Re: [Tails-dev] Please review doc/experimental

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] Please review doc/experimental
Hi,

sajolida wrote (08 Apr 2012 15:37:02 GMT) :
> I'm not sure which option is the best, the plugin or the handmade
> anchors. What do you think?


Thanks for the explanation.

It seems to me the plugin would not fix anything at all:
it would not make it any more obvious, to someone doing a seemingly
unrelated change in page B, that s/he's breaking a link from page A to
page B.

So I prefer the handmade anchors: at least their purpose is clear,
as they're only useful as link targets. So, changing an anchor is
obviously breaking links, that should be updated accordingly.

Makes sense?

>>> - doc/first_steps/startup_options
>>
>> The screenshot does not display the widgets that allow the user to
>> choose their preferred language and keyboard layout.
>> Is this intentional?


> Nope. But I double-checked and it doesn't appear on my virtual
> machine! Maybe that's a side effect of the "VirtualBox guest modules
> are only built for amd64" bug. I'll try again with the RC1 once
> I got one.


Current devel branch has that bug workaround'd.

>>> - doc/first_steps/persistence/warnings
>>
>> When I read this:
>>
>> Remember also that secure deletion do not work as expected on USB
>> sticks. See the corresponding documentation. Read how to delete the
>> persistent storage instead.
>>
>> I think this suggests the "delete the persistent storage" page deals
>> with secure deletion of that storage area. However, the first set of
>> instructions given on that other page "choose Applications ▸ Tails
>> ▸ Delete persistent storage, and click on the Delete button." does not
>> support secure deletion yet, and the other sets of instructions either
>> let me totally doubtful, or just don't work. See other problems in
>> this area later on.


> Ok, see 29ad316.


I see no such commit.

> What about:


> « To protect your anonymity and leave no trace, Tails developers
> select and configure with care programs that work well together.
> **Installing additional programs may introduce unpredictable
> problems and may break the protections built-in Tails.** Tails
> developers may not want or may not be capable of helping you to
> solve those problems. »


Suits me well.

>>> - doc/first_steps/persistence/delete
>>
>> "Creating a new persistent storage on top of an old one makes it hard
>> for an attacker to recover the files of the old persistent storage
>> using data recovery techniques" --> Why? Because you suppose the old
>> LUKS header to be overwritten by a newer one? If this is the only
>> reason, I don't think we can seriously base anything on this. E.g.
>> the modern partitioning tools we're using (namely: udisks) try to be
>> clever wrt. sector alignment, and e.g. I would not bet Wheezy's udisks
>> (in Tails 2.0), will create a new persistent storage exactly at the
>> same place as Squeeze's udisks (in Tails 0.11) did.


> Ok, you're right. Please see 301e40b.


I see no such commit in there.

>> 1. Erase Tails
>> 2. Securely clean all the available disk space
>>
>> --> I think #2 only works if there's a filesystem on the target USB
>> stick, which is not true after following #1.


> Ok, I see two ways of solving that:
> [...]
> 2. Add a step linking to "Create an encrypted volume" on the whole USB
> stick before doing "Securely clean…" and be done with it.


Looks easier to write and maintain.

> Maybe I can replace it by "persistent volume". That's the term used
> by the Disk Utility and we already used it in "Create and use
> encrypted volumes".


Suits me well. In tails-persistence-setup, I've tried to follow the
Disk Utility terminology.

Also:
> -Remember also that **secure deletion does not work as expected on USB sticks.**<br/>
> +Note also that **secure deletion do not work as expected on USB sticks.**<br/>


You're reverting my s/do/does/, that I called a grammar fix.
Why should "secure deletion" not be treated as a singular, third
person subject of the "do" verb?

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc