[Privacy Panel] Changing passphrase and entering wrong SIM PIN does NOT warn user of number of tries left before SIM will be locked

VERIFIED FIXED in 2.2 S6 (20feb)

Status

defect
VERIFIED FIXED
4 years ago
4 years ago

People

(Reporter: pcheng, Assigned: kaze)

Tracking

({privacy})

unspecified
2.2 S6 (20feb)
ARM
Gonk (Firefox OS)

Firefox Tracking Flags

(blocking-b2g:2.2+, b2g-v2.2 verified, b2g-master verified)

Details

Attachments

(4 attachments, 1 obsolete attachment)

Description:
If user enters a wrong SIM PIN in Privacy Panel's  'Change your passphrase' page, the page does NOT warn user of the number of tries left before SIM is locked.

Prerequisites:
Have a passphrase already set up via Settings > Privacy Panel > Remote Privacy Protection.

STR:
1) Go to Settings > Privacy Panel > Remote Privacy Protection > tap 'Forgot/Change your passphrase?'
2) Enter a wrong SIM PIN, enter new passphrase, and tap OK.

Expected: The error message should also include how many more attempts the user has before SIM is locked

Actual: The error message only says the SIM PIN is wrong. See attached screenshot.

Repro rate: 4/4

Tested on:
Device: Flame KK
BuildID: 20150112010228
Gaia: f5e481d4caf9ffa561720a6fc9cf521a28bd8439
Gecko: bb8d6034f5f2
Gonk: a814b2e2dfdda7140cb3a357617dc4fbb1435e76
Version: 37.0a1 (2.2 Master)
Firmware: V18D-1
User Agent: Mozilla/5.0 (Mobile; rv:37.0) Gecko/37.0 Firefox/37.0
(Reporter)

Comment 1

4 years ago
Posted file logcat on Flame 2.2
Attaching a logcat.
(Reporter)

Updated

4 years ago
QA Whiteboard: [QAnalyst-Triage?]
Flags: needinfo?(ktucker)
Whiteboard: [privacy]
(Reporter)

Updated

4 years ago
QA Whiteboard: [QAnalyst-Triage?] → [QAnalyst-Triage+]
Flags: needinfo?(ktucker)
Keywords: privacy
OS: Linux → Gonk (Firefox OS)
Hardware: x86 → ARM
Whiteboard: [privacy]
Dear EJ,
This seems to be security issue. Could you help to check this when you have time?
Thanks!
blocking-b2g: --- → 2.2?
Flags: needinfo?(ejchen)
@Josh,

This bug is related to Privacy Panel app instead (not Settings app).

I helped to check codebase and it's true that PP didn't handle this error from day one. So if this is urgent, maybe we should ask for some helps from PP. If not, I can help to take this.

But no matter how, we should ask for UI/UX's help first for this special case and see how to show/hide this kind of error for users. (I don't know who is the proper person that would take care of this design, please help to ni? the right person)

Thanks !!
Flags: needinfo?(ejchen) → needinfo?(jocheng)
Thanks EJ!

Dear Marta,
Can you help to check this PP bug? Moreover do you know who is the UX owner of privacy app here?
Thanks!
Flags: needinfo?(marta)

Comment 5

4 years ago
We had the initial r+ from Juwei, NI'ing her. I will work on it soon
Flags: needinfo?(marta)

Updated

4 years ago
Flags: needinfo?(jhuang)
Dear Juwei,
Could you provide spec for correct behavior of what error message we should see here? Thanks!
Hi,
I agree that we should add the number of tries left.
I suggest that the string could be "X passcode attempts left"
Flags: needinfo?(jhuang)
Dear Marta,
Can you check the comment from JuWei per comment 7 about expected behavior? Thanks!
Flags: needinfo?(jocheng) → needinfo?(marta)

Updated

4 years ago
blocking-b2g: 2.2? → 2.2+

Comment 9

4 years ago
Hi,
I'm working on it. Funny enough my only problem right now is that I don't have a sim-card to test it. Attached is the proposed patch.
Flags: needinfo?(marta)

Comment 10

4 years ago
Posted patch Bug_1120577.patch (obsolete) — Splinter Review
proposed fix, not able to test it
QA Whiteboard: [QAnalyst-Triage+] → [QAnalyst-Triage+][COM=Privacy Panel]
(Assignee)

Comment 11

4 years ago
taking
Assignee: nobody → fabien
(Assignee)

Comment 12

4 years ago
Posted file pull request
Attachment #8557847 - Attachment is obsolete: true
Attachment #8560203 - Flags: review?(etienne)

Updated

4 years ago
Status: NEW → ASSIGNED
Comment on attachment 8560203 [details] [review]
pull request

Looking good, can we get a basic unit test coverage?
(since this won't be easily integration-testable)
Attachment #8560203 - Flags: review?(etienne)
(Assignee)

Comment 14

4 years ago
Comment on attachment 8560203 [details] [review]
pull request

PR updated with unit tests
Attachment #8560203 - Flags: review?(etienne)
Comment on attachment 8560203 [details] [review]
pull request

yep that'll do it :)
Attachment #8560203 - Flags: review?(etienne) → review+
(Assignee)

Comment 16

4 years ago
Thanks Étienne! Merged on master: https://github.com/mozilla-b2g/gaia/commit/6492bba
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
(Assignee)

Comment 17

4 years ago
Comment on attachment 8560203 [details] [review]
pull request

[Approval Request Comment]
[Bug caused by] (feature/regressing bug #): ?
[User impact] if declined: risk of locking the SIM card when changing the remote protection passphrase
[Testing completed]: unit tests + manual
[Risk to taking this patch] (and alternatives if risky): low
[String changes made]: one new string
Attachment #8560203 - Flags: approval-gaia-v2.2?(bbajaj)
Even if unused in the code, can you please add all plural forms ([zero] included)? That makes external tools happy.
Flags: needinfo?(fabien)
Attachment #8560203 - Flags: approval-gaia-v2.2?(bbajaj) → approval-gaia-v2.2+
Flags: needinfo?(fabien)
This bug has been verified as "pass" on the latest nightly build of Flame KK v2.2&2.5 by the STR in comment 0.

Actual results: Changing passphrase and entering wrong SIM PIN will prompt the number of tries left before SIM will be locked.
See attachment: verified_Flame_v2.5.png
Reproduce rate: 0/6


Device: Flame KK 2.2 (Pass) 
Build ID               20150929032504
Gaia Revision          5dd95cfb9f1d6501ce0e34414596ef3dd9c2f583
Gaia Date              2015-09-21 11:20:23
Gecko Revision         https://hg.mozilla.org/releases/mozilla-b2g37_v2_2/rev/65ddad73ad6b
Gecko Version          37.0
Device Name            flame
Firmware(Release)      4.4.2
Firmware(Incremental)  eng.cltbld.20150929.064906
Firmware Date          Tue Sep 29 06:49:17 EDT 2015
Firmware Version       v18D v4
Bootloader             L1TC000118D0

Device: Flame KK 2.5 (Pass)
Build ID               20150929150202
Gaia Revision          f345f6a015709beeb2ca3955cab077fcaa959d3b
Gaia Date              2015-09-29 03:53:51
Gecko Revision         https://hg.mozilla.org/mozilla-central/rev/ccee6614fd9d18a31f263fbcfe9676b224d851aa
Gecko Version          44.0a1
Device Name            flame
Firmware(Release)      4.4.2
Firmware(Incremental)  eng.cltbld.20150929.201052
Firmware Date          Tue Sep 29 20:11:01 EDT 2015
Firmware Version       v18D v4
Bootloader             L1TC000118D0
Status: RESOLVED → VERIFIED
QA Whiteboard: [QAnalyst-Triage+][COM=Privacy Panel] → [QAnalyst-Triage+][COM=Privacy Panel][MGSEI-Triage+]
You need to log in before you can comment on or make changes to this bug.