parazyd.org/1/git/tomb/file/doc/TODO.org.gph

       tTODO.org - tomb - the crypto undertaker
  HTML git clone git://parazyd.org/tomb.git
   DIR Log
   DIR Files
   DIR Refs
   DIR README
   DIR LICENSE
       ---
       tTODO.org (3844B)
       ---
            1 
            2 TODO and Roadmap for Tomb
            3 
            4 you are welcome to send patches to jaromil@dyne.org
            5 
            6 Issue tracking is now handled via GitHub, see http://github.com/dyne/Tomb
            7 
            8 Roadmap notes:
            9 
           10 * Release 3.0
           11 
           12 *** [#A] support BtrFS and snapshots
           13 *** [#A] system to split passwords in parts (ssss)
           14 *** [#B] modular encryption system support
           15 
           16     to go beyond dm-crypt/cryptsetup
           17 
           18     ecryptfs, tc-play
           19 
           20     needs tomb marks appended at end of tombs
           21 
           22 *** [#B] udev rules to avoid usb automount of keyplug in gnome
           23 *** [#B] sign and verify tomb script integrity
           24 *** [#B] make a graphical tomb undertaker (gnome-druid in glade?)
           25 *** [#B] analyse and show tomb entropy using libdisorder
           26 *** [#B] use inotify on tomb
           27     inotify can also count when was the last time tomb was used and
           28     unmount it automatically after a timeout, see how much free space
           29     is left and warn when the space is almost finished
           30 
           31 
           32 ** Notes from #CybRes
           33 
           34 
           35 *** mlocall per swap )vecna) rompigli il caz su github
           36 *** steganografia migliore con outguess? (vecna)
           37 *** velocita' creazione : fallocate -l 10G (scuall8907@gm)
           38 
           39 
           40 * DONE Release 2.0            :100%:
           41 
           42 ** [#A] support for ZFS filesystem (revisioning, bitrot)
           43 ** [#A] support for partition-based tombs
           44 ** DONE [#B] Internationalization using gettext
           45 
           46    Started generating the strings, still need to figure out how to
           47    install it
           48 
           49 ** DONE [#B] better tomb locksmith code for key management
           50 ** DONE [#B] backup keys on qrcodes
           51 ** DONE [#B] indeep security analysis of possible vulnerabilities
           52 ** [#C] more gtk dialogs for configurations? keep it minimal!
           53 
           54 
           55 
           56 
           57 * DONE Release 1.0            :100%:
           58 
           59 ** TODO [#C] make one single status handle more tombs
           60 ** TODO [#C] decorate creation wizard with ASCII art
           61 
           62 ** DONE [#B] remove gnome dependencies from tomb core                    :jaromil:
           63 
           64    gksu is deeply connected to gnome in all its packages.  actually
           65    libgksu2-dev is and that doesn't helps.
           66 
           67    gksu binary is a very simple and dirty code, we should have
           68    tomb-ask to use the libgksu library for privilege escalation, but
           69    then this would add the dependency into C linking...
           70 
           71    the solution is for now to detect if gksu is present, else fallback
           72    to sudo and provide it an interface to ask the password graphically
           73    via pinentry
           74 
           75 ** DONE [#B] SLAM tomb and kill all applications using it           :anathema:
           76 
           77    using lsof and fuser(1) we can do that easily
           78 
           79    we should ask user confirmation when closing a tomb if to slam
           80 
           81    tomb-askpass will become tomb-ask managing such user interaction,
           82    using libassuan and pinentry from the gpg project.
           83 
           84 ** DONE [#B] fix operation without DISPLAY (over SSH)                   :hellekin:
           85 ** DONE [#A] steganography to store tomb key                            :jaromil:
           86 
           87    steghide can hide keys in JPG, BMP, WAV or AU files it also takes
           88    care of compressing end encrypting the key file so we don't
           89    necessarily need gpg... it has Serpent and AES256 (CBC)
           90 
           91 ** DONE [#A] use a posix thread instead of fork for status close    :jaromil:
           92 ** DONE [#A] use a config file to map bind mounts                     :jaromil:
           93 
           94    done as file 'bind-hooks' inside tom. also 'post-hooks' is executed
           95    as user in case symlinks are needed and so
           96 
           97    using mount -o bind we can trigger actions to be made after mounting
           98    a tomb so that personal directories appear in the home folder.
           99 
          100 ** DONE [#A] desktop integration the freedesktop way                    :jaromil:
          101 ** DONE [#B] debian packaging with desktop integration                     :jaromil:
          102 ** DONE [#A] Avoid overwriting key on exhume on same filename
          103 ** DONE [#A] Should refuse opening a tomb that is already open            :jaromil:
          104 
          105 
          106 * TODO Porting to MS/Windows
          107 
          108   using FReeOTFE http://www.freeotfe.org
          109 
          110   or at least make it compatible with http://www.sdean12.org/SecureTrayUtil.htm
          111 
          112 * TODO Porting to Apple/OSX
          113 
          114   still to be investigated what's there that supports cryptsetup-luks volumes. hditool, tcplay...
          115