path: root/wiki/src/blueprint/veracrypt.mdwn
diff options
authorsajolida <>2017-12-11 17:30:35 +0000
committersajolida <>2017-12-11 17:30:35 +0000
commit924036b2cb90f1e92e8547722580e1fa07b723dc (patch)
treeae1f70d4fc857c0906d4528e0fc639a182cfe93b /wiki/src/blueprint/veracrypt.mdwn
parentcf1214ec90f0ba3653b37c839e6c1e4df79bdf09 (diff)
Add output of UX sprint
Diffstat (limited to 'wiki/src/blueprint/veracrypt.mdwn')
1 files changed, 100 insertions, 0 deletions
diff --git a/wiki/src/blueprint/veracrypt.mdwn b/wiki/src/blueprint/veracrypt.mdwn
index e4c5310..41e9d56 100644
--- a/wiki/src/blueprint/veracrypt.mdwn
+++ b/wiki/src/blueprint/veracrypt.mdwn
@@ -35,6 +35,8 @@ Research questions
1. How technical are VeraCrypt users? Tails+VeraCrypt users?
- For example: Are they used to GNOME Disks?
+<a id="survey"></a>
Results of the online survey on *file storage encryption*
@@ -404,3 +406,101 @@ techniques that they mentioned or if they only heard of them.
- We were also surprised to see OnionShare mentioned almost as
frequently as LUKS or ZIP with password. Good news for Micah Lee!
+<a id="scope"></a>
+Scope of our work
+We defined the scope of our work based the preliminary research work
+that we did, both in terms of user needs and technical feasibility.
+[[!img link="no"]]
+- The **opening of file containers** is a must as 76% of Tails+VeraCrypt
+ users use file containers.
+ It's also interesting because using a single file to store a file
+ system is a possibility that is not offered by the other encryption
+ techniques in Tails.
+ This goal is the most challenging in terms of interactions, because:
+ - It's a new concept ("*mounting a file*").
+ - We cannot rely on file containers having a .TC or .HC extension.
+ - GNOME Files cannot automatically identify and flag file containers
+ as such.
+- The **opening of partitions** will be much easier to implement and
+ integrate than file containers and relevant for 65% of Tails+VeraCrypt
+ users.
+- The **opening of hidden volumes** has a very good cost/benefit ratio
+ and will please the users of this very popular feature.
+- The **opening of legacy TrueCrypt volumes** will come with almost no
+ UX or backend cost.
+- The **opening with keyfiles** and **opening of system partitions**
+ will also be very cheap to add to the custom dialogs that we will
+ already have to implement for the opening of hidden volumes.
+- The **integration in the sidebar of GNOME Files** of opened file
+ containers will require to patch the GTK library which was not
+ expected initially. But we will have to patch GTK anyway to customize
+ the unlocking dialog of partition with hidden volumes anyway. The UX
+ cost of not integrating unlocked file containers in the sidebar would
+ also be quite high.
+Optional goals
+- We have a solid UX design for the **creation of new partitions**. The
+ **creation of new file containers** will be harder to discover for the
+ user but will almost come for free once we support creating new
+ partitions.
+- The **modification of existing volumes** will be very similar to the
+ creation of new volumes.
+- **VeraCrypt Mounter** is a very simple application wrapper that we
+ designed and tested. It makes it easier for users to learn how to use
+ VeraCrypt in Tails and makes it faster to open file containers.
+ *VeraCrypt Mounter* would only be available in Tails.
+ If we cannot create *VeraCrypt Mounter* in time we will replace it
+ with a link to our documentation which should lead to similar success
+ rates but a bit less comfort for first time users.
+Non goals
+- **Opening of loop-AES and dm-crypt volumes**: Loop-AES and dm-crypt
+ volumes are other encryption formats that are indistinguishable from
+ VeraCrypt volumes while they are locked (both look like random data).
+ Even if some of our work could be make it easier to support Loop-AES
+ and dm-crypt, we won't do that because these formats are not popular
+ enough.
+<a id="ui"></a>
+User interface
+### Changes to GNOME Disks
+[[!img link="no"]]
+[[!img link="no"]]
+### Unlock dialog in gvfs
+[[!img link="no"]]
+### *VeraCrypt Mounter*
+[[!img link="no"]]