Re: [Tails-dev] Easy verification steps for OS X

Delete this message

Reply to this message
Autor: steve
Data:  
Dla: sajolida
CC: The Tails public development discussion list
Nowe tematy: Re: [Tails-dev] Easy verification steps for OS X
Temat: Re: [Tails-dev] Easy verification steps for OS X
Sounds great. Let’s keep in touch and if you want me to provide feedback or review any OpenPGP instructions for OS X, I can sure do that - just ping me, once the new verification mechanism is in place.

Have a great day,
s

> Am 17.11.2015 um 11:34 schrieb sajolida <sajolida@???>:
>
> steve:
>> Dear all,
>
> Hi Steve,
>
>> The current verification steps for OS X users are, to put things mildly, broken.
>
> Thanks a lot for getting in touch with us. We have very limited
> knowledge of Mac OS X and that partly why anything Mac related on our
> website is mildly broken :)
>
>> Current procedure:
>>
>>    Users would follow this link:
>>    https://tails.boum.org/download/index.en.html#download.verify-the-iso-image-using-other-operating-systems
>>    then have to follow this link:
>>    https://tails.boum.org/doc/get/verify_the_iso_image_using_the_command_line/index.en.html
>>    and those instructions are really hard to read and follow.

>>
>> Many unexperienced users will not be able to do this. They will give up and not
>> attempt to use Tails - at all.
>
> I completely share your concern. Our verification instructions are quite
> old, they have been written maybe 4 years ago and didn't really change
> since then.
>
> The good news is that, at this very moment, we're working on brand new
> download, verification, and installation tools and instructions.
> For example, we want to stop recommending people to do an OpenPGP
> verification if they don't know OpenPGP beforehand.
>
> We've been working on a browser extension to download and verify the ISO
> image automatically. It's going to be released before the end of 2015
> and will become the recommended technique (and hopefully super easy).
>
> See https://tails.boum.org/blueprint/bootstrapping/extension/ for the
> idea and https://maone.net/dev/tails/download.html for a prototype.
>
> Still, even once we get there we'll want to still provide OpenPGP
> instructions as an alternative or additional verification mechanism. But
> at least people won't be force through this as they are today.
>
> So documenting better GPGTools would still make perfect sense as part of
> this alternative or additional check.
>
>> In GPGTools support we receive occasional feedback from very confused Tails
>> users, unable to verify their download. The latest example from yesterday is:
>> https://gpgtools.tenderapp.com/discussions/problems/47413-what-is-the-protocol-for-verifying-a-signature-from-a-file This
>> is not the only case and I am sure there are many more which just give up,
>> without even bothering to write a feedback report.
>
> I'm sorry to hear that :(
>
>> So here are some improved, shorter and easier to follow verification steps for
>> OS X in markdown:
>>
>>    To verify the signature of your tails file

>>
>>    1. download the Tails iso file and
>>    1. the gpg signature file from https://tails.boum.org/download
>>    1. click this [link](https://tails.boum.org/tails-signing.key) to display /
>>    download our key
>>    1. download and install [GPG Suite](https://gpgtools.org/gpgsuite)
>>    1. open GPG Keychain and drag the tails-signing.key into the main window to
>>    import the key
>>    1. make sure that dmg and sig file both are located in the same folder
>>    1. right-click signature or dmg file and select Services > OpenPGP: Verify
>>    Signature of File and allow a moment for processing

>>
>>    If everything is ok, the verification result will look similar to this:

>
> Cool, thanks! I think that I myself tried to perform the verification
> back when I wrote these instructions some 4 years but failed to do so.
>
>> I think you’d do your OS X users a big favor by updating the website
>> description. I’d love to see a dedicated OS X section and not have windows / OS
>> X mixed up under „other operating systems“ here
>> https://tails.boum.org/download/index.en.html#download.verify-the-iso-image-using-other-operating-systems
>>
>> Ideally the specific OS X instructions would open an expanding section (analogue
>> to what the current solution for „other operating systems“ does) but only
>> include the OS X instructions.
>>
>> I hope this is useful and can be added to the website. This should solve
>> https://labs.riseup.net/code/issues/7147
>
> That's super cool! So here is my proposal: let's wait until we do a
> first release of the browser extension (in the coming weeks) and then
> see how do we fit the additional OpenPGP instructions in our website
> after that. We I have a plan regarding this I'll send you a ping. And
> then I would love to work with you on solving this once and for good.
>
> --
> sajolida