[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13398 [Applications/Tor Browser]: at startup, browser gleans user FULL NAME (real name, given name) from O/S

#13398: at startup, browser gleans user FULL NAME (real name, given name) from O/S
--------------------------------------+--------------------------------
 Reporter:  zinc                      |          Owner:  pospeselr
     Type:  defect                    |         Status:  needs_revision
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  TorBrowserTeam201708      |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------------
Changes (by gk):

 * status:  needs_information => needs_revision


Comment:

 Replying to [comment:23 mcs]:
 > Replying to [comment:22 gk]:
 > > However, after thinking more about this patch I have a bigger concern.
 What is it defending against? I mean, what prevents a rogue extension from
 flipping our pref and just read the values we tried to hide? (I know I
 suggested the pref approach first and should probably have thought more
 about it and not just have recommended the "standard thing" when Firefox
 patches are concerned).
 > >
 > > One could argue that's not possible with the new WebExtensions-based
 add-ons (which is correct) but then I bet those extensions are not allowed
 to extract the info we want to hide in the first place either (but I could
 be wrong about that). So, should we just say this will be fixed when we
 switch to Firefox 59? And, if we really want to defend against that in the
 ESR 52 cycle we would just rip out the offending code (not bothering about
 upstreaming the patch)?
 >
 > So maybe just add #ifdefs for ESR52 to remove the code? I'd still feel
 better if the info was never read (and thus present in memory) in ESR 59
 and later, but in theory the info should not be accessible to
 Webextensions.

 Yes, I think I agree. We could keep the #ifdefs for ESR59 and talk to
 Mozilla folks about it.

 Sorry again, Richard, but we should revise this patch making it more
 straightforward and ignoring upstreaming concerns for now.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13398#comment:24>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs