Feature #5636

Document how to access internal hard disks

Added by Tails 2013-07-18 07:43:50 . Updated 2015-02-10 12:42:48 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

100%

Feature Branch:
doc/5636-accessHD
Type of work:
End-user documentation
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Tails can access local hard disks when an administrative password is set at boot time. That ought to be documented (and also what can be dangerous such action).


Subtasks


Related issues

Has duplicate Tails - Bug #6854: Create a doc page "how to access your hard disk" Duplicate 2014-03-06
Blocks Tails - Feature #5398: Improve "your data won't be saved unless explicitly asked" documentation Resolved
Blocks Tails - Feature #7143: Rework /doc/advanced_topics/virtualization/ Resolved 2014-04-30
Blocks Tails - Bug #8881: Explain how to access HD when it's a LVM volume Resolved 2015-02-08

History

#1 Updated by intrigeri 2014-03-24 08:56:05

  • has duplicate Bug #6854: Create a doc page "how to access your hard disk" added

#2 Updated by intrigeri 2014-07-03 15:22:07

  • blocked by deleted (Feature #6860: Conduct a usability testing session on Tails at NUMA)

#3 Updated by BitingBird 2014-12-03 21:35:05

  • related to Feature #5398: Improve "your data won't be saved unless explicitly asked" documentation added

#4 Updated by BitingBird 2015-01-16 15:51:27

  • related to deleted (Feature #5398: Improve "your data won't be saved unless explicitly asked" documentation)

#5 Updated by BitingBird 2015-01-16 15:51:38

  • blocks Feature #5398: Improve "your data won't be saved unless explicitly asked" documentation added

#6 Updated by BitingBird 2015-01-16 16:17:29

  • Description updated
  • Assignee set to sajolida
  • Target version set to Tails_1.3
  • QA Check set to Ready for QA
  • Feature Branch set to bitingbird:doc/5636-accessHD

Please review & merge :)

#7 Updated by intrigeri 2015-01-16 17:40:52

  • Feature Branch changed from bitingbird:doc/5636-accessHD to doc/5636-accessHD

Rebased on master.

#8 Updated by intrigeri 2015-01-21 10:22:44

  • Status changed from Confirmed to In Progress

#9 Updated by sajolida 2015-01-25 19:56:46

  • Assignee changed from sajolida to BitingBird
  • QA Check changed from Ready for QA to Dev Needed

Thanks for the draft. I pushed a few commits to doc/5636-accessHD so make sure to fetch them.

Here are a few comments:

  • Use dotted lists when doing enumerations to make them more scanned to the eyes. Here the first class=“caution” could be changed into a list. Bonus points: it will break your sentence which is more than 25 words right now.
  • The last part “an application is compromised, this can lead to de-anonymisation” would benefit to be a bit more explicit. Is it that an compromised application could access the data on the disk and from that de-anonymize you?
  • Do a git grep on the wiki to find the usual and more technically correct version of “you need to select the administration password startup option”. Reuse is the key!
  • Check the GDSG for the correct version of “left panel”: https://developer.gnome.org/gdp-style-guide/2.32/gdp-style-guide.html
  • Use class=“caution” only for dangerous things. Your last three items should be class=“note” probably.
  • I’m not satisfied with “a bit more complicated”… Persmissions problem can be fixed by opening Nautilus as root. If we don’t want to explain that, what about saying something about requiring administration rights?
  • Regarding LVM, what happens by default? what happens if you run vgchange -ay do we want to document that? shall we point to external documentation?

#10 Updated by BitingBird 2015-01-26 14:49:09

sajolida wrote:
> Thanks for the draft. I pushed a few commits to doc/5636-accessHD so make sure to fetch them.
>
> Here are a few comments:
>
> * Use dotted lists when doing enumerations to make them more scanned to the eyes. Here the first class=“caution” could be changed into a list. Bonus points: it will break your sentence which is more than 25 words right now.

done

> * The last part “an application is compromised, this can lead to de-anonymisation” would benefit to be a bit more explicit. Is it that an compromised application could access the data on the disk and from that de-anonymize you?

no idea, i asked intri to list the problems and he said that.

> * Do a git grep on the wiki to find the usual and more technically correct version of “you need to select the administration password startup option”. Reuse is the key!

done (I think)

> * Check the GDSG for the correct version of “left panel”: https://developer.gnome.org/gdp-style-guide/2.32/gdp-style-guide.html

ok -> corrected to “left pane” although I find it weird

> * Use class=“caution” only for dangerous things. Your last three items should be class=“note” probably.

done

> * I’m not satisfied with “a bit more complicated”… Permissions problem can be fixed by opening Nautilus as root. If we don’t want to explain that, what about saying something about requiring administration rights?
> * Regarding LVM, what happens by default? what happens if you run vgchange -ay do we want to document that? shall we point to external documentation?

I didn’t fix both those points, because it’s also intri’s input and I don’t know.

I also didn’t fetch your modifications, I have nobody nearby to help me and the docs don’t work. Sorry.

#11 Updated by intrigeri 2015-01-26 18:52:22

> sajolida wrote:
>> * The last part “an application is compromised, this can lead to de-anonymisation”
>> would benefit to be a bit more explicit. Is it that an compromised application
>> could access the data on the disk and from that de-anonymize you?

> no idea, i asked intri to list the problems and he said that.

Right, unless the data on disk is not identifying (unlikely, taking this data as a whole), then it can be used by an exploited application to de-anonymize the user.

>> * I’m not satisfied with “a bit more complicated”… Permissions problem can be
>> fixed by opening Nautilus as root. If we don’t want to explain that, what about
>> saying something about requiring administration rights?

Sounds good. I assume it can be done with a light amount of additional work, so maybe doesn’t need another ticket and can be handled on this one.

>> * Regarding LVM, what happens by default?

Nothing useful when a PV appears (e.g. after unlocking a dm-crypt volume that hosts a PV).

>> what happens if you run vgchange -ay

Then the VG and all LVs in there appear. Maybe they can even be mounted from GNOME Disks (not sure).

>> do we want to document that? shall we point to external documentation?

I think that this would be worth another ticket, but the work done on documenting the simple cases seems already useful in itself.

#12 Updated by sajolida 2015-02-01 15:54:37

  • blocks Feature #7143: Rework /doc/advanced_topics/virtualization/ added

#13 Updated by sajolida 2015-02-01 15:57:10

intrigeri suggested that this blocks Feature #7143 when mentioning shared folders from a virtual machine.

#14 Updated by sajolida 2015-02-01 16:29:26

You apparently didn’t merge my changes into your local branch before working on it again. So I’ll redo your changes manually, since now this is blocking Feature #7143.

#15 Updated by BitingBird 2015-02-01 16:47:35

Sorry, I was waiting to have a git expert at hand before working on this again :)

#16 Updated by intrigeri 2015-02-07 12:44:54

BitingBird wrote:
> Sorry, I was waiting to have a git expert at hand before working on this again :)

I’ve had a look, and it seems that you could “simply” merge the upstream branch into yours, and then resolve the conflicts (basically everything conflicts since you’ve been working on the same paragraphs in parallel).

#17 Updated by BitingBird 2015-02-08 15:57:30

Reseted my branch, I’ll work on your further comments.

#18 Updated by BitingBird 2015-02-08 17:12:03

intrigeri wrote:
> > sajolida wrote:
> >> * The last part “an application is compromised, this can lead to de-anonymisation”
> >> would benefit to be a bit more explicit. Is it that an compromised application
> >> could access the data on the disk and from that de-anonymize you?
>
> > no idea, i asked intri to list the problems and he said that.
>
> Right, unless the data on disk is not identifying (unlikely, taking this data as a whole), then it can be used by an exploited application to de-anonymize the user.

So… sajolida, you want to change the phrasing?
>
> >> * I’m not satisfied with “a bit more complicated”… Permissions problem can be
> >> fixed by opening Nautilus as root. If we don’t want to explain that, what about
> >> saying something about requiring administration rights?
>
> Sounds good. I assume it can be done with a light amount of additional work, so maybe doesn’t need another ticket and can be handled on this one.

Changed the sentence, but I’m not sure what level of details to give.
>
> >> * Regarding LVM, what happens by default?
>
> Nothing useful when a PV appears (e.g. after unlocking a dm-crypt volume that hosts a PV).
>
> >> what happens if you run vgchange -ay
>
> Then the VG and all LVs in there appear. Maybe they can even be mounted from GNOME Disks (not sure).
>
> >> do we want to document that? shall we point to external documentation?
>
> I think that this would be worth another ticket, but the work done on documenting the simple cases seems already useful in itself.

I can open another ticket for that.

#19 Updated by BitingBird 2015-02-08 17:15:58

  • blocks Bug #8881: Explain how to access HD when it's a LVM volume added

#20 Updated by BitingBird 2015-02-08 17:54:42

  • Assignee changed from BitingBird to sajolida
  • QA Check changed from Dev Needed to Ready for QA

Opened Bug #8881 for LVM details.

For the rest, I welcome formulation propositions, because I really don’t see how to present that.

#21 Updated by sajolida 2015-02-10 08:34:24

  • Priority changed from Normal to Elevated

#22 Updated by sajolida 2015-02-10 10:06:16

  • Assignee changed from sajolida to intrigeri
  • Priority changed from Elevated to Normal

So I did five more commits, see a876b18..a2123cc. I’m now assigning this ticket to intrigeri for final review.

#23 Updated by Tails 2015-02-10 12:41:00

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

Applied in changeset commit:7d4587e1cefcdd3e8d85d0011131678f8b4f960c.

#24 Updated by intrigeri 2015-02-10 12:42:31

  • % Done changed from 100 to 0

I’m not entirely convinced by the “normal text / (caution + notes)” ratio, but oh well.

#25 Updated by intrigeri 2015-02-10 12:42:49

  • Assignee deleted (intrigeri)
  • % Done changed from 0 to 100
  • QA Check changed from Ready for QA to Pass