summaryrefslogtreecommitdiffstats
path: root/wiki/src/blueprint/veracrypt.mdwn
diff options
context:
space:
mode:
authorsajolida <sajolida@pimienta.org>2017-12-11 17:30:35 +0000
committersajolida <sajolida@pimienta.org>2017-12-11 17:30:35 +0000
commit924036b2cb90f1e92e8547722580e1fa07b723dc (patch)
treeae1f70d4fc857c0906d4528e0fc639a182cfe93b /wiki/src/blueprint/veracrypt.mdwn
parentcf1214ec90f0ba3653b37c839e6c1e4df79bdf09 (diff)
Add output of UX sprint
Diffstat (limited to 'wiki/src/blueprint/veracrypt.mdwn')
-rw-r--r--wiki/src/blueprint/veracrypt.mdwn100
1 files changed, 100 insertions, 0 deletions
diff --git a/wiki/src/blueprint/veracrypt.mdwn b/wiki/src/blueprint/veracrypt.mdwn
index e4c5310..41e9d56 100644
--- a/wiki/src/blueprint/veracrypt.mdwn
+++ b/wiki/src/blueprint/veracrypt.mdwn
@@ -35,6 +35,8 @@ Research questions
1. How technical are VeraCrypt users? Tails+VeraCrypt users?
- For example: Are they used to GNOME Disks?
+<a id="survey"></a>
+
Results of the online survey on *file storage encryption*
---------------------------------------------------------
@@ -404,3 +406,101 @@ techniques that they mentioned or if they only heard of them.
- We were also surprised to see OnionShare mentioned almost as
frequently as LUKS or ZIP with password. Good news for Micah Lee!
+
+<a id="scope"></a>
+
+
+Scope of our work
+=================
+
+We defined the scope of our work based the preliminary research work
+that we did, both in terms of user needs and technical feasibility.
+
+[[!img https://labs.riseup.net/code/attachments/download/1837/scope.png link="no"]]
+
+Goals
+-----
+
+- The **opening of file containers** is a must as 76% of Tails+VeraCrypt
+ users use file containers.
+
+ It's also interesting because using a single file to store a file
+ system is a possibility that is not offered by the other encryption
+ techniques in Tails.
+
+ This goal is the most challenging in terms of interactions, because:
+
+ - It's a new concept ("*mounting a file*").
+ - We cannot rely on file containers having a .TC or .HC extension.
+ - GNOME Files cannot automatically identify and flag file containers
+ as such.
+
+- The **opening of partitions** will be much easier to implement and
+ integrate than file containers and relevant for 65% of Tails+VeraCrypt
+ users.
+
+- The **opening of hidden volumes** has a very good cost/benefit ratio
+ and will please the users of this very popular feature.
+
+- The **opening of legacy TrueCrypt volumes** will come with almost no
+ UX or backend cost.
+
+- The **opening with keyfiles** and **opening of system partitions**
+ will also be very cheap to add to the custom dialogs that we will
+ already have to implement for the opening of hidden volumes.
+
+- The **integration in the sidebar of GNOME Files** of opened file
+ containers will require to patch the GTK library which was not
+ expected initially. But we will have to patch GTK anyway to customize
+ the unlocking dialog of partition with hidden volumes anyway. The UX
+ cost of not integrating unlocked file containers in the sidebar would
+ also be quite high.
+
+Optional goals
+--------------
+
+- We have a solid UX design for the **creation of new partitions**. The
+ **creation of new file containers** will be harder to discover for the
+ user but will almost come for free once we support creating new
+ partitions.
+
+- The **modification of existing volumes** will be very similar to the
+ creation of new volumes.
+
+- **VeraCrypt Mounter** is a very simple application wrapper that we
+ designed and tested. It makes it easier for users to learn how to use
+ VeraCrypt in Tails and makes it faster to open file containers.
+ *VeraCrypt Mounter* would only be available in Tails.
+
+ If we cannot create *VeraCrypt Mounter* in time we will replace it
+ with a link to our documentation which should lead to similar success
+ rates but a bit less comfort for first time users.
+
+Non goals
+---------
+
+- **Opening of loop-AES and dm-crypt volumes**: Loop-AES and dm-crypt
+ volumes are other encryption formats that are indistinguishable from
+ VeraCrypt volumes while they are locked (both look like random data).
+ Even if some of our work could be make it easier to support Loop-AES
+ and dm-crypt, we won't do that because these formats are not popular
+ enough.
+
+<a id="ui"></a>
+
+User interface
+==============
+
+### Changes to GNOME Disks
+
+[[!img https://labs.riseup.net/code/attachments/download/1833/disks-format-partition.png link="no"]]
+
+[[!img https://labs.riseup.net/code/attachments/download/1834/disks-format-partition-password.png link="no"]]
+
+### Unlock dialog in gvfs
+
+[[!img https://labs.riseup.net/code/attachments/download/1835/gvfs-monitor-unlock-veracrypt-volume.png link="no"]]
+
+### *VeraCrypt Mounter*
+
+[[!img https://labs.riseup.net/code/attachments/download/1836/veracrypt-mounter.png link="no"]]