Closed Bug 1295236 Opened 8 years ago Closed 8 years ago

[SHIELD] Data review for Security Advisor

Categories

(Shield :: Shield Study, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: Matt_G, Assigned: Matt_G)

References

Details

Custom Instrumentation:
In addition to instrumenting the buttons in the UI for security advisor, we'll be tracking visits to certain domains. In the control arm this is only observational, but this is how we know when to show treatments. We are also collecting the state of sync before and after a session. This is in general telemetry, but just wanted to call it out explicitly. 

Study length:
14 days

Owner of analysis:
* Gregg Lind
* Josh Gaunt

Benton: can you provide the sample payload for security advisor as you did with the Site Enhance add-on? Thanks.
Flags: needinfo?(bcase)
Here is a sample telemetry payload for security advisor: 

{
  "type": "shield-study",
  "id": "8fde231a-2c59-294b-ac3a-e0b9c29a2445",
  "creationDate": "2016-11-04T15:51:07.693Z",
  "version": 4,
  "application": {
    "architecture": "x86-64",
    "buildId": "20160922113459",
    "name": "Firefox",
    "version": "49.0.1",
    "displayVersion": "49.0.1",
    "vendor": "Mozilla",
    "platformVersion": "49.0.1",
    "xpcomAbi": "x86_64-gcc3",
    "channel": "default"
  },
  "payload": {
    "eventType": "panelShow",
    "domain": "adobe.com",
    "panelShowConfirmTime": 1478274667693,
    "panelShowCount": 1,
    "messageClass": "advisor-logging",
    "study_version": "0.0.1",
    "about": {
      "_src": "addon",
      "_v": 2
    }
  },
  "clientId": null,
  "environment": {
    "build": {
      "applicationId": "{ec8030f7-c20a-464f-9b0e-13a3a9e97384}",
      "applicationName": "Firefox",
      "architecture": "x86-64",
      "buildId": "20160922113459",
      "version": "49.0.1",
      "vendor": "Mozilla",
      "platformVersion": "49.0.1",
      "xpcomAbi": "x86_64-gcc3",
      "hotfixVersion": null
    },
    "partner": {
      "distributionId": null,
      "distributionVersion": null,
      "partnerId": null,
      "distributor": null,
      "distributorChannel": null,
      "partnerNames": []
    },
    "system": {
      "memoryMB": 16384,
      "virtualMaxMB": null,
      "cpu": {
        "count": 8,
        "cores": 4,
        "vendor": "GenuineIntel",
        "family": 6,
        "model": 70,
        "stepping": 1,
        "l2cacheKB": 256,
        "l3cacheKB": 6144,
        "speedMHz": 2800,
        "extensions": [
          "hasMMX",
          "hasSSE",
          "hasSSE2",
          "hasSSE3",
          "hasSSSE3",
          "hasSSE4_1",
          "hasSSE4_2",
          "hasAVX",
          "hasAVX2"
        ]
      },
      "os": {
        "name": "Darwin",
        "version": "16.1.0",
        "locale": "en-US"
      },
      "hdd": {
        "profile": {
          "model": null,
          "revision": null
        },
        "binary": {
          "model": null,
          "revision": null
        },
        "system": {
          "model": null,
          "revision": null
        }
      },
      "gfx": {
        "D2DEnabled": null,
        "DWriteEnabled": null,
        "adapters": [
          {
            "description": null,
            "vendorID": "0x1002",
            "deviceID": "0x6821",
            "subsysID": null,
            "RAM": null,
            "driver": null,
            "driverVersion": null,
            "driverDate": null,
            "GPUActive": true
          }
        ],
        "monitors": [
          {
            "screenWidth": 1440,
            "screenHeight": 900,
            "scale": 2
          }
        ],
        "features": {
          "compositor": "none"
        }
      }
    },
    "settings": {
      "blocklistEnabled": false,
      "e10sEnabled": false,
      "e10sCohort": "unsupportedChannel",
      "telemetryEnabled": false,
      "locale": "en-US",
      "update": {
        "channel": "default",
        "enabled": false,
        "autoDownload": false
      },
      "userPrefs": {
        "app.update.auto": false,
        "app.update.enabled": false,
        "browser.shell.checkDefaultBrowser": false,
        "browser.startup.homepage": "<user-set>",
        "browser.startup.page": 0,
        "devtools.chrome.enabled": true,
        "devtools.debugger.remote-enabled": true,
        "dom.max_script_run_time": 30,
        "extensions.autoDisableScopes": 10,
        "extensions.enabledScopes": 5,
        "extensions.blocklist.enabled": false,
        "extensions.blocklist.url": "http://localhost/extensions-dummy/blocklistURL",
        "extensions.update.enabled": false,
        "extensions.update.url": "http://localhost/extensions-dummy/updateURL",
        "xpinstall.signatures.required": false
      },
      "addonCompatibilityCheckEnabled": false,
      "isDefaultBrowser": false,
      "defaultSearchEngine": "yahoo",
      "defaultSearchEngineData": {
        "name": "Yahoo",
        "loadPath": "jar:[app]/omni.ja!browser/yahoo.xml",
        "origin": "default",
        "submissionURL": "https://search.yahoo.com/yhs/search?p=&ei=UTF-8&hspart=mozilla&hsimp=yhs-001"
      }
    },
    "profile": {
      "creationDate": 17109
    },
    "addons": {
      "activeAddons": {
        "@security-advisor": {
          "blocklisted": false,
          "description": "Warns users when they visit sites which have been hacked recently",
          "name": "Security Advisor",
          "userDisabled": false,
          "appDisabled": false,
          "version": "0.0.1",
          "scope": 1,
          "type": "extension",
          "foreignInstall": true,
          "hasBinaryComponents": false,
          "installDay": 17109,
          "updateDay": 17109,
          "signedState": 0,
          "isSystem": false
        },
        "e10srollout@mozilla.org": {
          "blocklisted": false,
          "description": "Staged rollout of Firefox multi-process feature.",
          "name": "Multi-process staged rollout",
          "userDisabled": false,
          "appDisabled": false,
          "version": "1.2",
          "scope": 1,
          "type": "extension",
          "foreignInstall": false,
          "hasBinaryComponents": false,
          "installDay": 17066,
          "updateDay": 17066,
          "isSystem": true
        },
        "firefox@getpocket.com": {
          "blocklisted": false,
          "description": "When you find something you want to view later, put it in Pocket.",
          "name": "Pocket",
          "userDisabled": false,
          "appDisabled": false,
          "version": "1.0.4",
          "scope": 1,
          "type": "extension",
          "foreignInstall": false,
          "hasBinaryComponents": false,
          "installDay": 17066,
          "updateDay": 17066,
          "isSystem": true
        },
        "webcompat@mozilla.org": {
          "blocklisted": false,
          "description": "Urgent post-release fixes for web compatibility.",
          "name": "Web Compat",
          "userDisabled": false,
          "appDisabled": false,
          "version": "1.0",
          "scope": 1,
          "type": "extension",
          "foreignInstall": false,
          "hasBinaryComponents": false,
          "installDay": 17066,
          "updateDay": 17066,
          "isSystem": true
        }
      },
      "theme": {
        "id": "{972ce4c6-7e08-4474-a285-3208198ce6fd}",
        "blocklisted": false,
        "description": "The default theme.",
        "name": "Default",
        "userDisabled": false,
        "appDisabled": false,
        "version": "49.0.1",
        "scope": 4,
        "foreignInstall": false,
        "hasBinaryComponents": false,
        "installDay": 17066,
        "updateDay": 17066
      },
      "activePlugins": [
        {
          "name": "Google Talk Plugin",
          "version": "5.41.3.0",
          "description": "Version 5.41.3.0",
          "blocklisted": false,
          "disabled": false,
          "clicktoplay": true,
          "mimeTypes": [
            "application/googletalk"
          ],
          "updateDay": 16780
        },
        {
          "name": "Google Talk Plugin Video Renderer",
          "version": "5.41.3.0",
          "description": "Version 5.41.3.0",
          "blocklisted": false,
          "disabled": false,
          "clicktoplay": true,
          "mimeTypes": [
            "application/o1d"
          ],
          "updateDay": 16780
        },
        {
          "name": "Adobe Acrobat NPAPI Plug-in, Version 15.020.20042",
          "version": "15.020.20042",
          "description": "Adobe® Acrobat® Plug-in for Web Browsers, Version 15.020.20042",
          "blocklisted": false,
          "disabled": false,
          "clicktoplay": true,
          "mimeTypes": [
            "application/vnd.adobe.pdf",
            "application/vnd.adobe.pdfxml",
            "application/vnd.adobe.x-mars",
            "application/vnd.adobe.xdp+xml",
            "application/vnd.fdf",
            "application/vnd.adobe.xfd+xml",
            "application/pdf",
            "application/vnd.adobe.xfdf"
          ],
          "updateDay": 17101
        },
        {
          "name": "Shockwave Flash",
          "version": "23.0.0.205",
          "description": "Shockwave Flash 23.0 r0",
          "blocklisted": false,
          "disabled": false,
          "clicktoplay": false,
          "mimeTypes": [
            "application/x-shockwave-flash",
            "application/futuresplash"
          ],
          "updateDay": 17101
        }
      ],
      "activeGMPlugins": {
        "gmp-gmpopenh264": {
          "version": null,
          "userDisabled": false,
          "applyBackgroundUpdates": 1
        },
        "gmp-widevinecdm": {
          "version": null,
          "userDisabled": false,
          "applyBackgroundUpdates": 1
        }
      },
      "activeExperiment": {},
      "persona": null
    }
  }
}
Flags: needinfo?(bcase)
Can you include the link to the consent form and debrief survey language here, either as links or as .md attached files?  I believe you are informing users that you are collecting domain visits, but that is important to clarify.  

Additionally, is there a repo for this project (if so, can it be linked to)?  Is there a list of the domains available to the user, if the user wanted to know what sites we are counting?  I understand that could be problematic in that it increases the potential for bias, but I want to ensure transparency.
Flags: needinfo?(mgrimes)
Signed off.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.