twebpage updates - tomb - the crypto undertaker
(HTM) git clone git://parazyd.org/tomb.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit f35bbb151516b17cfcefa54fd9bd5ebd8cbc8ccf
(DIR) parent c352501a717d3d8fb1f2634d1359fc2e8b966a56
(HTM) Author: Jaromil <jaromil@dyne.org>
Date: Wed, 9 Mar 2011 17:51:52 +0100
webpage updates
Diffstat:
A doc/web/views/images/foster_privac… | 0
M doc/web/views/index.muse | 127 ++++++++++++++++++++++---------
A doc/web/views/manual.man | 183 +++++++++++++++++++++++++++++++
3 files changed, 273 insertions(+), 37 deletions(-)
---
(DIR) diff --git a/doc/web/views/images/foster_privacy.png b/doc/web/views/images/foster_privacy.png
Binary files differ.
(DIR) diff --git a/doc/web/views/index.muse b/doc/web/views/index.muse
t@@ -36,19 +36,108 @@ First of all the usual info you'd expect a software to provide:
And more below, read on...
+*** How does it works
+
+[[images/monmort.png]]
+
+Tombs are operated from a normal file browser or from the commandline.
+
+To open a tomb is sufficient to click on it, or use the command **tomb-open**
+
+When a tomb is open your panel will have a little icon in the tray
+reminding you that a tomb is open, offering to explore it or close it.
+
+[[images/awesome-shot.png]]
+
+To make safety copies of your keys, tomb lets you "bury a key" inside
+an image (using steganography techniques) and of course "exhume"
+buried keys from pictures where they are hidden. Actually it is very
+hard to guess when something is hidden inside a picture without
+knowing the password used in steganography.
+
+See the [[manual.html][manpage]] for more information on how to operate Tomb from the
+text terminal.
+<example>
+Tomb 1.0 - a strong and gentle undertaker for your secrets
+
+Syntax: tomb [options] command [file] [place]
+
+Commands:
+
+ create create a new tomb FILE and its keys
+ open open an existing tomb FILE on PLACE
+ close closes the tomb open on PLACE
+ bury hide a tomb key FILE inside a jpeg PLACE
+ exhume extract a tomb key FILE from a jpeg PLACE
+
+Options:
+
+ -s size of the tomb file when creating one (in MB)
+ -k path to the key to use for opening a tomb
+ -n don't process the hooks found in tomb
+
+ -h print this help
+ -v version information for this tool
+ -q run quietly without printing informations
+ -D print debugging information at runtime
+
+For more informations on Tomb read the manual: man tomb
+Please report bugs on <http://bugs.dyne.org>.
+</example>
+
*** Who needs Tomb
+ Democracy requires Privacy as much as Freedom of Expression.
+
Our target community are desktop users with no time to click around,
sometimes using old or borrowed computers, operating in places
endangered by conflict where a leak of personal data can be a threat.
-If you don't own a laptop then it's possible to go around with a USB
+If you can't own a laptop then it's possible to go around with a USB
stick and borrow computers, still leaving no trace and keeping your
data safe during transports. Tomb aims to facilitate all this and to
be interoperable across popular GNU/Linux operating systems.
+
+The internet offers plenty of free services, on the wave of the Web2.0
+fuzz and the community boom, while all private informations are hosted
+on servers owned by global corporations and monopolies.
+
+It is important to keep in mind that no-one else better than *you* can
+ensure the privacy of your personal data. Server hosted services and
+web integrated technologies gather all data into huge information
+pools that are made available to established economical and cultural
+regimes.
+
+
+
+**This software urges you to reflect on the importance of your
+privacy**. World is full of prevarication and political imprisonments,
+war rages in several places and media is mainly used for propaganda by
+the powers in charge. Some of us face the dangers of being tracked by
+oppressors opposing our self definition, independent thinking and
+resistance to omologation.
+
+<verse>
+
+ "The distinction between what is public and what is private is
+ becoming more and more blurred with the increasing intrusiveness of
+ the media and advances in electronic technology. While this
+ distinction is always the outcome of continuous cultural
+ negotiation, it continues to be critical, for where nothing is
+ private, democracy becomes impossible."
+
+(from [[http://www.newschool.edu/centers/socres/privacy/Home.html][Privacy Conference, Social Research, New School University]])
+</verse>
+
+
+
+
+
*** Aren't there enough encryption tools already?
+[[images/foster_privacy.png]]
+
We've felt the urgency of publishing Tomb for other operating systems
than dyne:bolic since the current situation in personal desktop
encryption is far from optimal.
t@@ -82,42 +171,6 @@ customization we intend to:
If you believe this is a worthy effort, you are welcome to [[http://dyne.org/donate][support it]].
-
-*** How does it works
-
-[[images/monmort.png]]
-
-Tombs are operated from a normal file browser or from the commandline.
-
-To open a tomb is sufficient to click on it, or use the command **tomb-open**
-
-When a tomb is open your panel will have a little icon in the tray
-reminding you that a tomb is open, offering to explore it or close it.
-
-[[images/awesome-shot.png]]
-
-See the [[manual][manpage]] for more information on how to operate Tomb from the
-text terminal.
-<example>
- . version 0.9.2 (Feb/2011) by Jaromil @ dyne.org
- .
-[*] Syntax: tomb [options] command [file] [mountpoint]
- .
-[*] Commands:
- . create create a new encrypted storage FILE and keys
- . open open an existing tomb FILE on MOUNTPOINT
- . close closes the tomb on MOUNTPOINT
- .
-[*] Options:
- . -s size of the storage file when creating one (MB)
- . -k path to the key to use for decryption
- .
- . -h print this help
- . -v version information for this tool
- . -q run quietly without printing information
- . -D print debugging information while running
-</example>
-
*** Where do we learn more from
Here below some articles that are useful to understand Tomb more in
(DIR) diff --git a/doc/web/views/manual.man b/doc/web/views/manual.man
t@@ -0,0 +1,183 @@
+.TH tomb 1 "February 12, 2011" "tomb"
+
+.SH NAME
+Tomb \- the Crypto Undertaker
+
+.SH SYNOPSIS
+.B
+.IP "tomb [options] command [arguments]"
+.B
+.IP "tomb-open [file]"
+.B
+.IP "tomb-status mountpoint"
+
+.SH DESCRIPTION
+
+Tomb is an application to manage the creation and access of encrypted
+storage files: it can be operated from commandline and it can
+integrate with a user's graphical desktop.
+
+Tomb generates encrypted storage files to be opened and closed using
+their associated keys, which are also protected with a password chosen
+by the user. To create, open and close tombs a user will need super
+user rights to execute the tomb commandline utility.
+
+A tomb is like a locked folder that can be safely transported and
+hidden in a filesystem; it encourages users to keep their keys
+separate from tombs, for instance keeping a tomb file on your computer
+harddisk and its key file on a USB stick.
+
+For simplified use, the command \fItomb-open\fR starts a wizard that
+guides users in the creation of a new tomb or, if a tomb file is
+specified as \fIargument\fR, it opens it and makes it accessible in a
+default location under the /media folder, starting the status tray
+applet (\fItomb-status\fR) if a desktop is present.
+
+
+.SH COMMANDS
+
+.B
+.IP "create"
+Creates a new encrypted storage tomb and its key, named as specified
+by the given \fIargument\fR.
+
+.B
+.IP "open"
+Opens an existing tomb file specified in the \fIfirst argument\fR. If
+a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR
+where the tomb should be made accessible, if not then the tomb is
+mounted in a directory named after the filename and inside /media.
+
+.B
+.IP "close"
+Closes a currently open tomb. When \fIan argument\fR is specified, it
+should point to the tomb mount on /dev/mapper; if not specified and
+only one tomb is open then it will be closed; if multiple tombs are
+open, the command will list them on the terminal. The special
+\fIargument\fR 'all' will close all currently open tombs.
+
+.B
+.IP "bury"
+Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond
+argument\fR) using steganography: the image will change in a way that
+cannot be noticed by human eyes and the presence of the key inside it
+isn't detectable without the right password. This option is useful to
+backup tomb keys in unsuspected places; it uses steghide and the
+serpent encryption algorithm.
+
+.B
+.IP "exhume"
+Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file
+(\fIsecond argument\fR) known to be containing it, if the right password is
+given. This is used to recoved buried keys from unsuspected places.
+
+.SH OPTIONS
+.B
+.B
+.IP "-s \fI<MBytes>\fR"
+When creating a tomb, this option must be used to specify the size of
+the new \fIfile\fR to be created, in megabytes.
+.B
+.IP "-k \fI<keyfile>\fR"
+When opening a tomb, this option can be used to specify the location
+of the key to use. Keys are created with the same name of the tomb
+file adding a '.gpg' suffix, but can be later renamed and transported
+on other media. When a key is not found, the program asks to insert a
+USB storage device and it will look for the key file inside it.
+.B
+.IP "-n"
+Skip processing of post-hooks and bind-hooks if found inside the tomb.
+See the \fIHOOKS\fR section in this manual for more information.
+.B
+.IP "-h"
+Display a help text and quit
+.B
+.IP "-v"
+Display version and quit
+.B
+.IP "-q"
+Run more quietly
+.IP "-D"
+Print more information while running, for debugging purposes
+
+.SH HOOKS
+
+Hooks are special files that can be placed inside the tomb and trigger
+actions when it is opened and closed; there are two kinds of such
+files: \fIbind-hooks\fR and \fIpost-hooks\fR can be placed in the
+base root of the tomb.
+
+.B
+.IP "bind-hooks"
+This hook file consists of a simple two column list of files or
+directories inside the tomb to be made directly accessible inside the
+current user's home directory. Tomb will use the "mount \-o bind"
+command to bind locations inside the tomb to locations found in $HOME
+so in the first column are indicated paths relative to the tomb and in
+the second column are indicated paths relative to $HOME contents, for
+example:
+
+ mail mail
+ .gnupg .gnupg
+ .fmrc .fetchmailrc
+ .mozilla .mozilla
+
+.B
+.IP "post-hooks"
+This hook file gets executed as user by tomb right after opening it;
+it can consist of a shell script of a binary executable that performs
+batch operations every time a tomb is opened.
+
+.SH PRIVILEGE ESCALATION
+
+The tomb commandline tool needs to acquire super user rights to
+execute most of its operations: to do so it uses sudo(8), while
+pinentry(1) is adopted to collect passwords from the user.
+
+Tomb executes as super user only those commands requiring it, while it
+executes desktop applications as processes owned by the user.
+
+
+.SH BUGS
+Please report bugs on the tracker at http://bugs.dyne.org
+
+Get in touch with developers via mail using this web page
+http://dyne.org/contact or via chat on http://irc.dyne.org
+
+.SH AUTHORS
+
+Tomb is designed and written by Denis Roio aka Jaromil.
+
+Tomb's artwork is contributed by Jordi aka Mon Mort
+
+Testing and fixes are contributed by Dreamer and Hellekin O. Wolf
+
+Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
+
+.SH COPYING
+
+This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR>
+
+Permission is granted to copy, distribute and/or modify this manual
+under the terms of the GNU Free Documentation License, Version 1.1 or
+any later version published by the Free Software Foundation.
+Permission is granted to make and distribute verbatim copies of this
+manual page provided the above copyright notice and this permission
+notice are preserved on all copies.
+
+.SH AVAILABILITY
+
+The most recent version of Tomb sourcecode and up to date
+documentation is available for download from its website on
+\fIhttp://tomb.dyne.org\fR.
+
+.SH SEE ALSO
+
+.B
+.IP cryptsetup(8)
+
+GnuPG website on http://www.gnupg.org
+
+DM-Crypt website on http://www.saout.de/misc/dm-crypt
+
+LUKS website, http://code.google.com/p/cryptsetup