Closed punterwantsawhalepass closed 1 year ago
Issue is referencing this line of text/code: https://github.com/SeedSigner/seedsigner/blob/5e007e501044f518f8d3c8ab9505901cfba249bb/src/seedsigner/views/seed_views.py#L768
this might also be good language.
"You must NEVER allow your Bitcoin seed words to come into contact with the Internet."
Just taking a stab -- "Never input your seed phrase into a device that connects to the internet."
I'm a big fan of communicating these caution messages as effectively as possible.
I think seedsigner already does a very good job of this, but I have no illusions that it can't get even better over time.
Off on a tangent... @kdmukai has already put a considerable amount of work into his inital_multilanguage branch, internationalizing the codebase so that translators can get to work on these types of messages (and all others); in fact, messages like these are already translated in more than a handful of languages. I've taken an interest helping out and have tried to continue his work in a copy of his branch. What does this tangent have to do with the topic? That we won't ever get these messages perfect, that they'll evolve over time as new threats emerge and understandings become commonplace.
...and updating these types of messages NOT in the codebase, but rather in the locale-specific catalogs/messages.po files is the place to do this never-finished work. (just my 2c).
This way, hopefully, a few special communicators from all over the world can hone-in on protecting the folks they communicate best with... and then any types of textual changes made in the future can truly be translator work and not codebase work... (because 'en' would be a translated language too). In a way, this issue also supports getting multilanguage seedsigner to release.
Thanks for hearing me out!
Just taking a stab -- "Never input your seed phrase into a device that connects to the internet."
+1 for this option if just trying to resolve the immediate issue
Photos of proposed updated screens would help here (or rather in a PR). Sometimes messages just don't look/read quite right onscreen.
Photos of proposed updated screens would help here (or rather in a PR). Sometimes messages just don't look/read quite right onscreen.
I agree, especially since it's not obvious where different phrases will wrap. Back here shortly with some images of all the proposed phrases in this thread... with the help of "enteropositivo/seedsigner_emulator".
Thanks to the work in enteropositivo/seedsigner_emulator, this was easy to do from my desktop.
Once we decide on one of these, I'll be happy to verify that it indeed looks the same on the seedsigner. If anyone would like to propose changes, just leave a note here, I'd be happy to get a screenshot while this procedure is fresh in my head.
Currently:
Proposal A and B, thanks to @punterwantsawhalepass
Proposal C, thanks to @SeedSigner (w/ a +1 from @newtonick)
Not specifically mentioned in this issue, a related warning screen for SeedQR currently looks like:
Assuming Proposal C is desired and carried over to the related SeedQR warning, they might look like:
btw: They all have the same pulsing-red-border... it's just that my screenshot's didn't capture them.
I prefer Proposal C, because:
Of my added SeedQR proposals: I like both:
Never photograph or scan it
into a device that connects
to the internet.
and
Never scan or photograph it
into a device that connects
to the internet.
...over the versions with 2x "it"; and to use "photo" like a verb instead of a noun also doesn't sound right.
ATTENTION: I had hoped that the SeedSigner Emulator would accurately represent where text would wrap, but this is not the case everytime. :(
I'm going to issue a pull request for this, leaning towards Proposal C and carrying similar text into the SeedQR warning. I'll take photos of what it really looks like on SeedSigner hardware.
Thank you for your work on generating these previews.
Some better late than never thoughts on the topic here... (without thinking through any specific proposals to the outstanding edits proposed above)
Some people may not fully think through what it means to interact with "devices that connect to the internet" (or however it's phrased in the multiple variations above). I think it's worth offering users a clear warning to not interact with their seedphrase data within site of webcams of their cell phone camera. This may be an edge case not worth solving for within the limited Seedsigner UI, but it's worth considering that your camera could be a vector to spy on you/steal your data even if you don't voluntarily "take" a photo with it.
The best practice, in my opinion, is to be fully away from internet connected devices and cameras when interacting with seedphrase data. If it were possible to relay this concept to users, that would be my vote.
may need to change that, away made me think of distance
"You must keep your seed words private and safe. Never store your seed words on an online device."