Re: [Tails-project] correctness of future Home and About pag…

このメッセージを削除

このメッセージに返信
著者: sajolida
日付:  
To: Public mailing list about the Tails project
題目: Re: [Tails-project] correctness of future Home and About pages
intrigeri:
> sajolida (2020-01-14):
>> These weeks we are working with Andrés on the content and illustrations
>> for the future Home and About pages.
>
> It's awesome! \o/


Thanks! And it'll get better until release early March :)

>> But I also wanted to check with you whether:
>>
>> * What I wrote is actually correct. Sometimes we have to find trade-offs
>> between simplicity or standard over technical correctness. For
>> example, we're switching from "almost any computer" to "any computer"
>> on purpose. Or that Tails might be not be theoretically safe from all
>> possible viruses ever, but in practice we want it to be. But you might
>> be able to catch important bugs in my writing and this week would be a
>> good time for that.
>
> Three things:
>
>  - I'm a bit concerned that we're claiming that Tails can turn random,
>    untrusted hardware, into a "secure machine". Tails protects against
>    a compromised OS, but not against compromised hardware. And even
>    that is rather inaccurate: for example, a compromised OS can
>    downgrade the machine's firmware to re-introduce security flaws
>    that newer versions of said firmware have fixed. Good luck with
>    figuring out how to explain this :/


Indeed, good luck! Especially since we cannot give any practical advice
regarding how people can know whether their hardware is trustworthy or not.

So I added something that could point to /doc/about/warning more in general:

« Still, Tails cannot always protect you if you install it from a
computer with viruses or if you use it on a computer with malicious
hardware, like keyloggers. »

>  - In "The memory is securely deleted when shutting down", I'm not
>    sure what "securely" means. I think memory is overwritten with
>    zeroes, which should be good enough in practice, but does not
>    really match how "secure deletion" is usually understood in
>    similar contexts.


I changed it to:

« All the memory is deleted when shutting down. »

>  - I'm surprised by the "more than 6 000 relays" number but I trust
>    you checked this (at a time when there's no unusual situation or
>    DoS that would skew the numbers :)


Quite more than 6000 actually:

# grep '^r ' /var/lib/tor/cached-microdesc-consensus | wc -l
6348

And:

https://metrics.torproject.org/networksize.html

>> * What I wrote is something that we are fine displaying on our website,
>> in terms of public relationships, ethics, alignment with our mission
>> and values, etc.
>
> Only one comment, but it's important to me: I feel uncomfortable
> boasting about the diversity of our community. It's true that our
> community includes lots of different people. But if one looks at the
> current situation through the prism of statistics, sadly, this claim
> does not reflect the facts. The current state of things is not good
> enough, by far, for me to feel comfortable presenting it in
> a positive light.


I already spotted this since Saturday and changed it to "open". Also,
diversity doesn't really fit in this section while "open" gives emphasis
to "nonprofit".

--
sajolida
Tails — https://tails.boum.org/
UX · Fundraising · Technical Writing