Re: [Tails-dev] Hacking Team looking at Tails

Delete this message

Reply to this message
Autore: Austin English
Data:  
To: The Tails public development discussion list
Oggetto: Re: [Tails-dev] Hacking Team looking at Tails
On Sat, Feb 20, 2016 at 6:26 AM, sajolida <sajolida@???> wrote:
> Austin English:
>> On Thu, Feb 18, 2016 at 11:37 AM, intrigeri <intrigeri@???> wrote:
>>> Austin English wrote (18 Feb 2016 16:56:29 GMT) :
>>>> I'm not sure what action we should suggest.
>>>
>>> Re-installing from scratch is perhaps the only safe option we can
>>> provide in the current state of our tools.
>>
>> +1
>>
>> I filed https://labs.riseup.net/code/issues/11137 to track this. I'll
>> work on this as time permits. May need some help with the greeter
>> portion, we'll see.
>
> I like this idea. As intrigeri pointed out, this is not so much about
> detecting malware for real, but really about training users about good
> practices "Don't plug your Tails in an untrusted OS". I also agree that
> we should explain that reinstalling is the only solution.
> Though installing from the same untrusted OS really won't be.


Agreed.

> Austin, once you get time to work on the implementation part of this, I
> suggest sharing with us mockups about this would be presented to the
> user on tails-ux@??? before you write the corresponding code (maybe
> you can write the detection code itself first). At least regarding the
> phrasing, when and how the message occurs, what's proposed as ways out
> of the message, the need for extra doc, etc.


Absolutely! I was going to request help for the ux portion, because
I'm uncomfortable with choosing that phrasing, as it is very
important. I'm a native English speaker, but I want to make sure the
message is clear to non-native speakers.

My thought was to have detection code before the greeter, then if
detected, have the greeter pop up some big red warning box. Beyond
that, I'm open to ideas on specifics. But that can be discussed on
tails-ux once the first part is done.

--
-Austin