Closed Bug 1120577 Opened 6 years ago Closed 5 years ago
[Privacy Panel] Changing passphrase and entering wrong SIM PIN does NOT warn user of number of tries left before SIM will be locked
34.85 KB, image/png
118.55 KB, text/plain
46 bytes, text/x-github-pull-request
|Details | Review|
191.51 KB, image/png
Description: If user enters a wrong SIM PIN in Privacy Panel's 'Change your passphrase' page, the page does NOT warn user of the number of tries left before SIM is locked. Prerequisites: Have a passphrase already set up via Settings > Privacy Panel > Remote Privacy Protection. STR: 1) Go to Settings > Privacy Panel > Remote Privacy Protection > tap 'Forgot/Change your passphrase?' 2) Enter a wrong SIM PIN, enter new passphrase, and tap OK. Expected: The error message should also include how many more attempts the user has before SIM is locked Actual: The error message only says the SIM PIN is wrong. See attached screenshot. Repro rate: 4/4 Tested on: Device: Flame KK BuildID: 20150112010228 Gaia: f5e481d4caf9ffa561720a6fc9cf521a28bd8439 Gecko: bb8d6034f5f2 Gonk: a814b2e2dfdda7140cb3a357617dc4fbb1435e76 Version: 37.0a1 (2.2 Master) Firmware: V18D-1 User Agent: Mozilla/5.0 (Mobile; rv:37.0) Gecko/37.0 Firefox/37.0
Attaching a logcat.
QA Whiteboard: [QAnalyst-Triage?] → [QAnalyst-Triage+]
OS: Linux → Gonk (Firefox OS)
Hardware: x86 → ARM
Dear EJ, This seems to be security issue. Could you help to check this when you have time? Thanks!
blocking-b2g: --- → 2.2?
@Josh, This bug is related to Privacy Panel app instead (not Settings app). I helped to check codebase and it's true that PP didn't handle this error from day one. So if this is urgent, maybe we should ask for some helps from PP. If not, I can help to take this. But no matter how, we should ask for UI/UX's help first for this special case and see how to show/hide this kind of error for users. (I don't know who is the proper person that would take care of this design, please help to ni? the right person) Thanks !!
Flags: needinfo?(ejchen) → needinfo?(jocheng)
Thanks EJ! Dear Marta, Can you help to check this PP bug? Moreover do you know who is the UX owner of privacy app here? Thanks!
We had the initial r+ from Juwei, NI'ing her. I will work on it soon
Dear Juwei, Could you provide spec for correct behavior of what error message we should see here? Thanks!
Hi, I agree that we should add the number of tries left. I suggest that the string could be "X passcode attempts left"
Dear Marta, Can you check the comment from JuWei per comment 7 about expected behavior? Thanks!
Flags: needinfo?(jocheng) → needinfo?(marta)
Hi, I'm working on it. Funny enough my only problem right now is that I don't have a sim-card to test it. Attached is the proposed patch.
proposed fix, not able to test it
QA Whiteboard: [QAnalyst-Triage+] → [QAnalyst-Triage+][COM=Privacy Panel]
Assignee: nobody → fabien
Comment on attachment 8560203 [details] [review] pull request Looking good, can we get a basic unit test coverage? (since this won't be easily integration-testable)
Comment on attachment 8560203 [details] [review] pull request PR updated with unit tests
Comment on attachment 8560203 [details] [review] pull request yep that'll do it :)
Attachment #8560203 - Flags: review?(etienne) → review+
Thanks Étienne! Merged on master: https://github.com/mozilla-b2g/gaia/commit/6492bba
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Comment on attachment 8560203 [details] [review] pull request [Approval Request Comment] [Bug caused by] (feature/regressing bug #): ? [User impact] if declined: risk of locking the SIM card when changing the remote protection passphrase [Testing completed]: unit tests + manual [Risk to taking this patch] (and alternatives if risky): low [String changes made]: one new string
Attachment #8560203 - Flags: approval-gaia-v2.2?(bbajaj)
Even if unused in the code, can you please add all plural forms ([zero] included)? That makes external tools happy.
Attachment #8560203 - Flags: approval-gaia-v2.2?(bbajaj) → approval-gaia-v2.2+
This bug has been verified as "pass" on the latest nightly build of Flame KK v2.2&2.5 by the STR in comment 0. Actual results: Changing passphrase and entering wrong SIM PIN will prompt the number of tries left before SIM will be locked. See attachment: verified_Flame_v2.5.png Reproduce rate: 0/6 Device: Flame KK 2.2 (Pass) Build ID 20150929032504 Gaia Revision 5dd95cfb9f1d6501ce0e34414596ef3dd9c2f583 Gaia Date 2015-09-21 11:20:23 Gecko Revision https://hg.mozilla.org/releases/mozilla-b2g37_v2_2/rev/65ddad73ad6b Gecko Version 37.0 Device Name flame Firmware(Release) 4.4.2 Firmware(Incremental) eng.cltbld.20150929.064906 Firmware Date Tue Sep 29 06:49:17 EDT 2015 Firmware Version v18D v4 Bootloader L1TC000118D0 Device: Flame KK 2.5 (Pass) Build ID 20150929150202 Gaia Revision f345f6a015709beeb2ca3955cab077fcaa959d3b Gaia Date 2015-09-29 03:53:51 Gecko Revision https://hg.mozilla.org/mozilla-central/rev/ccee6614fd9d18a31f263fbcfe9676b224d851aa Gecko Version 44.0a1 Device Name flame Firmware(Release) 4.4.2 Firmware(Incremental) eng.cltbld.20150929.201052 Firmware Date Tue Sep 29 20:11:01 EDT 2015 Firmware Version v18D v4 Bootloader L1TC000118D0
You need to log in before you can comment on or make changes to this bug.