1281566 - Encrypt the Firefox profile to protect users from government snooping

Status: RESOLVED DUPLICATE of bug 19184

(Firefox :: Security, defect)

Description

[Brian Carpenter [:geeknik]]

So in the past we've had Bug #19184 and #433875 marked as WONTFIX, but after seeing the US Senate fall 1 vote short of giving the FBI access to browser histories without a court order (http://www.usnews.com/news/articles/2016-06-22/senate-falls-1-vote-short-of-giving-fbi-access-to-browser-histories-without-court-order), I think we should revisit the discussion of encrypting the entire Firefox profile, including History, Bookmarks, Cache and Cookies.

Comment 1

[Daniel Veditz [:dveditz]]

A bug is not the place to revisit a discussion/decision -- it's just going to sit here clogging up the system. I suggest dev-firefox or dev-platform (or both) as appropriate venues.

What's the threat model? In the past we've deferred to OS-level protections (separate accounts and file-system security; whole disk encryption), and those should still work--unless your machine gets hacked! Note the article above was talking about getting your browsing history from a content provider (I assume your ISP), not hacking you.

Let's say they do hack you (they just got broader powers to do just that: https://thinkprogress.org/scotus-approves-broader-hacking-powers-for-fbi-what-could-go-wrong-68d76201681e). What does an encrypted profile buy you? If you're not running Firefox at the time--and never run it again--then your data might be safe (if you've picked a strong password). Once you've unlocked your profile for Firefox to use there are any number of ways they could take the data, from a hidden Firefox add-on, tampering with Firefox itself, or a simple keylogger to capture your password.

Lots of complications to work out, and a bug is terrible for that. Newsgroup/mailing list or maybe collaborative design on wiki.mozilla.org or etherpad.