| Summary: | Default to CryFS for new vaults; hide the setting asking which one the user wants behind an "Advanced Settings" button or something | ||
|---|---|---|---|
| Product: | [Unmaintained] Plasma Vault | Reporter: | Nate Graham <nate> |
| Component: | general | Assignee: | Ivan Čukić <ivan.cukic> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | cryptodude |
| Priority: | NOR | ||
| Version First Reported In: | unspecified | ||
| Target Milestone: | --- | ||
| Platform: | Neon | ||
| OS: | Linux | ||
| Latest Commit: | https://commits.kde.org/plasma-vault/7f15ce92206938871aa817a5179ae0483bcb49c8 | Version Fixed In: | |
| Sentry Crash Report: | |||
| Attachments: |
encfs package scary warning
UI file. |
||
> Installing the encfs pops up a scary message that's totally odds with the idea of Vault to be user-friendly and obscure unnecessary technical details.
I feel this is a bugreport that should go to your packager as this is not a KDE screen you attached.
I also installed the package on my distro and no such warning came up.
The package is from KDE Neon. :) Obviously KDE does not provide the package, and it's possible that our Neon Packagers can suppress this scary screen. But the fact remains that it's not terribly reasonable to make the user choose from two highly technical options in a piece of software that aspires to simplicity and user-friendliness. IMHO a "good enough" default is appropriate, with the other choice hidden behind an "Advanced Settings" screen or something. There are two parts to your question; first is the dependencies when you install the vault. (i.e. which other packages it drags in). This is distro specific, technically speaking you can install the vault with zero backends and it will run fine. Noticing the backend at run time. I suggest opening a bugreport with the neon packagers if it automatically installs the Encfs one (since they probably inherit the scary dialog from Debian). Second part is that the wizard becomes a bit smarter and starts on page 2 if there is exactly one backend installed. I would support both these actions. The message does come from the Debian package, and yes, it looks scary. I do not think the message is a problem though, nor do I think that a "good enough" default is good enough for when data privacy is concerned. Vault is trying to balance on the edge between user-friendly and actually useful. If you want to keep your data safe, you need to be at least a little bit informed. And that is why the messages like that one are there. If the user wants to be completely ignorant regarding the technical details, there is always the TL;DR click the "Next" button option. One of the reasons behind this (let's teach the user something) approach is the "well, my whole system is encrypted, so I'm safe" mentality that many people have, without considering that every approach has a downside. IMO, if it's intentional that the user will have to acknowledge a message like that and make a decision between two encryption formats, you've already lost all the non-technical users. Which is fine, but it's important to know that the actual audience may be different from the original intended audience. But it's your software not mine, and I respect your decision. I disagree (and from the mails I got so far, this does not seem to be a problem). For analogy, most Windows apps show EULAs during installations. Does it deter non-lawyers to install the application? No, everyone just skips the EULA. The messages that the Vault shows are easy enough to be understood by non-technical people. For those that do not care about this stuff, they can just skip it like it was an EULA. Created attachment 108538 [details]
UI file.
Proposed UI file.
What about a solution that gives you both what you want? I like the idea to make things as easy as reasonable, but still make the complex possible. A wizard is an ideal place to make this work automatically for those that want, while giving the freedom to people that want more. For instance the attached UI file. Its pretty easy to change the cpp to autoselect one backend, especially if there is only one installed. It would set it on the (now empty) text label and most users need not care further. Then make the 'choose' button switch to the second page of the stacked-widget which brings forward the current UI. I'd program it and provide a patch if you can tell me how I can actually debug a kded 'plugin'. Patches are always welcome, cryptodude! Can you submit that as a new patch on http://phabricator.kde.org/? We can continue the discussion there. Be sure to add screenshots and put the keyword "BUG: 385971" on its own line in the Summary section. Documentation is here: https://community.kde.org/Infrastructure/Phabricator UI uploaded to https://phabricator.kde.org/D8449 Git commit 7f15ce92206938871aa817a5179ae0483bcb49c8 by Ivan Čukić, on behalf of Kees vd Broek. Committed on 29/11/2017 at 07:53. Pushed by ivan into branch 'master'. Have a default backend (if one available) Summary: The creation of a new vault uses a wizard. The first page of the wizard currently shows a combobox with 2 backends, with one semi-randomly selected by default. The user is instructed to pick one. Following the bugreport on one of the backend packages being scary to install on neon, I'm proposing we make the wizard a little more wizardly. But without losing any functionality. Users that want can still do all they can do now. We make it easier for most users while not limiting the advanced ones. Reviewers: ivan, #plasma Subscribers: nicolasfella, ngraham, plasma-devel Tags: #plasma Differential Revision: https://phabricator.kde.org/D8449 M +33 -6 kded/ui/backendchooserwidget.cpp M +4 -2 kded/ui/backendchooserwidget.h M +138 -72 kded/ui/backendchooserwidget.ui M +8 -1 kded/ui/vaultcreationwizard.cpp https://commits.kde.org/plasma-vault/7f15ce92206938871aa817a5179ae0483bcb49c8 |
Created attachment 108464 [details] encfs package scary warning Installing the encfs pops up a scary message that's totally odds with the idea of Vault to be user-friendly and obscure unnecessary technical details. Vault should make encfs an optional dependency, and if it's not installed, Vault should default to cryfs for new vaults, and not even offer a choice.