Closed
Bug 737403
Opened 13 years ago
Closed 7 years ago
Concerns about B2G privacy
Categories
(Firefox OS Graveyard :: General, defect)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: Yoric, Unassigned)
References
Details
(Keywords: privacy)
I have the feeling that our users can be victims of the following scenario:
1. application A (perhaps the Twitter Web Client) implements a Twitter client, authenticates with Twitter and therefore introduces into the user profile the cookies (or other tracking mechanism) used by Twitter;
2. application B (perhaps a web browser) visits a blog with the Twitter button - said Twitter button is actually implemented as an iframe on the same domain as Twitter, and can therefore read Twitter cookies;
3. result: Twitter can track user - much more so than on Android, for instance.
Is this the case? If so, we need plans to mitigate this.
|
||
Comment 1•13 years ago
|
||
How is it different than what happens when you use firefox to access twitter and other "twitter enabled" sites? Why is it more a concern for b2g?
|
Reporter | |
Comment 2•13 years ago
|
||
On Android, if you use your Twitter native application to access Twitter and Firefox to browse, there is no information leak (afaict). With b2g, I fear that we lose that isolation.
|
|
Reporter | |
Comment 3•13 years ago
|
||
I should add that this possible privacy leak appears not just in a visible Twitter client but any Twitter-enabled app, such as a game, and works both ways. Use your Twitter identity in the game (to accumulate points) and suddenly, every Twitter-enabled application and any Twitter-enabled blog leak your identity to Twitter. This is of course also true of any other service that features some form of tracking, including many that are certainly less respectable than Twitter.
|
||
Comment 4•13 years ago
|
||
I think you are describing the problem I tracking on the web. Nothing here is specific about B2G.
|
|
Reporter | |
Comment 5•13 years ago
|
||
What I mean is that the problem of tracking on the web is even more pervasive on B2G, as there is nothing but the web.
Note that we might be able to mitigate the problem by allowing per-application/per-website profiles.
|
||
Updated•12 years ago
|
Depends on: app-data-jars
|
|
||
Comment 6•12 years ago
|
||
Jonas says this will be fixed once we have data jars.
|
||
Comment 7•7 years ago
|
||
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•