Project

General

Profile

Bug #12392

Correct documentation regarding 'Check for updates'

Added by emmapeel over 2 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
03/20/2017
Due date:
% Done:

0%

Feature Branch:
Type of work:
End-user documentation
Blueprint:
Starter:
Affected tool:
Upgrader

Description

When a user starts, lets say... Tails 2.3 (current is 2.11), receives an error message:

file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html

That says:

This error could also be caused by:
 - an error in Tails Upgrader
 - a failure or an attack on the Tor exit node being used, your 
   Internet service provider, or our website.
Sending us a report is the best way to further analyse the error.

so the user of an old Tails version sends us a report.

We should add to this list something like:

- the version of Tails you are running is too old to do an automatic upgrade, please do a manual upgrade

Related issues

Related to Tails - Feature #12492: Instruct people with a version older than n-2 to do manual upgrade in /doc/upgrade/error/check Resolved 04/29/2017
Related to Tails - Feature #11131: Endless automatic upgrades Rejected 01/05/2015
Related to Tails - Bug #12365: Upgrade automatic and manual upgrade screenshots Resolved 03/18/2017
Blocks Tails - Feature #13423: Core work 2017Q3: Technical writing Resolved 07/05/2017

History

#1 Updated by intrigeri over 2 years ago

  • Assignee set to sajolida
  • QA Check changed from Dev Needed to Ready for QA
  • Affected tool set to Upgrader

FTR, in this specific case, Tails 2.3 has an expired TLS certificate hardcoded for our website.

We should add to this list something like:

> - the version of Tails you are running is too old to do an automatic upgrade, please do a manual upgrade
> 

Agreed!

sajolida, I can implement this if you agree with the phrasing.

#2 Updated by sajolida over 2 years ago

#3 Updated by sajolida over 2 years ago

  • Assignee changed from sajolida to intrigeri
  • Priority changed from Normal to Low
  • QA Check changed from Ready for QA to Info Needed

My concern here is about how to help the user decide how old is too old? Without understanding this she will still not now if it makes sense to send us a report or not and the original problem of this ticket won't be solved.

Given that the user can see in About Tails both the version number and how old this version is, I see two ways of solving this:

  • By giving an approximation and saying "too old (more than XXX months old)". The pros is that it's simple to us and doesn't require maintenance. The cons is that the age of Tails versions that will not be supported by Tails Upgrader might vary widely (I understand that this will mostly happen because of SSL issues) and this might lead to less useful reports sometimes.
  • By indicating which minimum version number is supposed to work correctly and saying "too old (version 2.3 or earlier). The pro is that it will be more precise and possibly lead to more useful reports. The cons is that we will have to keep this updated (maybe adding a note in the code of Tails Upgrader dealing with certificate pinning would help).

I really don't mean to overengineer things here and if we think that it's not worth it, I propose we do nothing and keep on pushing a few useless reports to the help desk rather than adding more confusion on the user's side.

What we could add to this page and that would always be helpful is to instruct people with versions older than n-2 to do a manual upgrade because they won't have automatic upgrades anyway.

Moving this to Low prio unless someone disagrees.

Assigning to intrigeri as I need to understand better in which cases and with which frequency we expect this to happen.

#4 Updated by intrigeri over 2 years ago

  • Assignee changed from intrigeri to sajolida

First, let me clarify that this problem will only happen if our website moves away from Let's Encrypt, or when Let's Encrypt changes their root certificate. Both are much less likely than what happened when we were using commercial CAs and changing CAs from time to time. So this problem will happen pretty rarely, so I agree that this is Low priority. With this in mind, I don't think it should be part of #12432, I don't think we should spend more than 1 hour on it, but that's your call.

Given that the user can see in About Tails both the version number and how old this version is, I see two ways of solving this:

  • By giving an approximation and saying "too old (more than XXX months old)". The pros is that it's simple to us and doesn't require maintenance. The cons is that the age of Tails versions that will not be supported by Tails Upgrader might vary widely (I understand that this will mostly happen because of SSL issues) and this might lead to less useful reports sometimes.

Another way would be that Tails Upgrader simply points to the full (manual) upgrade doc whenever it detects it's running on a Tails that's more than N months old, without even bothering checking for updates. I mean, in this case we don't need to check in order to give the user actionable advice, and as this ticket shows the check can fail. So this ticket could become a low-priority, "Easy" coding task.

  • By indicating which minimum version number is supposed to work correctly and saying "too old (version 2.3 or earlier). The pro is that it will be more precise and possibly lead to more useful reports. The cons is that we will have to keep this updated (maybe adding a note in the code of Tails Upgrader dealing with certificate pinning would help).

I don't understand how this can work. We run the version of Tails Upgrader that was shipped in the ISO back when it was installed, and #10968 isn't done yet.

I really don't mean to overengineer things here and if we think that it's not worth it, I propose we do nothing and keep on pushing a few useless reports to the help desk rather than adding more confusion on the user's side.

Yes, this.

What we could add to this page and that would always be helpful is to instruct people with versions older than n-2 to do a manual upgrade because they won't have automatic upgrades anyway.

Yes.

#5 Updated by sajolida over 2 years ago

  • Related to Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version added

#6 Updated by sajolida over 2 years ago

  • Assignee deleted (sajolida)
  • QA Check deleted (Info Needed)

First, let me clarify that this problem will only happen if our website moves away from Let's Encrypt...

Cool! That's what I wanted to know.

With this in mind, I don't think it should be part of #12432...

Agreed. I'm not sure exactly how I'll use this ticket but this time I wanted to make at least this discussion part of #12432 :)

Another way would be that Tails Upgrader simply points to the full (manual) upgrade doc whenever it detects it's running on a Tails that's more than N months old, without even bothering checking for updates.

But my understanding is that this wouldn't work if we do #11131#note-6.

Let's say we have #11131#note-6 in place for 4.0, then people still starting a very old 4.0 after 4.11 is released (1.5 years later) could still do an automatic upgrade and it would be sad to have Tails Upgrader guess that it's not possible when it actually is.

Granted, we don't have #11131#note-6 yet so we could still implement what you are proposing with N being 12 weeks since we're publishing IUKs for n-2 to n.

The downsides is that we risk forgetting about this setting of Tails Upgrader if we decide to publish let's say 3 IUKs or we will have people running version n-3 not offered the IUK to version n.

But that seems the only way forward so I'm creating #12493 and blocking this ticket with it.

  • By indicating which minimum version number is supposed to work correctly and saying "too old (version 2.3 or earlier). The pro is that it will be more precise and possibly lead to more useful reports. The cons is that we will have to keep this updated (maybe adding a note in the code of Tails Upgrader dealing with certificate pinning would help).

I don't understand how this can work. We run the version of Tails Upgrader that was shipped in the ISO back when it was installed, and #10968 isn't done yet.

And we're pointing people to a local page on the ISO, so indeed, this doesn't work.

What we could add to this page and that would always be helpful is to instruct people with versions older than n-2 to do a manual upgrade because they won't have automatic upgrades anyway.

Yes.

Creating #12492 for that one.

#7 Updated by sajolida over 2 years ago

  • Related to deleted (Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version)

#8 Updated by sajolida over 2 years ago

  • Blocked by Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version added

#9 Updated by u over 2 years ago

  • Related to Feature #12492: Instruct people with a version older than n-2 to do manual upgrade in /doc/upgrade/error/check added

#10 Updated by u over 2 years ago

#11 Updated by u over 2 years ago

  • Related to Bug #12365: Upgrade automatic and manual upgrade screenshots added

#12 Updated by sajolida over 2 years ago

#13 Updated by sajolida over 2 years ago

#14 Updated by sajolida about 2 years ago

  • Blocked by deleted (Feature #12493: Have Tails Upgrader automatically point to manual upgrade if running from an old version)

#15 Updated by sajolida about 2 years ago

  • Status changed from Confirmed to Resolved

The discussion was resolved with the creation of #12492 and #12493.

Also available in: Atom PDF