Feature #7787

Better document the (lack of) BlueTooth support in Tails

Added by sajolida 2014-08-16 16:34:46 . Updated 2015-11-07 23:56:07 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Hardware support
Target version:
Start date:
2014-08-16
Due date:
% Done:

0%

Feature Branch:
doc/7787-bluetooth
Type of work:
End-user documentation
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Currently, the only reference to Bluetooth support in Tails is in https://tails.boum.org/doc/advanced_topics/wireless_devices.

Which is misleading since Tails doesn’t include the required software stack to do anything useful with BlueTooth out of the box.

People reported being able to use a Bluetooth keyboard after installing the `gnome-bluetooth` package and its dependencies. But we don’t want to encourage people to use BlueTooth input devices as they are insecure when trying to protect from a local adversary. Other use cases of BlueTooth might be worth being supported (connecting to Internet via a smartphone for example).

Note that we shouldn’t consider this as a corner case as recent iMac comes with a Bluetooth keyboard and mouse by
default: https://www.apple.com/imac/features/

What we should do:

  • Document this as a security feature somewhere. Maybe /doc/advanced_topics/wireless_devices/ is good enough.
  • Document this as a known issue and point to the doc explaining why.

This way we don’t even have to add it to the FAQ.

Files

wireless_devices.patch (1137 B) goupille, 2015-10-25 09:01:34

Subtasks

Related issues

Related to Tails - Feature #5751: Support Bluetooth when it's used at boot Rejected
Related to Tails - Bug #7520: No Bluetooth icon the system settings window Duplicate 2014-07-09
Related to Tails - Feature #10801: Make bluetooth opt-in in the Greeter Confirmed 2015-12-29

History

#1 Updated by sajolida 2014-08-16 16:35:38

  • related to Feature #5751: Support Bluetooth when it's used at boot added

#2 Updated by sajolida 2014-08-16 16:36:21

  • related to Bug #7520: No Bluetooth icon the system settings window added

#3 Updated by sajolida 2014-08-16 16:38:02

  • Description updated

#4 Updated by sajolida 2014-11-07 15:38:45

  • Subject changed from FAQ: Document better BlueTooth support in Tails to Document better BlueTooth support in Tails
  • Description updated
  • Category changed from 208 to Hardware support

#5 Updated by intrigeri 2014-11-07 16:19:56

  • Subject changed from Document better BlueTooth support in Tails to Better document the (lack of) BlueTooth support in Tails

#6 Updated by BitingBird 2014-12-03 15:08:13

  • Status changed from Confirmed to In Progress
  • QA Check set to Ready for QA

#7 Updated by BitingBird 2014-12-03 18:18:38

  • Target version set to Tails_1.2.2

This one is in my master, i didn’t do a branch - sorry

#8 Updated by BitingBird 2014-12-03 19:22:45

  • Assignee set to sajolida

#9 Updated by sajolida 2014-12-11 17:46:04

  • Description updated
  • Assignee changed from sajolida to BitingBird
  • QA Check changed from Ready for QA to Dev Needed
  • Feature Branch set to doc/7787-bluetooth

I rescued your commit in a dedicated branch: doc/7787-bluetooth. Please work on this branch from now on.

Context:

Bluetooth can be used for many different things: connecting to a phone to synchronize your agenda on your tablet, getting keystrokes from a keyboard, getting 3G connectivity from a phone, etc.

The tricky issue behind this ticket is to differentiate between different usages from Bluetooth. Because for exemple the old documentation page is still relevant for using Bluetooth to get 3G connectivity from a phone for example. We want this to be possible and it is “safe” (as “safe” as using Wi-Fi or 3G can be).

What we decided to prevent as “insecure” is the use of Bluetooth for input devices (keyboard and mouse).

So, regarding your commit:

  • In your first sentence, your are saying both that Bluetooth is enabled and needs to be enabled which is contradictory.
  • Bluetooth is wireless, so the distinction in titles between “wireless device” and “Bluetooth” is confusing.
  • Is we recommend again using a Bluetooth input device, then I’m against explaining how to do it “nonetheless”. People should get a USB keyboard instead!
  • Explaining a bit more about the possible attack by the “local adversary” would make our design decision more understandable by the user.

#10 Updated by anonym 2014-12-12 16:41:57

  • Target version changed from Tails_1.2.2 to Tails_1.2.3

#11 Updated by BitingBird 2015-01-08 05:35:06

  • Target version changed from Tails_1.2.3 to Tails_1.3

#12 Updated by BitingBird 2015-01-16 13:43:22

  • Assignee changed from BitingBird to sajolida
  • QA Check changed from Dev Needed to Info Needed

Actually, I’m a bit lost with this one, maybe I don’t understand enough to write it.

I think it’s a good idea to explain the risks (or link to an explanation), but I also think it’s good to leave the explanation on how to enable it, it’s in the “advanced topics” and some people have no, or few, USB ports on their computers (yes I know, stupid computers, but…).

So… can I leave this one to you?

#13 Updated by BitingBird 2015-02-10 13:53:54

  • Target version changed from Tails_1.3 to Tails_1.3.2

#14 Updated by sajolida 2015-02-24 12:35:27

  • Assignee deleted (sajolida)
  • Target version deleted (Tails_1.3.2)
  • QA Check changed from Info Needed to Dev Needed

I won’t put it on my plate right now, so I’m only deassigning it from you for the time being.

#15 Updated by intrigeri 2015-02-24 14:57:56

Note that someone I’ve been mentoring privately in the last 2 months will be submitting a branch that blacklists bluetooth by default (like we do for network adapters already) and allows users to opt-in for it in the Greeter (since we cannot spoof Bluetooth unique IDs). So perhaps it’s worth waiting a bit on the doc side.

#16 Updated by goupille 2015-10-25 09:00:18

I made a patch that rewrite the first sentence of /doc/advanced_topics/wireless_devices.mdwn, just to make it understandable. I post it here because I think it is the least to do for that ticket.

#17 Updated by goupille 2015-10-25 09:01:44

and I forgot the patch.

#18 Updated by sajolida 2015-10-26 04:40:51

  • Assignee set to sajolida
  • QA Check changed from Dev Needed to Ready for QA

I’m not sure what happened here but I need to fix the phrasing and bugs introduced with 4fa1c46.

#19 Updated by intrigeri 2015-10-26 04:46:44

(OT: ideally we would check if there’s good enough doc about how we use Redmine, that we should point goupille, elouann and others to.)

#20 Updated by goupille 2015-10-26 06:25:23

sajolida wrote:
> I’m not sure what happened here but I need to fix the phrasing and bugs introduced with 4fa1c46.

I was very disturbed by the contradictory sentence, and a little bored, so I did not wait for an answer on the list and made that patch, thinking that it wouldn’t hurt anybody, and posted it here, since I thought it was the minimal way to better document the Bluetooth support

and I would love to read a doc about how I should use Redmine.

#21 Updated by sajolida 2015-11-03 09:35:07

  • Assignee changed from sajolida to goupille

Thanks for the patch. Actually, I think that the “Enable BlueTooth” section is problematic in itself, so I commented it out in 613b14c. I also rephrased once more the first sentence. Your version had two negations that made it complicated to understand (even if it was more correct than the previous version). I also added a bug note as this is a problem we’re conscious about.

Yes, I could probably have spend a bit more time to fix all this properly instead of commenting things out but this it too low priority for me to spend more time on this right now.

People willing to fix this once and for good, should go back to the section that’s commented out and fix the issues raised in commit 613b14c.

goupille, tell me what you think of my branch and if you’re ok I’ll merge it.

#22 Updated by goupille 2015-11-06 09:37:21

if I understand correctly, in your new branch, the first paragraph is saying “see below to enable bluetooth” but you commented out the last paragraph so there is nothing to see below ? if that’s so, it may be better to just say that enabling Bluetooth is not supported at the moment…

#23 Updated by goupille 2015-11-06 09:37:54

  • Assignee changed from goupille to sajolida

goupille wrote:
> if I understand correctly, in your new branch, the first paragraph is saying “see below to enable bluetooth” but you commented out the last paragraph so there is nothing to see below ? if that’s so, it may be better to just say that enabling Bluetooth is not supported at the moment…

#24 Updated by sajolida 2015-11-06 12:05:57

  • Assignee changed from sajolida to goupille

I added two commits on top of yours on this branch: 613b14c and 827eaef. I’m sorry I only mentioned 613b14c in my previous comment.

To be able to see the changes between master and my branch, you can do:

git diff origin/master...origin/doc/7787-bluetooth
git log -p origin/master..origin/doc/7787-bluetooth

^ Write these down as they’re super useful to review basically anything.

#25 Updated by goupille 2015-11-07 08:05:37

  • Assignee changed from goupille to sajolida

I reviewed your branch, and I think it’s perfect like that :)

thanks for the git commands !

cheers.

#26 Updated by sajolida 2015-11-07 23:56:07

  • Status changed from In Progress to Resolved
  • Assignee deleted (sajolida)
  • QA Check deleted (Ready for QA)

Merged with b6528ab, thanks!

Redmine+Git mafia: Yeah, I put a wrong ticket number in the commit message. But I’m prohibited to use —force to correct this and I don’t know how to do it otherwise.

#27 Updated by Anonymous 2018-01-19 14:21:32

  • related to Feature #10801: Make bluetooth opt-in in the Greeter added