Changes between Version 1 and Version 2 of Ticket #20842, comment 21


Ignore:
Timestamp:
Mar 19, 2019, 7:35:03 PM (4 months ago)
Author:
ninavizz
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #20842, comment 21

    v1 v2  
    33I work on SecureDrop. We recommend users to only use SD with the Tor security-slider set to SAFEST, which eliminates use of webfonts as an option. I appreciate that the default answer to this, is "well then design an alternative version without the nice fonts, or design only with system fonts" but that's inadequate. We're a Tor-first, SAFEST-first, product—but also want to provide a superb experience to our users. Typography is not a straight-forward discipline, and most system fonts for one reason or another, in my ~20yrs working in digital, are rarely adequate for the ux of a webapp.
    44
    5 Dotfont, as an example, is necessary for show/hide functionality on password fields—which is critical for supporting highly usable AND highly secure experiences. Noto is the most cross-charset legible font, available—and legibility matters a ton, in usability. Finally, for our Journalist client app, we're using SourceSans and Montserrat—and, again, for usability, we want the information design of our Web UI to have visual parity with the web experience... and most standard system fonts just aren't that legible/usable across sizes and use instances (sorry, they're just not—especially on Linux distributions, which rarely involve typography experts).
     5Dotfont, as an example, is part of (an admittedly premature/hackish) a solution we're working on for show/hide functionality on password fields—which is critical for supporting highly usable AND highly secure experiences. Noto is the most cross-charset legible font, available—and legibility matters a ton, in usability (and in all alphabets). Finally, for our Journalist client app, we're using SourceSans and Montserrat—and, again, for usability, we want the information design of our Web UI to have visual parity with the web experience... and most standard system fonts just aren't that legible/usable across sizes and use instances (sorry, they're just not—especially on Linux distributions, which rarely involve typography experts).
    66
    77Whitelisting a few non-standard fonts used often in support of usable, security-centric, and task-instensive UIs, is my ask. If there's a reason it's being punted for risk, I'd love to understand that reason more.