Closed
Bug 1162542
Opened 9 years ago
Closed 9 years ago
HSTS should not be shared between appIds
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: baku, Unassigned)
Details
Currently, in b2g, if the same page is opened by 2 different apps, we share HSTS settings and this can be used for tracking. Would be nice to have this information associate with the appId of the app.
I think the way that we currently do this is actually fine. I agree there's some information leakage, but until we see that starting to be exploited to do tracking or other bad things, I'd rather do things as we do them now since it has security benefits.
Comment 2•9 years ago
|
||
I agree with Jonas.. richard if you agree too, then please mark WONTFIX
Flags: needinfo?(rlb)
Reporter | ||
Comment 3•9 years ago
|
||
We don't permanently store HSTS information in private browsing. Why we do that there if we think that having such information leaked is not a problem? It seems an inconsistent behavior: private browsing is a kind of sandbox environment. The same thing is b2g with appIds: sandboxes but just persistent. I push to have this fix if it doesn't require a huge amount of work.
Reporter | ||
Updated•9 years ago
|
Flags: needinfo?(jonas)
I think private browsing is intended to provide stronger guarantees than our cookie jar implementation. With private browsing one goal is for example to ensure that there's no trace of the user visiting a website if the visit happened during private browsing. Splitting the HSTS database on a per-cookie jar basis has security disadvantages, so even if it was zero-line fix, I don't think we'd actually want to do it.
Flags: needinfo?(jonas)
Reporter | ||
Comment 5•9 years ago
|
||
> Splitting the HSTS database on a per-cookie jar basis has security
> disadvantages, so even if it was zero-line fix, I don't think we'd actually
> want to do it.
Can you tell me more about this security disadvantages?
Flags: needinfo?(jonas)
Comment 6•9 years ago
|
||
(In reply to Andrea Marchesini (:baku) from comment #5) > > > Can you tell me more about this security disadvantages? it would mean less use of https
I think, this is a really serious issue. I understand the security disadvantages, but there should at least be an option to prevent this type of tracking. It is unknown if this is not already exploited. Even if not: The time will come when it will, and until there comes a better solution, the user should be able to decide between security and privacy.
Flags: needinfo?(jonas)
I'd like to finally get rich by offering an advanced user tracking service based on the sharing of HSTS information, but my efforts would be useless if you fix this feature too soon. So, is there kind of a guarantee that this will *not* be fixed in the near future? :-)
Comment 9•9 years ago
|
||
+1 to WONTFIX
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(rlb)
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•