[guardian-dev] Pixelknot

Bernard Tyers - ei8fdb ei8fdb at ei8fdb.org
Sun Apr 21 09:13:44 EDT 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all,

Apologies it's taken me so long to get this finished but I've been busy with less interesting things.

This walkthrough has been done with Pixelknot (0.3) on a Motorola Razr i (unrooted) device running Android 4.1.2.

I've used two tasks which I think would reflect "normal" usage of an app like this:

TASK 1: Embed message in preselected picture, use a password and then send it via Dropbox.
TASK 2: Embed message in preselected picture, use no password and send it via e-mail.

I may have made some assumptions here that may be incorrect.

Some of the 5 issues I found may be bugs like I mentioned. if so, I am happy to file them if needed. For the other issues, I've given some possible solutions.

Firstly, I'd suggest you have a look at the video here:  https://vimeo.com/64487693  and then take a look at the issues below. It'll make more sense. 

(Sorry for the continuous auto-focus on the camera, but the light was terrible!) 

====================

TASK 1: Embed message in preselected picture, use a password and then send it via Dropbox.

1. At min 1:38: The user is offered two "trusted apps" to share the image with.

Was there a decision to use just these two? If the user doesn't want to use Bluetooth or Dropbox, it is not clear how to share them with other tools. The arrow in the top right hand-side is the only way to find the other apps you can use. 

SOLUTION: Display applications most used to share on that "Share with..." screen. Or possibly display more options eg e-mail, SMS.


2. At min 1:59: The user is notified that the upload to Dropbox has failed.

I don't know how the file which has been steg'ed is handled. The error message from Dropbox (seen at 2:06) says "We couldn't upload '136653636941_embed.jpg'. It may have been moved, deleted, os is located on an SD card that is currently unavailable."

SOLUTION: If this is a bug, then I am happy to get it logged properly. Maybe it's a bug just with Motorola Razr i phones?

====================

TASK 2: Embed message in preselected picture, use no password and send it via e-mail.

3. At min 2:29: The user is able to advance passed message entry window, but is required to enter message.

Is the message optional? If not, then the user should not be able to advance without entering message. It is really good that you guys have caught the possibility of them not entering a message by giving them the warning ("Oh no, it looks like you haven't entered a secret message yet. Please enter one.") but it would be even better if they didn't see that warning. 

SOLUTION: Give clear indication that the message not optional, therefore removing the necessity of the "Oh no..." warning.


4. At min 2:59: How does the user advance to the next screen?

When the user has entered the secret message, they are given no clear way to advance to the next screen. On inspection there are two options:

1. navigation dots.
2. The password entry field icon.

Since both bring the user to the same place, it might be a good idea to remove one of them? Is there a recommended next step? Ie. do you want the user to enter password for the image?

SOLUTION: If the password entry field icon was removed, and the user swiped R-to-L they would be prompted with the:

"Wait! You haven't set a password for your image. Are you sure you want to continue?. No set my password OR Yes, continue." message. 

At this point, they would either continue, or enter the password.


5. At min 4:35: The file has been attached and sent by e-mail successfully, however the file size is 0 B.

I guess this is a bug?

SOLUTION: If this is a bug, then I am happy to get it logged properly. Maybe it's a bug just with Motorola Razr i phones?

====================

I hope they are of help. I'm looking forward to seeing the next version.

regards,
Bernard



On 10 Apr 2013, at 00:29, Mark Belinsky wrote:

> Thanks so much for the feedback Bernard! The best UI of a security app is quite the compliment!
> 
> Do send comments. We're tweaking and strengthening the app now, so they'd be helpful. There are known issues with the galaxy s3 and we're trying to test for bugs across a wide range of models.
> ~Sent from my mobile. Please excuse any typos or terseness.
> 


- --------------------------------------
Bernard / blueboxthief@#guardianproject

IO91XM / www.ei8fdb.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBAgAGBQJRc+YIAAoJENsz1IO7MIrr+jIH/3IIh7sed3ZpgohuIw7udC9Q
K1o7i5QAv7ZZfQiKI4kYAB4BcgV48S9orv9wNcEECH/UfP85M2/JlZKu8yy1JU8W
PjQbOe/UJg0SQgLQ4z+BidkIKa6OQtMQDmgtCgubyY1pqXPe/XWZ4s1XQAi8NC3K
9UqQAvu0LfgTOhX5qcuW+ibRuSu3A5ZNfeDym+fhOaLYQNWms1tP5I/z62sql+nc
AjT69AicGlmafKK5qhf1Zlm3117lMnFa2zfweujd07uIP5x+bnzaG1BXNedt4S01
kt8OIgwQQkaHBOmd/B39s2Tsk32jy/7zTvsxb3FSRVZqs+BVzPnlPyZzyfY5bps=
=mofB
-----END PGP SIGNATURE-----

More information about the Guardian-dev mailing list