Re: [Tails-dev] [Please review] Fix for: FireGPG susceptible…

Delete this message

Reply to this message
Autor: intrigeri
Data:  
Dla: The Tails public development discussion list
Temat: Re: [Tails-dev] [Please review] Fix for: FireGPG susceptible todevastating JavaScript attacks
hi,

anonym wrote (31 Oct 2011 16:06:39 GMT) :
>> Also, we must document very well, for end-users, how to deal with
>> the removal of the encrypt/decrypt/etc. actions on selection.
>> Maybe leaving these menu entries in place, and replacing their
>> action with a help popup, would be a nice way to help them migrate
>> to (slightly) saner habits? Bonus: the same mechanism can be
>> re-used when we eventually replace FireGPG functionality with
>> a non-web UI.


> What about this: I change it so that so all menu entries open the
> FireGPG Text Editor. On the top of the Text Editor I add a short
> disclaimer stating that using the FireGPG crypto actions are unsafe,
> that everything should be done in the Text Editor,


Great.

> and that FireGPG will be replaced with some external tool in Tails
> in the future (so yeah, it's Tails specific).


That specific part is Tails-specific, and could probably be done as
a separate commit in Git.

Cheers,
--
intrigeri <intrigeri@???>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| Do not be trapped by the need to achieve anything.
| This way, you achieve everything.