Linux-Hello

Author	SHA1	Message	Date
eliott	8a76e6354b	docs(02-01): complete security tooling plan - Created SUMMARY.md documenting all 4 security tool runs - Updated STATE.md to reflect phase 2 progress - Fixed clippy warnings in 7 files Key findings: - 1 HIGH vulnerability (bytes crate) - Need deny.toml for license policy - Miri limited by system call support	2026-02-14 11:16:00 +01:00
eliott	fd5d8c87d5	fix(02-01): fix clippy warnings to pass lint checks - config.rs: Added Default derive, removed manual impl - template.rs: Simplified iterator with flatten() - camera/linux.rs: Added transmute annotations, fixed doc syntax - camera/mod.rs: Allow unused imports from linux module - ipc.rs: Renamed default() to with_default_path(), simplified closures - secure_memory.rs: Use is_multiple_of() instead of modulo - phase3_security_test.rs: Use std::f32::consts::PI	2026-02-14 11:14:41 +01:00
eliott	f80d051b8a	docs(02-01): add security tooling results - tool-audit-results.md: cargo-audit findings (1 high vulnerability in bytes) - deny-check-results.md: cargo-deny findings (license policy needed) - clippy-results.md: clippy findings (style warnings, no security issues) - miri-results.md: Miri findings (limited by system call support) These are the output artifacts from running security tooling.	2026-02-14 11:14:34 +01:00
eliott	372ed79bdc	docs(phase2): create phase plan	2026-02-14 10:29:50 +01:00
eliott	22f41ec224	docs(02): research phase 2 - rust code security review	2026-02-14 10:25:56 +01:00
eliott	4e6bfda5b3	docs(phase-1): complete phase execution	2026-02-14 10:21:16 +01:00
eliott	588e337064	docs(01-02): complete STRIDE threats + security controls plan - Created STRIDE threat analysis (433 lines, 6 categories) - Created security control mapping (384 lines) - Updated STATE.md with progress (2/20 plans, 10%)	2026-02-14 10:18:03 +01:00
eliott	8cbb5adc2a	docs(01-02): map security controls to threats - Created comprehensive security control mapping document - Documented IPC, cryptographic, memory, authorization, and PAD controls - Each control includes implementation location and effectiveness rating - Included gap analysis identifying missing mitigations - Links STRIDE threats to corresponding security controls	2026-02-14 10:16:17 +01:00
eliott	0f018ba4fe	docs(01-02): perform STRIDE threat analysis - Created comprehensive threat analysis for all DFD components - Covered all 6 STRIDE categories: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege - Included risk ratings (likelihood x impact) for each threat - Priority matrix ranking top 10 threats by risk rating - References attack-surface.md and dfd.md	2026-02-14 10:15:14 +01:00
eliott	f59cec3813	docs(01-01): complete DFD + attack surface enumeration plan - Created system DFD with 5 trust boundaries - Enumerated attack surface with risk ratings - 2 tasks completed in 3 minutes	2026-02-14 10:12:31 +01:00
eliott	444c4303d2	feat(01-01): enumerate attack surface with risk ratings - IPC interfaces: Unix Socket and D-Bus with existing security controls - Storage interfaces: Template storage (encrypted), TPM key storage, config files - Hardware interfaces: V4L2 camera, TPM2 device - Configuration vectors: Environment variables, command-line arguments, config files - Biometric-specific: ONNX models, camera frame input, template replay - Risk ratings: HIGH (socket, camera, ONNX), MEDIUM (most others), LOW (hardware TPM) - Follows OWASP Attack Surface Analysis methodology	2026-02-14 10:10:59 +01:00
eliott	96b31add26	feat(01-01): create system DFD with trust boundaries - Documents all external entities: User (face), PAM module, CLI, GNOME/KDE settings - Describes linux-hello-daemon internal modules: camera, detection, matching, anti-spoofing, secure memory - Enumerates data stores: template storage, TPM key storage, config files - Defines 5 trust boundaries: Unix Socket IPC, Encrypted Storage/TPM, Hardware Interfaces, D-Bus, System Integration - Includes ASCII diagrams following OWASP Threat Dragon methodology	2026-02-14 10:10:47 +01:00
eliott	06b1338425	docs(phase-1): create phase plans for architecture & threat modeling	2026-02-14 09:55:50 +01:00
eliott	fd862032b7	docs(phase-1): research architecture & threat modeling	2026-02-14 09:53:07 +01:00
eliott	3be9531686	docs: create roadmap (5 phases)	2026-02-14 09:47:09 +01:00
eliott	c1ae77cf86	docs: define v1 requirements	2026-02-14 09:44:46 +01:00
eliott	b9f4a4d3b1	docs: complete project research (STACK, FEATURES, ARCHITECTURE, PITFALLS, SUMMARY)	2026-02-14 09:44:01 +01:00
eliott	e7c9a0f8ea	chore: add project config	2026-02-14 09:22:53 +01:00
eliott	1c583f3c47	docs: initialize project	2026-02-14 09:20:24 +01:00
eliott	2034281ad7	Prepare public release v0.1.0	2026-01-30 09:44:12 +01:00
eliott	75be95fdf7	fixing some issues	2026-01-15 23:16:15 +01:00
eliott	23230cb745	updating doc	2026-01-15 22:50:18 +01:00
eliott	1e7f296635	Development over	2026-01-15 22:40:51 +01:00
eliott	2f6b16d946	Fixed warnings, lots of stubs in the code, will be implemented later.	2026-01-03 08:15:51 +01:00
eliott	a3fefa4179	fe	2026-01-02 21:25:12 +01:00
eliott	7c1f77a469	Add project logo to README - Add logo.png to public directory - Update README to display logo at the top - Remove logo from .gitignore to allow tracking	2026-01-02 21:25:00 +01:00
eliott	d118f3a599	Remove status.md and development_path.md from repository These are internal development documents and should not be tracked in the repo.	2026-01-02 21:06:47 +01:00
eliott	abe5476157	Add comprehensive README and update project status - Add README.md with project overview, features, installation, and usage - Document current Phase 3 completion status - Include architecture diagrams and security information - Add roadmap for Phase 4-5 - Update status.md to reflect current codebase state	2026-01-02 21:04:57 +01:00
kharonsec	fdf37aa7b4	first commit	2026-01-02 19:08:56 +01:00

29 Commits