So, a couple of things here. We investigated the possibility of doing something like this in Bug 1815023. I didn't really look much at the resulting telemetry, but my understanding is that we discovered that it's fairly unusual that we are actually able to read any useful data this way. From my own testing, it seems like Windows usually removes the Alternate Data Stream from the installer when it runs. I'm not really sure why. The other thing is that it was still an open question how we would collect any more information here in a way that wasn't an atrocious invasion of privacy. Just sending back raw URLs that the user visited not only compromises the user's privacy but, depending on what the URL is, could even compromise their safety.
Bug 1851624 Comment 1 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
So, a couple of things here. We investigated the possibility of doing something like this in Bug 1815023. I didn't really look much at the resulting telemetry, but my understanding is that we discovered that it's fairly unusual that we are actually able to read any useful data this way. From my own testing, it seems like Windows usually removes the Alternate Data Stream from the installer when it runs. My understanding is that this has to do with dismissing the "this file was downloaded from the internet" warning such that it only happens the first time you run the file, not every time. The other thing is that it was still an open question how we would collect any more information here in a way that wasn't an atrocious invasion of privacy. Just sending back raw URLs that the user visited not only compromises the user's privacy but, depending on what the URL is, could even compromise their safety.