, see [www.dyne.org/donate](https://dyne.org/donate). - -Translations are also needed: they can be contributed via the\ -[PO Editor web interface](https://poeditor.com/join/project?hash=33bdefea2e46b26f512a0caae55fbbb5) or simply send us the .po file. Start from *extras/po/tomb.pot*. - -To get in touch with developers join our chat on [irc.dyne.org](https://irc.dyne.org) (SSL over port 9999) on channel #dyne. - -## Installation - -**Tomb works only on GNU/Linux systems**. - -[Installation instructions](https://github.com/dyne/Tomb/blob/master/INSTALL.md) - -**Tomb is a single script** and can be installed manually anywhere on your path. If you insist in being a conformist, ‘make install’ will copy it into `/usr/local/bin` along with its manpage. - -Distributions are free to include it as they like, we had an autoconf/automake setup and a debian/ package for apparent ease of installation, but that is now dismissed for yet more simplicity. - -Be in charge of your system and **may the source be with you**! - -![tomb\_songs](https://www.dyne.org/wp-content/uploads/2011/11/tomb_songs.png) - -# Compatible applications - -Tomb can be used in scripts and some developers out there have built wrappers to facilitate its use with a graphical interface or using different scripting languages. - -[zuluCrypt](https://code.google.com/p/zulucrypt/) supports opening and closing Tombs, also directly using keys buried in images. - -[Tomber](https://github.com/reiven/tomber) is a python wrapper for most functionalities in tomb, making it easy to use inside python applications. - -If you know about more tools that should be listed here, please tell us. - -# Usage tips… - -Tomb can be adapted for ad-hoc use and scripted inside bigger systems of applications, here below are a few usage scenarios. - -## Private data in daily use - -With a simple mount and unmount command, plus the configuration of [bind-hooks](https://github.com/dyne/Tomb/wiki/Advancedfeatures#wiki-Bind_Hooks), your home can change in a snap to include your secrets in the right position for your application paths, like that secret door behind the library you always dreamed of. - -## Dangerous information transport - -When transporting delicate information the risk of interception is high: even using encryption, if the courier is captured then the key can be found on him or her and the password can be obtained using torture. The solution we propose is that of separating keys from storage so that a courier alone cannot be the single point of failure. **Never keep your keys where your tomb is**! - -## Deniable, but easy to remember, key storage - -Steganography helps here. Tomb offers the possibility to **bury** and **exhume** keys from jpeg images: if [steghide](http://steghide.sourceforge.net/) is installed on a system then Tomb will offer these commands in its command-line help. - -When securing your private data one of the bigger problems is represented by the fallacy of your memory: in some future, you might forget where you left the keys. - -This feature lets you keep in mind a certain picture rather than a position in a filesystem, much easy to remember. It also helps in hiding well the key and eventually communicating it without being suspicious, as it is very difficult to detect the presence of a key inside an image without knowing the password you used to seal it. - -Another possibility to keep track of keys is to backup them in a physical form: for that, we have the command **engrave** which will make a QRCode out of a key which can then be printed, but still must be kept secret, like between the pages of your favourite book or so. To recover an engraved key one can simply scan it with any QR decoder mobile application, save the resulting plain text file and use it as a key in Tomb. - -## Keys on different machines - -Security can be improved by eliminating the single point of failure, especially if a network connection is available. A tomb can be stored and used on a machine while its keys are far away: they get copied and immediately deleted every time, but never stored on the same machine. Here is a little snipped one can use as an alias or a script to trigger the opening of a tomb named “secrets” on the host “desktop” retrieving the keys from a “server.onthe.net”. -``` -ssh user\@server.onthe.net 'cat secrets.tomb.key' | tomb open secrets.tomb -k - -``` -Ssh is used for key transport, which can happen also without passwords by using ssh public keys. The tomb option “-k -” tells us to take the key from stdin. - -## Keys on your mobile phone - -A neat setup is that of keeping the tomb on your laptop and the key on your mobile phone, being fairly sure that they are never kept in the same place, pocket or bag. Every time a tomb is open, the mobile activates an “obex ftp daemon” that serves the key over Bluetooth to authorized paired devices. A simple script to make that happen follows, substitute the ESSID 11:22:33:44:55:66 with that of your device: -```bash - mkdir -p /dev/shm/secrets # prepare to store temporarily the key - chmod go-rwx /dev/shm/secrets # in volatile ram - cd /dev/shm/secrets - obexftp -b 11:22:33:44:55:66 -g secrets.tomb.key - tomb open $HOME/secrets.tomb -k secrets.tomb.key - wipe -f secrets.tomb.key - cd - - rmdir /dev/shm/secrets.key -``` - -## Private cloud storage - -Keeping tombs on remote server shells can be a good deterrent to avoid physical break-ins when travelling, and not having to carry anything related to your data. To a certain degree, using Tomb also makes it difficult to steal data from servers, even for providers that have physical access to them. - -For server-based usage one has to take care of some things: creating a tomb key is usually very slow on a remote server or VPS, the best is to **create the key (forge) locally on your desktop** and then upload it. The second issue is that often one will forget a tomb is open and just log out: to avoid this ZShell users can simply put a ‘tomb close’ or ‘tomb slam’ into their \~/.zlogout. - -Last but not least, it is also possible to mount tombs locally in a way that the remote server will never have anything to do with the clear data contained in them. This is achieved using **sshfs**: - -``` -sshfs -o allow_root user@remote.host:/ /local/mountpoint/ -tomb open /local/mountpoint/yourthings.tomb -k /path/to/key -``` - -Please note the sshfs command needs the option ‘-o allow\_root’ because otherwise, root will not have permission to read in the remote filesystem. - -If you like to go more in detail, [this MA thesis](https://www.researchgate.net/publication/262698824_Data_privacy_in_Desktop_as_a_Service) in computer science mentions the successful usage of Tomb over cloud filesystem storage and possible new horizons for its development. - -## More tips… - -More interesting usage tips can be found in our [Wiki documentation](https://github.com/dyne/Tomb/wiki) and in crunchbang’s [Paranoid #! Security guide](https://web.archive.org/web/20150703042116/https://crunchbang.org/forums/viewtopic.php?id=24722). - -[![github\_tomb](https://www.dyne.org/wp-content/uploads/2011/11/github_tomb.jpg)](https://github.com/dyne/Tomb) - -# Development - -Tomb's main development repository is hosted on GitHub](https://github.com/dyne/Tomb). - -Developers are welcome to interact with us via issues, pull requests or directly over there or get in touch via chat or email. - -Also, make sure to read the [short tomb tester howto](https://github.com/dyne/Tomb/wiki/TesterHowTo) to have some directions on how to troubleshoot. If you plan to write code then the [short tomb developer howto](https://github.com/dyne/Tomb/wiki/DeveloperHowto) is for you. - -To get in touch with us in person please plan to participate in one of the yearly [italian hackmeeting](http://hackmeeting.org), usually held during summer on the peninsula. - -## Stage of development - -At present time Tomb is easy to install and use, it mainly consists of a Shell script and some auxiliary C code for desktop integration (GTK), a Python GUI that makes use of the new –batch mode. - -You are welcome to join especially to help to enhance compatibility across operating systems, distribution packaging, GUI integration, translation and documentation. The golden rule for us is: to write short code and make it readable. Transparency and ease of code review are the strong points for an encryption tool we all intend to rely on. - -[![](https://www.dyne.org/wp-content/uploads/2011/10/tomb_crew_hkm11.jpg "tomb_crew_hkm11")](https://www.dyne.org/wp-content/uploads/2011/10/tomb_crew_hkm11.jpg) - -A cheerful picture of Tomb developers crew at Hackmeeting 2011 in Firenze - -## People involved - -Tomb is originally designed and written by [Jaromil](http://jaromil.dyne.org), it includes code by Hellekin O. Wolf, Anathema and Boyska, its artwork is contributed by [Món Mort](http://monmort.blogspot.com/). - -Testing, reviews and documentation are contributed by Dreamer, Shining the Translucent, [Mancausoft](http://www.mancausoft.org/), [Asbesto Molesto](http://zaverio.org) and Nignux. - -Most research we refer to is documented by Clemens Fruhwirth who also developed Cryptsetup together with Christophe Saout. - -> All I know is what the words know, and dead things, and that makes a handsome little sum, with a beginning and a middle and an end, as in the well-built phrase and the long sonata of the dead. - -— Samuel Beckett - - - +--- +layout: ../../layouts/Layout.astro +title: "Tomb :: File Encryption on GNU/Linux" +description: "Tomb is a 100% free and open source system for file encryption on GNU/Linux. It simply makes gpg dm-crypt and cryptsetup usable in a variety of situations." +cover: "https://dyne.org/social/tomb.png" +--- + +![](https://www.dyne.org/wp-content/uploads/2011/10/tomb_n_bats.png "tomb_n_bats") + +Tomb is a **100% free and open source** tool that facilitates managing secret files in volumes protected by **strong encryption**. + +Tomb's ambition is to improve safety by way of: + +- a **minimalist** design consisting of small and readable code +- the facilitation of **good practices**, i.e.: key/storage physical separation +- the adoption of a few standards and **battle-tested** components + + +## How it works + +We design Tomb's hidden file encryption to generate encrypted **storage folders** to be opened and closed using associated **key files**, which are also protected with a **password** chosen by the user. + +A tomb is a file whose **contents are kept secret and indistinguishable**; it can be safely **renamed, transported and hidden in filesystems**; its **keys should be kept separate**, for instance, keeping the tomb file on your computer's hard disk and the key files on a USB stick. **Once open, the tomb looks like a folder**. + +Tomb derives from scripts used in the [dyne:bolic](http://dynebolic.org/) 100% Free GNU/Linux distribution and a shell script (Zsh) using standard filesystem tools (GNU) and the cryptographic API of the Linux kernel (dm-crypt and LUKS via cryptsetup). Tomb's status and error messages are **translated into many human languages** and have **multiple graphical applications** to operate. + + +![awesome-shot](https://www.dyne.org/wp-content/uploads/2011/11/awesome-shot.png) + +# Get Started + +**Tomb works only on GNU/Linux systems and WSL2 starting with Windows11**. + +If you are already familiar with using the command line, [download the tar.gz](https://files.dyne.org/tomb) and jump to the [installation instructions](https://github.com/dyne/Tomb/blob/master/INSTALL.md). + +Tomb is also found in [many distributions](https://repology.org/project/tomb/versions), so you can use your package manager to install it. + +However, **Tomb is a single script** and is very easy to install manually. Using `make install` in our source distribution will copy it into `/usr/local/bin` along with its manpage (`man tomb`) and language translations. + +Be in charge of your system, and **may the source be with you**! + +![tomb\_songs](https://www.dyne.org/wp-content/uploads/2011/11/tomb_songs.png) + +## Usage + +Tombs are operated from a terminal command line and require **root access** to the machine (or just sudo access to the script). + +To create a 100MB tomb called "secret" do: + +``` +tomb dig -s 100 secret.tomb +tomb forge secret.tomb.key +tomb lock secret.tomb -k secret.tomb.key +``` + +To open it, do +``` +tomb open secret.tomb -k secret.tomb.key +``` +And to close it +``` +tomb close +``` +Or if you are in a hurry +``` +tomb slam all +``` +Will close immediately all open tombs, killing all applications using them. + +Here is a **lovely review made by the Linux Action Show guys** in August 2014, where they recommend Tomb as a replacement for Veracrypt + + + + + + +## Advanced usage + +The tomb script takes care of several details to improve a user’s +behaviour and the security of tombs in everyday usage: it protects the +typing of passwords from keyloggers, facilitates hiding keys inside +images, mounts directories in place without copying delicate files around, allows a user to kill all running processes and slam close a tomb in a straightforward command, warns the user about free space and last-time usage, etc. + +One can use **multiple tombs** simultaneously on the same system and list them using `tomb list`. + +Using `tomb resize`, one can expand tomb files to have more space (but cannot shrink them). + +When it is open, a tomb can bind its contents inside the user’s `$HOME` folder using `bind-hooks`. For instance, `.gnupg` will only be found inside your `$HOME` when the tomb opens. + +A tomb can be used on a local machine with keys on a server and never stored on the same device: `ssh me@dyne.org 'cat my.tomb.key' | tomb open my.tomb -k -` the option `-k -` tells tomb to take the key from stdin. + +It is also possible to store a tomb on a cloud service and mount it locally, ensuring remote servers cannot access contents. One can use **sshfs** for this: + +``` +sshfs -o allow_root me@dyne.org:/ /mnt/cloud/ +tomb open /mnt/cloud/my.tomb -k my.key +``` + +[This paper](https://www.researchgate.net/publication/262698824_Data_privacy_in_Desktop_as_a_Service) provides a lot of details about using tombs hosted on cloud storage. + +Tomb also supports **deniable key storage** using steganography. One can `tomb bury` and `tomb exhume` keys to and from `JPEG` images when the utility `steghide` is installed. When securing private data, one must never forget where the keys are. It may be easier to remember a picture, as well it may be less suspicious to transport it and exchange it as a file. + +The command `tomb engrave` also allows to backup keys on paper by saving them as printable QR codes, to hide it between the pages of a book. To recover an engraved key, one can scan it with any phone and save the resulting plain text file as the tomb key. + + +## External applications + +The following applications are compatible with Tomb: + +- [pass-tomb](https://github.com/roddhjav/pass-tomb) is a console-based wrapper of the excellent password-keeping program [pass](https://www.passwordstore.org) that helps to keep the whole tree of passwords encrypted inside a tomb. + +- [Secrets](https://secrets.dyne.org) is an online software to split a Tomb key into shares that a quorum of owners can merge to reconstitute. + +- [Mausoleum](https://github.com/mandeep/Mausoleum) is a graphical interface to facilitate the creation and management of tombs, written in Python. + +- [zuluCrypt](https://mhogomchungu.github.io/zuluCrypt/) is a graphical application to manage various types of encrypted volumes on GNU/Linux, among them also Tombs, written in C++. + + +![Tomb logo by monmort](https://www.dyne.org/wp-content/uploads/2011/11/monmort1.png) + + + +# How secure is Tomb? + +**Death is the only sure thing in life**. That said, Tomb is a pretty +secure tool mainly because it is kept minimal, its source is +always open to review (even when installed), and its code is easy to +read with some shell script knowledge. Plus, **no cloud or network connection is needed: Tomb works offline**. + +GNU/Linux distributions include all encryption tools we use in Tomb +and therefore, they are regularly peer-reviewed: we don't add anything else to them, just a layer of usability. + +If needed, **it is always possible to access the contents of a tomb without the tomb script**, only using a few commands typed into any shell interpreter: + +``` +lo=$(losetup -f) +losetup -f secret.tomb +gpg -d secret.key | head -c -1 | cryptsetup --key-file - luksOpen $lo secret +mount /dev/mapper/secret /mnt +``` + +One can change the last argument `/mnt` to where the Tomb has to be +mounted and made accessible. To close the tomb, use: + +``` +umount /mnt +cryptsetup luksClose /dev/mapper/secret +``` + + +## Who needs Tomb + +> Democracy requires privacy as much as Freedom of Expression. - Anonymous + +The world is full of prevarication and political imprisonments, war rages in several places, and media is mainly used for propaganda by the powers in charge. Some of us face the dangers of being tracked by oppressors opposing our self-definition, independent thinking and resistance to homologation. + +Our target community are GNU/Linux users with no time to click around, sometimes using old or borrowed computers, operating in places endangered by conflict where **a leak of personal data can be a threat**. + +Even if one can't own a laptop, Tomb makes it possible to go around with a USB stick and borrow computers, leaving no trace and keeping data safe during transport. + + +> The distinction between public and private is becoming increasingly blurred with the increasing intrusiveness of the media and advances in electronic technology. While this distinction is always the outcome of continuous cultural negotiation, it continues to be critical, for where nothing is private, democracy becomes impossible. + +The Internet offers plenty of free services; in most cases, **corporate or state monopolies host all private information**. Server-hosted services and web-integrated technologies gather all data into huge information pools made available to established economic and cultural regimes. + +**Tomb is ethical software that empowers everyone to protect their privacy**. + + + + +## Aren't there enough encryption tools? + +The current situation in personal desktop encryption is far from optimal. + +The encrypted home mechanism of most operating systems doesn’t make it easy to transport around, and they do not separate the keys from the storage: only the password is needed to open them, which is prone to brute-forcing attacks. + +[TrueCrypt](http://en.wikipedia.org/wiki/TrueCrypt) makes use of statically linked libraries so that its code is hard to audit, plus is [not considered free](http://lists.freedesktop.org/archives/distributions/2008-October/000276.html) by operating system distributors because of liability reasons, see [Debian](http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034), [Ubuntu](https://bugs.edge.launchpad.net/ubuntu/+bug/109701), [Suse](http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html), [Gentoo](http://bugs.gentoo.org/show_bug.cgi?id=241650) and [Fedora](https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt). + +[Veracrypt](https://veracrypt.org) is a very portable rewrite of TrueCrypt (works also on Mac OSX) but is very slow and has some interaction patterns that are not secure. Its way of encrypting is comparable to Tomb. + +[EncFS](http://www.arg0.net/encfs) doesn’t need root access. But it has drawbacks: it implements weaker encryption, doesn't promote the separated storage of keys and exposes the size of each single file rather than hiding the structure of a folder. + +## Compliancy + +Tomb qualifies as sound for use on information rated as "top secret" +when used on an underlying stack of carefully reviewed hardware +(random number generator and other components) and software (Linux +kernel build, crypto modules, device manager, compiler used to built, +shell interpreter and packaged dependencies). + +Tomb volumes are fully compliant with the FIPS 197 advanced encryption +standard published by NIST and with the following industry standards: + +- Information technology -- Security techniques -- Encryption algorithms + - [ISO/IEC 18033-1:2015](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=54530) -- Part 1: General + - [ISO/IEC 18033-3:2010](http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=54531) -- Part 3: Block ciphers + +Tomb implementation is known to address at least partially issues raised in: + +- Information technology -- Security techniques -- Key management + - [ISO/IEC 11770-1:2010](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=53456) -- Part 1: Framework + - [ISO/IEC 11770-2:2008](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=46370) -- Part 2: Mechanisms using symmetric techniques +- [ISO/IEC 27005:2011](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=56742) Information technology -- Security techniques -- Information security risk management +- [ISO/IEC 24759:2014](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=59142) Information technology -- Security techniques -- Test requirements for cryptographic modules + +Any help on further verification of compliance is very welcome, as our +access to ISO/IEC documents is limited. + + + + + + + +# Development + +[Tomb is on GitHub](https://github.com/dyne/Tomb), where most of the community activity is going. + +Developers are welcome to interact with us via a discussion area, issues, or pull requests. The README is also a brief introduction for developers willing to engage. + +The [short tomb tester howto](https://github.com/dyne/Tomb/wiki/TesterHowTo) provides a guide to troubleshooting problems. Anyone planning to write code in Tomb should first look at the [short tomb developer howto](https://github.com/dyne/Tomb/wiki/DeveloperHowto). + +To get in touch with us in person please plan to participate in one of the yearly [italian hackmeeting](http://hackmeeting.org), usually held during summer on the peninsula. + +[![](https://www.dyne.org/wp-content/uploads/2011/10/tomb_crew_hkm11.jpg "tomb_crew_hkm11")](https://www.dyne.org/wp-content/uploads/2011/10/tomb_crew_hkm11.jpg) + +A cheerful picture of Tomb developers crew at Hackmeeting 2011 in Firenze + + +> All I know is what the words know, and dead things, and that makes a handsome little sum, with a beginning and a middle and an end, as in the well-built phrase and the long sonata of the dead. - Samuel Beckett +