Don’t wonder, I sometimes ask for opinions without stating mine first. So just by asking it’s not sure I will like the idea myself at that point.
Perhaps since I am a whole different type of user, I am not the best one to make the judgment. But I find this thing confusing.
start the journey -> debian or ubuntu -> install from debian or ubuntu -> let’s go -> click “I am already on firefox” -> breaks, since it does not work with noscript -> ok, let’s do it without noscript
start the journey -> debian or ubuntu -> install from debian or ubuntu -> let’s go -> click “I am already on firefox” -> install firefox extension -> downloads and verifies tails, great -> now I am supposed to install Tails Installer from Debian backports -> point the installer to the iso
start the journey -> other linux -> then you need intermediary Tails installation probably for some obscure technical reason they could not overcome yet.
All in all kinda a lot steps. Imho cumbersome.
Anyhow. Some things can be learned from it.
Which operating system are you installing Tails from? might be useful to adapt for Whonix. - I wonder if that would provide more usability than our current supported platforms table?
I wonder if installing the firefox addon and using that for downloading would be simpler than our current download table. That firefox addon for downloading Tails is supposed to work in firefox version 38.0.1 or Tor Browser 5 or higher. However, it would not work for let’s say users of chromium or other browsers. There it would just download the addon as xpi file which would not work. From there the user would be lost.
What I am concerned here is adding more layers of complexity, more options that ultimately lead to more than less confusion.
What I find a good idea on the Installing Tails on a USB stick from Debian or Ubuntu using the command line page is to have the
Verify the Tails signing key instructions on the same page as download, verification and installation instructions.
What I find a horrible idea is the following quote.
To follow these instructions you need to have your own OpenPGP key.
To learn how to create yourself an OpenPGP key, see Managing OpenPGP Keys by Riseup.
To require having your own OpenPGP key just for the sake of verification is a huge overhead that I am sure needlessly deters users. They probably want to avoid the following message. (That we have documented in Whonix OpenPGP verification instructions.)
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Anyhow. Documenting the above confusing message is, I am sure, the much smaller evil than linking to instructions on how to create your own gpg key.
- To say it looks nice from the first impression is one thing but to really look into the details before adapting is a whole other story.