[Tails-ux] Shared screen locking solution for live distribut…

Delete this message

Reply to this message
Author: sajolida
Date:  
To: tails-dev >> The Tails public development discussion list, micah, info, grml-devel, info, info, debian-live, tanglu-devel, tails-ux@boum.org >> Tails user experience & user interface design
Subject: [Tails-ux] Shared screen locking solution for live distributions in Debian
Hi,

I'm part of the people working on Tails, a live distribution that aims
at preserving privacy and anonymity: https://tails.boum.org/. Tails is
currently lacking a screen locker and this has been a frequent feature
request. See https://labs.riseup.net/code/issues/5684.

For example, as Tails is been adopted more and more by journalists,
they want to be able to leave their computer unattended in their
office to go to the toilets for a minute and have their screen locked.

I'm writing this emails to various Live distributions based on Debian
(Knoppix, Grml, Jondo, Kali, Debian Live, and Tanglu). I'm also
putting Micah Lee in copy as he has shown particular interest in this
feature.

I've been investigating the screen locking mechanism of those various
Debian based live distributions, and I found out that none of them had
a real mechanism to do so. They either:

  - Do not provide any screen locking mechanism (Knoppix, Grml,
    Jondo Live).
  - Either rely on their default password to unlock the screen (Kali,
    Tanglu, Debian Live).


The purpose of this email is to know whether you would be interested
in working on a common Debian package to provide a generic screen
locking solution for Debian based live distributions.

The core usability issue that we are facing here is the one of the
unlocking password. As we are live distributions, there either is no
password or a default one. Still, screen locking only make sense if
the user is able to use a custom password. As an interesting exception,
note that in Jondo Live, the user is prompted for a user password on
boot. In Tails the user can set up an administration password but this
is disabled by default for security reasons so we cannot rely on this
for screen locking.

During our last monthly meeting we came up with the idea of asking for
a custom password *in the process of locking the screen* for the first
time. For example, in GNOME, when doing Meta+L for the first time, the
user would be prompted to enter a screen locking password, then only
the screen would get locked. If she locks the screen again, the same
password would be reused.

What do you think? Please answer to tails-dev@??? and feel free to
subscribe to the list to follow the thread:

https://mailman.boum.org/listinfo/tails-dev/

--
sajolida