Bug #12392

Correct documentation regarding 'Check for updates'

Added by emmapeel 2017-03-20 12:11:50 . Updated 2017-10-02 17:47:24 .

Status:
Resolved
Priority:
Low
Assignee:
Category:
Target version:
Start date:
2017-03-20
Due date:
% Done:

0%

Feature Branch:
Type of work:
End-user documentation
Blueprint:

Starter:
Affected tool:
Upgrader
Deliverable for:

Description

When a user starts, lets say… Tails 2.3 (current is 2.11), receives an error message:

file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html

That says:

This error could also be caused by:
 - an error in Tails Upgrader
 - a failure or an attack on the Tor exit node being used, your 
   Internet service provider, or our website.
Sending us a report is the best way to further analyse the error.

so the user of an old Tails version sends us a report.

We should add to this list something like:

- the version of Tails you are running is too old to do an automatic upgrade, please do a manual upgrade

Subtasks

Related issues

Related to Tails - Feature #12492: Instruct people with a version older than n-2 to do manual upgrade in /doc/upgrade/error/check Resolved 2017-04-29
Related to Tails - Feature #11131: Endless automatic upgrades Rejected 2015-01-05
Related to Tails - Bug #12365: Upgrade automatic and manual upgrade screenshots Resolved 2017-03-18
Blocks Tails - Feature #13423: Core work 2017Q3: Technical writing Resolved 2017-07-05

History

#1 Updated by intrigeri 2017-03-20 13:46:27

  • Assignee set to sajolida
  • QA Check changed from Dev Needed to Ready for QA
  • Affected tool set to Upgrader

FTR, in this specific case, Tails 2.3 has an expired TLS certificate hardcoded for our website.

> We should add to this list something like:

>

> - the version of Tails you are running is too old to do an automatic upgrade, please do a manual upgrade
>

Agreed!

sajolida, I can implement this if you agree with the phrasing.

#2 Updated by sajolida 2017-04-07 15:14:31

#3 Updated by sajolida 2017-04-28 16:22:19

  • Assignee changed from sajolida to intrigeri
  • Priority changed from Normal to Low
  • QA Check changed from Ready for QA to Info Needed

My concern here is about how to help the user decide how old is too old? Without understanding this she will still not now if it makes sense to send us a report or not and the original problem of this ticket won’t be solved.

Given that the user can see in About Tails both the version number and how old this version is, I see two ways of solving this:

  • By giving an approximation and saying “too old (more than XXX months old)”. The pros is that it’s simple to us and doesn’t require maintenance. The cons is that the age of Tails versions that will not be supported by Tails Upgrader might vary widely (I understand that this will mostly happen because of SSL issues) and this might lead to less useful reports sometimes.
  • By indicating which minimum version number is supposed to work correctly and saying "too old (version 2.3 or earlier). The pro is that it will be more precise and possibly lead to more useful reports. The cons is that we will have to keep this updated (maybe adding a note in the code of Tails Upgrader dealing with certificate pinning would help).

I really don’t mean to overengineer things here and if we think that it’s not worth it, I propose we do nothing and keep on pushing a few useless reports to the help desk rather than adding more confusion on the user’s side.

What we could add to this page and that would always be helpful is to instruct people with versions older than n-2 to do a manual upgrade because they won’t have automatic upgrades anyway.

Moving this to Low prio unless someone disagrees.

Assigning to intrigeri as I need to understand better in which cases and with which frequency we expect this to happen.

#4 Updated by intrigeri 2017-04-29 10:22:02

  • Assignee changed from intrigeri to sajolida

First, let me clarify that this problem will only happen if our website moves away from Let’s Encrypt, or when Let’s Encrypt changes their root certificate. Both are much less likely than what happened when we were using commercial CAs and changing CAs from time to time. So this problem will happen pretty rarely, so I agree that this is Low priority. With this in mind, I don’t think it should be part of Feature #12432, I don’t think we should spend more than 1 hour on it, but that’s your call.

> Given that the user can see in About Tails both the version number and how old this version is, I see two ways of solving this:

> * By giving an approximation and saying “too old (more than XXX months old)”. The pros is that it’s simple to us and doesn’t require maintenance. The cons is that the age of Tails versions that will not be supported by Tails Upgrader might vary widely (I understand that this will mostly happen because of SSL issues) and this might lead to less useful reports sometimes.

Another way would be that Tails Upgrader simply points to the full (manual) upgrade doc whenever it detects it’s running on a Tails that’s more than N months old, without even bothering checking for updates. I mean, in this case we don’t need to check in order to give the user actionable advice, and as this ticket shows the check can fail. So this ticket could become a low-priority, “Easy” coding task.

> * By indicating which minimum version number is supposed to work correctly and saying "too old (version 2.3 or earlier). The pro is that it will be more precise and possibly lead to more useful reports. The cons is that we will have to keep this updated (maybe adding a note in the code of Tails Upgrader dealing with certificate pinning would help).

I don’t understand how this can work. We run the version of Tails Upgrader that was shipped in the ISO back when it was installed, and Feature #10968 isn’t done yet.

> I really don’t mean to overengineer things here and if we think that it’s not worth it, I propose we do nothing and keep on pushing a few useless reports to the help desk rather than adding more confusion on the user’s side.

Yes, this.

> What we could add to this page and that would always be helpful is to instruct people with versions older than n-2 to do a manual upgrade because they won’t have automatic upgrades anyway.

Yes.

#5 Updated by sajolida 2017-04-29 17:44:37

  • related to Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version added

#6 Updated by sajolida 2017-04-29 17:52:28

  • Assignee deleted (sajolida)
  • QA Check deleted (Info Needed)

> First, let me clarify that this problem will only happen if our website moves away from Let’s Encrypt…

Cool! That’s what I wanted to know.

> With this in mind, I don’t think it should be part of Feature #12432

Agreed. I’m not sure exactly how I’ll use this ticket but this time I wanted to make at least this discussion part of Feature #12432 :)

> Another way would be that Tails Upgrader simply points to the full (manual) upgrade doc whenever it detects it’s running on a Tails that’s more than N months old, without even bothering checking for updates.

But my understanding is that this wouldn’t work if we do Feature #11131#note-6.

Let’s say we have Feature #11131#note-6 in place for 4.0, then people still starting a very old 4.0 after 4.11 is released (1.5 years later) could still do an automatic upgrade and it would be sad to have Tails Upgrader guess that it’s not possible when it actually is.

Granted, we don’t have Feature #11131#note-6 yet so we could still implement what you are proposing with N being 12 weeks since we’re publishing IUKs for n-2 to n.

The downsides is that we risk forgetting about this setting of Tails Upgrader if we decide to publish let’s say 3 IUKs or we will have people running version n-3 not offered the IUK to version n.

But that seems the only way forward so I’m creating Feature #12493 and blocking this ticket with it.

>> * By indicating which minimum version number is supposed to work correctly and saying "too old (version 2.3 or earlier). The pro is that it will be more precise and possibly lead to more useful reports. The cons is that we will have to keep this updated (maybe adding a note in the code of Tails Upgrader dealing with certificate pinning would help).
>
> I don’t understand how this can work. We run the version of Tails Upgrader that was shipped in the ISO back when it was installed, and Feature #10968 isn’t done yet.

And we’re pointing people to a local page on the ISO, so indeed, this doesn’t work.

>> What we could add to this page and that would always be helpful is to instruct people with versions older than n-2 to do a manual upgrade because they won’t have automatic upgrades anyway.
>
> Yes.

Creating Feature #12492 for that one.

#7 Updated by sajolida 2017-04-29 17:52:57

  • related to deleted (Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version)

#8 Updated by sajolida 2017-04-29 17:53:00

  • blocked by Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version added

#9 Updated by Anonymous 2017-06-30 13:06:15

  • related to Feature #12492: Instruct people with a version older than n-2 to do manual upgrade in /doc/upgrade/error/check added

#10 Updated by Anonymous 2017-06-30 13:07:41

#11 Updated by Anonymous 2017-06-30 13:09:01

  • related to Bug #12365: Upgrade automatic and manual upgrade screenshots added

#12 Updated by sajolida 2017-07-05 18:57:50

  • blocked by deleted (Feature #12432: Technical writing core work 2017Q2)

#13 Updated by sajolida 2017-07-05 18:58:04

#14 Updated by sajolida 2017-10-02 17:46:45

  • blocks deleted (Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version)

#15 Updated by sajolida 2017-10-02 17:47:24

  • Status changed from Confirmed to Resolved

The discussion was resolved with the creation of Feature #12492 and Feature #12493.