Open
Bug 1449672
Opened 6 years ago
Updated 2 years ago
Add a profile fingerprint module
Categories
(Toolkit :: Startup and Profile System, enhancement, P3)
Toolkit
Startup and Profile System
Tracking
()
NEW
People
(Reporter: eoger, Unassigned)
References
(Blocks 2 open bugs)
Details
Attachments
(1 file)
Some modules (Sync, Push, Telemetry etc) are currently broken when a profile is moved or copied. We would like to be able to capture a profile "fingerprint": a hash comprised of different metrics. At the moment, we only care about the local computer name and the path of the current profile. It would be the responsibility of the modules interested in that fingerprint to cache it and do the necessary actions if a change is detected.
| Comment hidden (mozreview-request) |
|
||
Comment 2•6 years ago
|
||
| mozreview-review | ||
Comment on attachment 8963279 [details] Bug 1449672 - Add Profile Fingerprint module. https://reviewboard.mozilla.org/r/232178/#review237744 Broad strokes I like this, but I dislike the attributes we use. ::: browser/modules/ProfileFingerprint.jsm:36 (Diff revision 1) > + return this._cached; > + } > + let hostname; > + try { > + hostname = Cc["@mozilla.org/network/dns-service;1"] > + .getService(Ci.nsIDNSService).myHostName; I dislike using the hostname here unless it really is static. Some computers change hostname depending on the DHCP returned name which can mean you change hostname for every wifi network you connection to. I'm guessing that some components that rely on this fingerprint might do expensive stuff that we don't want in that case. Perhaps we could use something more likely to be stable, install disk name? MAC address?
Attachment #8963279 -
Flags: review?(dtownsend) → review-
|
||
Comment 3•6 years ago
|
||
Another thing we could consider is landing this (with whatever attributes we consider the most likely to reflect an actual clone), along with telemetry on how often it thinks the clone actually happened. We could then analyze this telemetry before landing the other patches that take concrete action. However, it's not clear how we would actually measure success - ie, what rate would we consider that the false-positive rate is "low enough"? Certainly 1% of profiles reporting a clone would be red-flag IMO, but I don't know whether we'd consider 0.1% or 0.01% to be the rate where we consider it being "accurate enough"
|
|
||
Comment 4•6 years ago
|
||
CC Georg as we see telemetry as one of the possible consumers of this.
|
||
Updated•6 years ago
|
Priority: -- → P3
|
||
Comment 5•6 years ago
|
||
I assume this is specifically focused on being a detection mechanism on the client side only?
|
|
||
Comment 6•6 years ago
|
||
(In reply to Georg Fritzsche [:gfritzsche] from comment #5) > I assume this is specifically focused on being a detection mechanism on the > client side only? Yes
|
||
Comment 7•2 years ago
|
||
The bug assignee didn't login in Bugzilla in the last 7 months, so the assignee is being reset.
Assignee: eoger → nobody
Status: ASSIGNED → NEW
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•