spencerone@???:
>> As Tails cannot really be used as an easy replacement for your
>> traditional operating system, I find it reasonable to assume that our
>> target user base has some incentive to learn how to use computer
>> security tools, either for their personal curiosity or because they
>> need it.
>>
>> I'm not saying here that we require people to have a PhD in computer
>> science to be in our target user base, but if they have no external
>> incentive to add security on top of what is their primary goal when
>> sitting in front of a computer (sending emails, browsing, etc.), then
>> they shouldn't be using Tails.
>
> I do not think it is fair to decide for others what they need or what
> they should and shouldn't be using.
I was not proposing to do that.
> I also do not think it is logical
> to presume that to have a secure computing experience that people need
> to have anything other than the desire to have a secure computing
> experience, even if they don't yet know what it means.
Yes, I think that what you called "desire to have a secure computing
experience" I called it "incentive to learn how to use computer security
tools".
> We are teaching people how to learn, i.e., if done correctly, the UI is
> a self guided educational tool about how to use the UI. We should be
> teaching with every step, and we already seem to be headed in that
> direction, so making this the most usable might just be the most
> appropriate.
I totally agree with that vision. I was considering this "teaching" and
"learning" as part of the added cognitive load that I think is
inevitable if people want to use Tails.
>> Because using Tails *will* add some cognitive load in comparison with a
>> traditional operating system. Our mission is to reduce this extra load
>> but it won't disappear.
>
> Maybe this exists somewhere in discussions or documents, but what is the
> reasoning behind not having TAILS be a portable application, you know,
> like drag and drop installation? Because that might be the most
> suitable experience for everyone, presuming it is not a security
> vulnerability.
We need to run straight from the hardware or otherwise we rely on the
host operating system to be trustworthy (and we shouldn't). This is for
example the case in virtual machines, you can run Tails in a virtual
machine but if your host operating system is buggy, then your Tails can
be monitored, hacked, etc.
I've been working on a new documentation about virtualization. It hasn't
been release yet but you can see the main page here:
http://git.tails.boum.org/tails/tree/wiki/src/doc/advanced_topics/virtualization.mdwn?h=doc/7143-virtualization
--
sajolida
