Project

General

Profile

Feature #5417

Improve user experience when wiping memory at shutdown

Added by Tails over 6 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
07/19/2014
Due date:
% Done:

100%

Feature Branch:
bugfix/12354-drop-kexec-memory-wipe
Type of work:
Code
Blueprint:
Starter:
No
Affected tool:

Description

Presumably, displaying a nice splash screen instead of low-level details while wiping memory would improve user experience.


Subtasks

Feature #10645: Rephrase shutdown messageRejected

Bug #7617: Do not display confusing "Please remove the USB flash drive and press ENTER to continue" message on shutdownResolved


Related issues

Related to Tails - Feature #5948: Custom plymouth theme Confirmed
Related to Tails - Bug #7359: Video broken while shutting down on ThinkPad X61 Rejected 06/01/2014
Related to Tails - Feature #6079: reenable the shutdown splash screen Resolved
Related to Tails - Bug #8124: Scary failure messages when shutting down the system while the Unsafe Browser is still running Resolved 10/15/2014
Related to Tails - Bug #12354: Fix shutdown and memory wipe regressions on 3.0~betaN Resolved 03/20/2017

History

#1 Updated by intrigeri over 6 years ago

  • Type of work set to Code

Type of work: Code

#2 Updated by BitingBird over 5 years ago

  • Subject changed from nicer memory wipe UX to Nicer memory wipe UX
  • Starter set to No

#3 Updated by intrigeri over 5 years ago

  • Subject changed from Nicer memory wipe UX to Improve user experience when wiping memory at shutdown

#4 Updated by intrigeri over 5 years ago

#5 Updated by intrigeri over 5 years ago

  • Description updated (diff)

#6 Updated by Anonymous over 5 years ago

These are remarks by the UX experts, as collected after the 1st Tails UX session:

Tails Shutdown: the user shuts down Tails by removing the USB key. A
black screen appears with some messages regarding sensitive data
exposure and many lines of hard-to-read status messages. When asked what
this screen means the user says that it's basically telling you that
it's cleaning up the sensitive data and that she doesn't really read or
understand what the rest of the status message means.

Observations: the function of this screen probably wouldn't be clear
to a first-time user and even to an expert user it doesn't mean much in
its current state. At first glance it looks like a system crash screen,
more alarming than reassuring.

Recommendations: it seems that the objective of this screen would be
to a) inform the user that her data is being wiped from memory and b) to
conceal the user's activity in case of an abrupt shutdown prompted by a
physical confidentiality threat (someone entering the room for example).
You could for example mask this shutdown screen as a common Windows or
OSX shutdown process, with a progress bar / wheel that informs the user
that the "cache is being cleared", "the system is shutting down" or
whatever other message is more appropriate.

#7 Updated by intrigeri over 5 years ago

Implementation notes:

  • we currently disable running plymouth at shutdown time (config/chroot_local-patches/do_not_run_plymouth_on_shutdown.diff)
  • it's probably possible to run plymouth at shutdown time, and have some (existing or new) initscript send a message to plymouth to have it display graphically the message we want
  • emergency shutdown handles things a bit differently: config/chroot_local-includes/usr/local/sbin/udev-watchdog-wrapper runs chvt 1; not sure if that one can easily be converted to using plymouth as well. But improving things for regular (non-emergency) shutdown first would be a first great step.

#8 Updated by intrigeri over 5 years ago

  • Related to Bug #7359: Video broken while shutting down on ThinkPad X61 added

#9 Updated by intrigeri over 5 years ago

  • Related to Feature #6079: reenable the shutdown splash screen added

#10 Updated by BitingBird almost 5 years ago

  • Related to Bug #8124: Scary failure messages when shutting down the system while the Unsafe Browser is still running added

#11 Updated by BitingBird almost 5 years ago

  • Related to Bug #7617: Do not display confusing "Please remove the USB flash drive and press ENTER to continue" message on shutdown added

#12 Updated by sajolida about 4 years ago

  • Related to deleted (Bug #7617: Do not display confusing "Please remove the USB flash drive and press ENTER to continue" message on shutdown)

#13 Updated by sajolida over 3 years ago

People think that "this is the fundamental functionality of Tails":

https://twitter.com/thecowboyc0der/status/784321759474364416?cn=cmVwbHk%3D&refsrc=email

We have a serious mental model issue here :)

#14 Updated by intrigeri almost 3 years ago

  • Related to Bug #12354: Fix shutdown and memory wipe regressions on 3.0~betaN added

#15 Updated by intrigeri almost 3 years ago

  • Status changed from Confirmed to In Progress
  • Assignee set to sajolida
  • QA Check set to Ready for QA
  • Feature Branch set to bugfix/12354-drop-kexec-memory-wipe

Once our fix for #12354 is merged (likely in 3.0~rc1), IMO there's nothing to improve here as the machine shuts down in very few seconds:

  • with emergency shutdown (unplugging the boot medium), I have barely time to notice the debugging messages that are displayed on the screen; we could hide them once we are confident the new implementation is reliable
  • with normal shutdown (shutdown button in the GNOME top-right menu) I see no message at all, just a black screen for a couple seconds

But I'd like sajolida's opinion on this one, so please test either with 3.0~rc1 once it's out, or with a nightly build from the feature branch (until it's merged), or with a nightly build from feature/stretch (between the time my branch is merged and the release of 3.0~rc1). Alternatively, if you have no time, let me know and I'll test on a couple more machines before closing this ticket as resolved.

#16 Updated by sajolida almost 3 years ago

I'll test with once I'm on 3.0~rc1.

#17 Updated by sajolida over 2 years ago

I tried normal shutdown yesterday for the first time and I loved it!

I'll try emergency shutdown soon.

#18 Updated by intrigeri over 2 years ago

I tried normal shutdown yesterday for the first time and I loved it!

Very nice to hear :)

#19 Updated by sajolida over 2 years ago

  • Status changed from In Progress to Resolved
  • Assignee deleted (sajolida)
  • QA Check deleted (Ready for QA)

I'm very happy with the proposed experience and this is going to be in 3.0, so marking this as resolved. Possible bugs can be filed elsewhere.

Also available in: Atom PDF