When importing contacts from facebook I have to agree to a ridiculous number of permissions
Which ones specifically?
At a guess ... all of them. This is a screenshot from facebook showing all the permissions the app got. I don't understand why it needs any of it except things from friends profile info.
Summary: Important contacts from facebook requires too many permissions → Importing contacts from facebook requires too many permissions
Ah, you're talking about facebook permissions, not b2g permissions. I think this is Jose's code? Not sure if this is a blocker or not. Tom: Do you have opinions?
Assignee: nobody → jmcf
blocking-basecamp: --- → ?
This is being discussed also in bug 804031
marking this bug to block bug 804031. Adding needInfo to privacy team. We need a decision there if this is something we are blocking v1 or not.
Suggestion: this is not a privacy blocker, but may instead be a usability or security blocker. As long as we don't actually *use* any of these permissions, I don't think it's a privacy problem per se. However, the fact that we ask for them looks like a huge usability & adoption issue; I'd certainly be scared if I saw that, and might well not want to continue. In addition, if a user accepts this, I assume that we get a token of some sort which has the authority to do these things. If that's stored on the phone, then there's the risk that some nefarious actor might get the token and use all those permissions. That would obviously be a privacy disaster, but as a result of a security vulnerability.
+1 on this, just saw this and denied the import.. This needs to be better thought through for security purposes.
Per triage: not considered blocking, given privacy team feedback. Working on getting a sec team response for this. We'd like to see this fixed, but it's not considered inherently harmful at this time.
blocking-basecamp: ? → -
Excuse the drive-by, but my take on this (as a 'security person') is that we shouldn't request permissions we don't need. There are (at least) 2 reasons for this: 1) In the event that whatever we're doing is open to abuse, the impact is minimised (think Principle of Least Privilege) 2) Legitimate apps asking users for everything, all of the time, would seem to desensitize people to malicious apps that do the same - I can't support this with actual data, but it's a common argument in criticisms of Android, for example.
We have raised concerns in the past about Mozilla authored apps that have too much access to personal data on 3rd party sites like FB in the past, and while I agree with Toms comments about this only being a privacy issue if there is a security bug, we need to rein in the permissions the app is requesting from FB. Paul, David, other than adjusting the permissions the app is looking for on the call to facebook, is there anything else needed here?
According to Daniel from TEF: "Yeah, we need to have a look at the permissions used. The FB integration lead engineer has been on Holidays this week. Hope he can review the permissions next one. I am pretty sure we will need a more meaningful application key and set of permissions requested when going life to production."
I have checked the requested permissions and those really needed and we can request less as wall post and messaging are done through FB Dialogs. I have changed them but the message for the user remains the same. I need to contact FB about this issue.
FB was granting all those permissions for our app as it is whitelisted. FB is going to grant only those permissions which are really needed. We are awaiting for the fix on their side
Not blocking, outside of our code scope. Individual issues of the FB integration that we *can* affect should be filed as separate issues out of the review in bug 804031.
blocking-basecamp: ? → -
(In reply to Jose M. Cantera from comment #13) > FB was granting all those permissions for our app as it is whitelisted. FB > is going to grant only those permissions which are really needed. We are > awaiting for the fix on their side Jose, can you confirm if this fix has been implemented and if not, could you please follow up asap?
As I said to you privately, we are going to reiterate our request to Facebook for fixing this. It is a must thanks!
After talking to FB. We are close to resolving this. ETA is next week (starting 18/02)
The patch adjusts the requested permissions to only those which are really needed. In addition Facebook has adjusted their platform to only whitelist us for certain permissions. Once we get an r+ this patch should be also landing in v1-train and v1.0.1
Attachment #715918 - Flags: review?(crdlc)
Comment on attachment 715918 [details] Pointer to GH PR I deleted the app from my Facebook account and works fine, thanks
Attachment #715918 - Flags: review?(crdlc) → review+
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Marking as blocker so this low risk fix can land without approval when ready to v1-train and v1.0.1
blocking-b2g: tef? → tef+
Bug 853195 noted, FTE portion can't be checked due to bug 852598. Gecko http://hg.mozilla.org/releases/mozilla-b2g18_v1_0_1/rev/e74dafa6b2d9 Gaia 1438da6ca0e020a8df686e2100a668370dfe6fb6 BuildID 20130312230202 Version 18.0 Gecko http://hg.mozilla.org/releases/mozilla-b2g18/rev/778da49486f0 Gaia 6c3767c2dea43b5e9aff7d156d36d69649005621 BuildID 20130320070206 Version 18.0
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.