[tor-dev] GSoC 2017 - unMessage: a privacy enhanced instant messenger

Felipe Dau dau at riseup.net
Wed Mar 29 00:03:44 UTC 2017

On Tue, Mar 28, 2017 at 11:08:29PM +0000, dawuud wrote:
> I suggest making sure your UI follows the pricinples outlined here:
> User Interaction Design for Secure Systems
> http://zesty.ca/pubs/icics-2002-uidss.pdf
> by Ka-Ping Yee
> for example:
> "Path of Least Resistance.  The most natural way to do any task should
> also be the most secure way."

Thanks David, that is a good suggestion. We did design it with
security in mind, but there is certainly room for improvement and I am
going to review the UIs.

> Does your client support revocation?
> Ka-Ping Yee says:
> "Revocability.  The interface should allow the user to easily revoke
> authorities that the user has granted, wherever revocation is
> possible."

That will also be included in the review. An example of something that
unMessage does similarly is enabling presence. By default you do not
tell your contacts when you are online (i.e., you do not connect to
all of your contacts on startup), but it is possible to enable which
contacts you wish to notify (as well as disable).

Do you think the tasks for the project should be a mix of
code/structure and UI improvements?

P.S. I opened issues for all your suggestions and mentioned you on
all of them. I just realized that is probably very annoying - I'm
sorry for that. Let me know if you would like to copied though.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170329/87531307/attachment.sig>

More information about the tor-dev mailing list