[guardian-dev] usability testing of Gibberbot v11 alpha 4

Bernard Tyers - ei8fdb ei8fdb at ei8fdb.org
Mon Feb 25 17:25:01 EST 2013

Hash: SHA1

Hi Matej,

Nice work. Can I ask you how you tested Gibberbot? 

Was it a usability test with participants, or an expert review?


On 20 Feb 2013, at 09:38, Nathan of Guardian wrote:

> Matej Kovacic:
>> I did some testing of Gibberbot v11 alpha 4. Here are the results with
>> my some suggestions and remarks:
> Wonderful! Thanks for the hard work. I believe we have addressed or or
> intend to address everything you have pointed out. I am glad to have the
> additional feedback to emphasize the importance.
> A few comments:
> 1) When you select "use Tor", Gibberbot v11 should automatically modify
> the account settings to NOT use SRV lookup and instead use
> talk.google.com (or talk.l.google.com). We do this for any domain we
> know about like jabber.org, jabber.ccc.de, gmail, or any google domain
> account.
> If this isn't working for you, then there is a bug!
> 2) Definitely agree on the per message indicator for whether it was
> encrypted or not. In, fact for 2 years now we have had a design mockup
> even, but haven't implemented it yet :(
> https://github.com/guardianproject/Gibberbot/blob/master/doc/comps/20110415/gibberbot_ui_chat.png
> I think v12 is the right time to get it done!
> 3) Regarding checking TLS/SSL certificates - we have done quite a bit to
> harden the cert verification process, and even supporting a limited
> "pinning" for domains like talk.google.com. We also support a new manual
> verification process for certs we don't automatically trust, and a
> pop-up will be displayed to ask if you would like to trust it. We are
> using the excellent MemorizingTrustManager library for this:
> https://github.com/ge0rg/MemorizingTrustManager
> I *think* what you are asking for is to be able to check *every* cert
> manually, either during first login, or at any time?
> Otherwise, will take all of your feedback into consideration, and make
> sure we have tickets for it in our project tracker.
> All the best,
>  Nathan
> _______________________________________________
> Guardian-dev mailing list
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To Unsubscribe
>        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>        Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/ei8fdb%40ei8fdb.org
> You are subscribed as: ei8fdb at ei8fdb.org

- --------------------------------------
Bernard / bluboxthief / ei8fdb

IO91XM / www.ei8fdb.org

Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org


More information about the Guardian-dev mailing list