Securedrop: Bug: Confusing "i" and "l" via Font w/ Codename (sans-serif)

Created on 6 Jan 2017  路  6Comments  路  Source: freedomofpress/securedrop

FWIW, I'd recommend changing the codename font to Courier (or something with serifs). Just encountered this, when I cut-and-pasted a codename into plain text. Had I written it down, I'd have written down lowercase "L" characters as uppercase "i"s. I know it's an unspoken rule with devs to do everything in lowercase, but the rest of us don't have that expectation. :D

Codename: flex bushy loy yam tab sec l
(even as typed above w/ the GitHub text entry font, I'm not seeing it as an L)

image

UX source_interface

All 6 comments

The wordlist in the develop branch no longer has 1-letter "words." I think this solves the problem unless there are any word pairs in our list that are separated only by swapping their first letter between "l" and uppercase "i".

No objects to changing the font though. Will wait for more feedback from others, but do feel free to make a PR.

Also, I'd recommend checking out https://securedrop.org/demo to be able to check out the latest version of SD (0.3.10) and play with it more in-depth.

Code doesn't make much sense to me, so I wouldn't know what to pull, how to read it, or what to do with it. It'd be helpful if at some point UX standards/decisions could be documented separately from the codebase, as most UX folks with experience in usability/research stuff, and design, also don't code. I realize you guys are a very dev-centric org and that could feel burdensome鈥攁nd be difficult to keep at the center of dev with multiple open-source contributors from around the world. More UX folks need to be involved in infosec and open-source projects, tho鈥攁nd learning to code is too steep a learning curve for a skill rarely used in applied work鈥攕o, that's an issue bigger than FoTPF...

Eliminating one-letter words is a great start.

Multiple orgs running slightly different versions of SD seems problematic, tho鈥攁ssuming journalists and/or sources, might work with multiple media organizations. As it's not a cloud dealie tho, not sure there's an easy fix to that. :/

Thx for clarifying that the demo on the site always runs on the latest production build. That's helpful to know, as an ongoing reference point.

Going off issue topic, I'll go ahead and address your comments/concerns:

It'd be helpful if at some point UX standards/decisions could be documented separately from the codebase, as most UX folks with experience in usability/research stuff, and design, also don't code. I realize you guys are a very dev-centric org and that could feel burdensome

I agree. At the moment, we don't have the bandwidth to do this because our dev resources have been stretched thin across about 4 different moderate-sized projects. However, it's been the plan to refocus on SD in early 2017 (probably kicking off in earnest next week when we're all back in SF) and with more people this seems more feasible.

FoTPF

FPF :smile_cat:

Eliminating one-letter words is a great start.

We now use the new EFF long wordlist, which has been pretty well researched (see https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases).

Multiple orgs running slightly different versions of SD seems problematic, tho

We can't make them upgrade, but we do strongly suggest it and remove them from our directory if they don't after some time. Most upgrades are automatic, but sometimes it requires admin intervention.

New person here - changing some CSS seems like an easy place to start. Will try to have a PR soon!

Tiny PR is #1548.

@ninavizz, image is below for your UX wisdom.

screen shot 2017-02-01 at 10 16 58 pm

Implemented in merged PR #1548 by @tkell (welcome @tkell!). Closing.

Was this page helpful?
0 / 5 - 0 ratings