Re: [Tails-dev] Security implications: moving code from Ver…

Delete this message

Reply to this message
Autore: sajolida
Data:  
To: The Tails public development discussion list
Oggetto: Re: [Tails-dev] Security implications: moving code from Verification Extension to our website
u:
> We know from Javascript statistics of our download page that roughly
> ~20% of the downloads of Tails images are verified by users using the
> verification extension. The optional OpenPGP verification accounts for
> 9% of downloads (computed using the number of downloads of the OpenPGP
> signature). This means that >70% of Tails downloads might currently not
> be verified at all.


This week-end I thought about another elements that could partly explain
this low 20% figure.

The counter we have on /install/download counts the number of times the
"Download" button is clicke, which might be very different from the
number of times someone actually finishes downloading Tails.

Especially when downloading something big like Tails, downloads might be
interrupted and restarted, people might realize it's that big only after
starting the download, etc.

The counter on this button also introduced a tiny glitch: clicking on
the button now opens a new blank tab and then closes it immediately to
start the download. See 19a0c6cca1. I don't know how bad the impact of
this glitch is but I'm pretty sure it has some.

--
sajolida