-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for exporting documents/messages #21
Comments
Should export be in encrypted form; if so, what key should be used? |
Per discussion with @redshiftzero, the export would not be in encrypted form for 0.1.0alpha. If/when we support YubiKey/NitroKey type devices for journalists' private keys, we may want to use that key as well for secure export functionality. The user experience here still looks pretty complicated (show dialog asking user to insert device and attach it to VM; attempt to access device; if successful, copy files; ask user to detach the device). Are there ways we could simplify that experience, e.g., by having the VM request permission to access an inserted device, rather than the user having to manually grant it? |
Preliminary prototype by @ninavizz for what the export wizard could look like: https://projects.invisionapp.com/share/B5OKY9YRN7H#/screens/325612328 The first test we've run of this workflow suggests that users may not intuitively understand that this is a wizard with multiple steps. They may attempt to complete the process by clicking "Drive attached" before they've stepped through all the required instructions. Some ideas for how this could be re-worked:
If this times out, we show a warning/error and invite the user to try again by following the steps. If the user clicks the "Don't show instructions" checkbox, it would immediately go to that screen. Does that seem workable? Are there other ways we could make this simpler for the user? |
The wireframes (in the prototype) show literally my first stab at sketching-out the workflow. Totally open to more ideas! Also looking forward to refining it as things progress. :) |
See latest prototype/wireframes for this, here: https://github.com/freedomofpress/securedrop-ux/wiki/Qubes-Journalist-Workstation#production-things |
We've decided to remove this from the alpha goals. For the purposes of the audit, we will merely document the intended workflow for export, so the auditors can give us feedback on whether this seems architecturally sound. |
Per discussion in freedomofpress/securedrop-workstation#84 we're increasingly thinking that this should take the form of a disposable export VM. The workflow could be similar to a shopping basket, where the client lets you collect an arbitrary number of documents which then can be exported into a USB-connected disposable VM. This could include optional pre-processing steps such as conversion of PDF files to trusted PDFs (see #235). |
See freedomofpress/securedrop-ux#57 (comment) for the agreed upon export flow. |
Closing in favor of more clearly scoped #526 and follow-up issues. |
Fresh wheels's sha256sums from the s3 bucket
Uses new reproducible wheels from our builds
Adds APIProxy class to use securedrop-proxy
As a journalist, I want to be able to export all messages and files associated with a source, so that I can handle archival and other post-submission work as I see fit.
"Export" in this case means creating a copy, e.g., on a USB drive.
There are two types of export workflows we should support:
Ideally we should support both in the first iteration, but if we have to compromise, we can start with single file export.
The text was updated successfully, but these errors were encountered: