Slashdot Mirror
Tomb, a Successor To TrueCrypt For Linux Geeks
jaromil writes: Last day we released Tomb version 2.1 with improvements to stability, documentation and translations. Tomb is just a ZSh script wrapping around cryptsetup, gpg and other tools to facilitate the creation and management of LUKS encrypted volumes with features like key separation, steganography, off-line search, QRcode paper backups etc. In designing Tomb we struggle for minimalism and readability, convinced that the increasing complexity of personal technology is the root of many vulnerabilities the world is witnessing today — and this approach turns out to be very successful, judging from the wide adoption, appreciation and contributions our project has received especially after the demise of TrueCrypt.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.
to be honest, and I've been recently reading a lot about potential TrueCrypt replacements. Of course I was looking for FDE mostly, not just a few files.
Need I say more?
Can't rule that out about anything. In this case you're talking about the guy (Denis Roio) with dyne:bolic under his belt - and the "non-profit" behind it and his "campaign" to fork Debian. A self-described "researcher in philosophy of technology and software artisan". He's done at least one TED talk (I can't be bothered looking for the link).
The Tomb project is interesting and I've been following it for a while - the main thing that differentiates it from other LUKS-made-simple tools is the addition of steganography capabilities.
Despite his numerous, um, eccentricities and involvement in the rabid and vitriolic campaign against systemd, it's the code that counts. In this case it's just wrappers around dm-crypt, dm-setup and LUKS designed to make LUKS easier for people who find it difficult - and to add a few other features. Like anything else that is meant to be trusted to the same degree it should be independently audited.
Note: there are plenty of reasonable objections to systemd. Those that hold them don't demand no-one else should be able to use systemd, raise money unaccountably so a handful(?) of anonymous self-described "Unix gurus" can "fork Debian" (yeah - and I'm going to build a moon mission in my basement). Or use threats/trolling/FUD.That would be more like an NSA style campaign to divide the Linux community and keep their existing init flaw backdoors in place on hard-to-get-to systems.
Cue the usual sock-puppet forum flooding and disinformation [sigh]