Collect (user) font prefs
Categories
(Core :: Privacy: Anti-Tracking, task)
Tracking
()
Tracking | Status | |
---|---|---|
firefox127 | --- | fixed |
People
(Reporter: tschuster, Assigned: tschuster)
References
(Blocks 1 open bug)
Details
Attachments
(3 files)
Users can customize the fonts (and sizes) used for serif/sans-serif/monospace per language. This is something like 23 x 2/3 x 4 different preferences. I don't think we really want to collect all that information. Instead I propose we only collect if e.g. any default sans-serif font was modified.
Assignee | ||
Comment 1•2 months ago
|
||
Updated•1 month ago
|
Updated•1 month ago
|
Comment 2•1 month ago
|
||
The following patch is waiting for review from an inactive reviewer:
ID | Title | Author | Reviewer Status |
---|---|---|---|
D205579 | Bug 1887658 - Collect (user) font prefs. r?timhuang | tschuster | tjr: Back Apr 30, 2024 |
:tschuster, could you please find another reviewer?
For more information, please visit BugBot documentation.
Assignee | ||
Updated•1 month ago
|
Assignee | ||
Comment 3•28 days ago
|
||
Comment 4•23 days ago
|
||
Comment on attachment 9397584 [details]
Data review request
DATA COLLECTION REVIEW RESPONSE:
Is there or will there be documentation that describes the schema for the ultimate data set available publicly, complete and accurate?
Yes.
Is there a control mechanism that allows the user to turn the data collection on and off?
Yes. This collection can be controlled through the product's preferences.
If the request is for permanent data collection, is there someone who will monitor the data over time?
Yes, Tom Schuster is responsible.
Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under?
Category 2, Interaction.
Is the data collection request for default-on or default-off?
Default on for all channels.
Does the instrumentation include the addition of any new identifiers?
No.
Is the data collection covered by the existing Firefox privacy notice?
Yes.
Does the data collection use a third-party collection tool?
No.
Result: datareview+
Comment 5•23 days ago
|
||
I know it's unlikely to be a problem, but some of these prefs are being collected as string
metrics which are 100B of UTF-8. Have you given thought to whether there might be string data in there that we don't want to collect? In all but the weirdest cases we can reasonably expect that it'll be a font's name (any weirdos going into about:config
and putting in custom values are a) gonna mess with how the web looks for themselves, and b) too weird for us to take seriously)... but any time we collect text I have a duty of care to warn you that people will surprise you, and not always in a good way, with the written word.
Pushed by tschuster@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c61aca5511ab Collect (user) font prefs. r=timhuang
Assignee | ||
Comment 7•22 days ago
|
||
(In reply to Chris H-C :chutten from comment #5)
I know it's unlikely to be a problem, but some of these prefs are being collected as
string
metrics which are 100B of UTF-8. Have you given thought to whether there might be string data in there that we don't want to collect? In all but the weirdest cases we can reasonably expect that it'll be a font's name (any weirdos going intoabout:config
and putting in custom values are a) gonna mess with how the web looks for themselves, and b) too weird for us to take seriously)... but any time we collect text I have a duty of care to warn you that people will surprise you, and not always in a good way, with the written word.
Thank you for the warning Chris. I don't think there is much sanitization we could do beforehand, because font names can basically be arbitrarily named. (And actually looking up fonts to make sure they are real seems infeasible)
Comment 8•22 days ago
|
||
Yeah, the only mitigations I can think of on this would be on the analysis side to warn folks that there might be stuff in there they don't want in their brains. But our user base is usually fairly okay on things like this (I get a chuckle out of the folks who set their update channel to no
, even if I'm not sure why they want insecure code so much), so it's hopefully not likely to come up. Just one of those things about collecting data : )
Comment 9•21 days ago
|
||
bugherder |
Assignee | ||
Comment 10•11 days ago
|
||
Comment 11•11 days ago
|
||
Pushed by tschuster@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/8041e90d6d11 Add data review URL
Comment 12•11 days ago
|
||
A patch has been attached on this bug, which was already closed. Filing a separate bug will ensure better tracking. If this was not by mistake and further action is needed, please alert the appropriate party. (Or: if the patch doesn't change behavior -- e.g. landing a test case, or fixing a typo -- then feel free to disregard this message)
Comment 13•11 days ago
|
||
bugherder |
Description
•