[tor-bugs] #13398 [Applications/Tor Browser]: at startup, browser gleans user FULL NAME (real name, given name) from O/S

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Aug 30 14:23:57 UTC 2017 

#13398: at startup, browser gleans user FULL NAME (real name, given name) from O/S
--------------------------------------+-----------------------------------
 Reporter:  zinc                      |          Owner:  pospeselr
     Type:  defect                    |         Status:  needs_information
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  TorBrowserTeam201708      |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+-----------------------------------

Comment (by mcs):

 Replying to [comment:22 gk]:
 > However, after thinking more about this patch I have a bigger concern.
 What is it defending against? I mean, what prevents a rogue extension from
 flipping our pref and just read the values we tried to hide? (I know I
 suggested the pref approach first and should probably have thought more
 about it and not just have recommended the "standard thing" when Firefox
 patches are concerned).
 >
 > One could argue that's not possible with the new WebExtensions-based
 add-ons (which is correct) but then I bet those extensions are not allowed
 to extract the info we want to hide in the first place either (but I could
 be wrong about that). So, should we just say this will be fixed when we
 switch to Firefox 59? And, if we really want to defend against that in the
 ESR 52 cycle we would just rip out the offending code (not bothering about
 upstreaming the patch)?

 So maybe just add #ifdefs for ESR52 to remove the code? I'd still feel
 better if the info was never read (and thus present in memory) in ESR 59
 and later, but in theory the info should not be accessible to
 Webextensions.

 > mcs: What about your refactoring concerns?

 That concern is fairly minor; we could just wait and see what Mozilla says
 if or when we try to upstream the patch. And we can change our approach
 later if upstreaming does not happen (and therefore we would need to
 maintain a patch forever).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13398#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list