Closed Bug 1887658 Opened 2 months ago Closed 21 days ago

Collect (user) font prefs

Categories

(Core :: Privacy: Anti-Tracking, task)

Product:
Core
Component:
Privacy: Anti-Tracking
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
127 Branch
Tracking Flags:
Tracking Status
firefox127 --- fixed

People

(Reporter: tschuster, Assigned: tschuster)

References

(Blocks 1 open bug)

Details

Attachments

(3 files)

Bug 1887658 - Collect (user) font prefs. r?timhuang
48 bytes, text/x-phabricator-request
Details | Review
Data review request
8.10 KB, text/plain
chutten
: data-review+
Details
Bug 1887658 - Add data review URL
48 bytes, text/x-phabricator-request
Details | Review

Users can customize the fonts (and sizes) used for serif/sans-serif/monospace per language. This is something like 23 x 2/3 x 4 different preferences. I don't think we really want to collect all that information. Instead I propose we only collect if e.g. any default sans-serif font was modified.

Attachment #9393063 - Attachment description: WIP: Bug 1887658 - Collect (user) font prefs → Bug 1887658 - Collect (user) font prefs. r?tjr!
Attachment #9393063 - Attachment description: Bug 1887658 - Collect (user) font prefs. r?tjr! → Bug 1887658 - Collect (user) font prefs. r?timhuang

The following patch is waiting for review from an inactive reviewer:

ID Title Author Reviewer Status
D205579 Bug 1887658 - Collect (user) font prefs. r?timhuang tschuster tjr: Back Apr 30, 2024

:tschuster, could you please find another reviewer?

For more information, please visit BugBot documentation.

Flags: needinfo?(tschuster)
Flags: needinfo?(tschuster)
Attached file Data review request
Attachment #9397584 - Flags: data-review?(chutten)

Comment on attachment 9397584 [details]
Data review request

DATA COLLECTION REVIEW RESPONSE:

Is there or will there be documentation that describes the schema for the ultimate data set available publicly, complete and accurate?

Yes.

Is there a control mechanism that allows the user to turn the data collection on and off?

Yes. This collection can be controlled through the product's preferences.

If the request is for permanent data collection, is there someone who will monitor the data over time?

Yes, Tom Schuster is responsible.

Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under?

Category 2, Interaction.

Is the data collection request for default-on or default-off?

Default on for all channels.

Does the instrumentation include the addition of any new identifiers?

No.

Is the data collection covered by the existing Firefox privacy notice?

Yes.

Does the data collection use a third-party collection tool?

No.

Result: datareview+

Attachment #9397584 - Flags: data-review?(chutten) → data-review+

I know it's unlikely to be a problem, but some of these prefs are being collected as string metrics which are 100B of UTF-8. Have you given thought to whether there might be string data in there that we don't want to collect? In all but the weirdest cases we can reasonably expect that it'll be a font's name (any weirdos going into about:config and putting in custom values are a) gonna mess with how the web looks for themselves, and b) too weird for us to take seriously)... but any time we collect text I have a duty of care to warn you that people will surprise you, and not always in a good way, with the written word.

Pushed by tschuster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c61aca5511ab
Collect (user) font prefs. r=timhuang

(In reply to Chris H-C :chutten from comment #5)

I know it's unlikely to be a problem, but some of these prefs are being collected as string metrics which are 100B of UTF-8. Have you given thought to whether there might be string data in there that we don't want to collect? In all but the weirdest cases we can reasonably expect that it'll be a font's name (any weirdos going into about:config and putting in custom values are a) gonna mess with how the web looks for themselves, and b) too weird for us to take seriously)... but any time we collect text I have a duty of care to warn you that people will surprise you, and not always in a good way, with the written word.

Thank you for the warning Chris. I don't think there is much sanitization we could do beforehand, because font names can basically be arbitrarily named. (And actually looking up fonts to make sure they are real seems infeasible)

Yeah, the only mitigations I can think of on this would be on the analysis side to warn folks that there might be stuff in there they don't want in their brains. But our user base is usually fairly okay on things like this (I get a chuckle out of the folks who set their update channel to no, even if I'm not sure why they want insecure code so much), so it's hopefully not likely to come up. Just one of those things about collecting data : )

https://hg.mozilla.org/mozilla-central/rev/c61aca5511ab

Status: NEW → RESOLVED
Closed: 21 days ago
status-firefox127: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 127 Branch

A patch has been attached on this bug, which was already closed. Filing a separate bug will ensure better tracking. If this was not by mistake and further action is needed, please alert the appropriate party. (Or: if the patch doesn't change behavior -- e.g. landing a test case, or fixing a typo -- then feel free to disregard this message)

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: