ProcMaps.txt may contain private information such as username

Mon Jul 30 22:09:12 UTC 2012

*THIS* email chain is a non-issue.  Your bug was also marked as a
non-issue.  We've already established this is an issue where the user needs
to be more proactive in bugs.  Your concerns are not based in any solid
fact, and as I've said before, everyone on the bug control team knows what
to look for.  Therefore, this *is* a non-issue.

Thomas

On Mon, Jul 30, 2012 at 5:26 PM, Fred . <eldmannen at gmail.com> wrote:

> I don't think privacy is a non-issue.
>
> On Mon, Jul 30, 2012 at 10:54 PM, stevec at couttsnet.com
> <stevec at couttsnet.com> wrote:
> > Far too much effort is being put into this non-issue.
> >
> > Sent from my HTC
> >
> >
> > ----- Reply message -----
> > From: "Fred ." <eldmannen at gmail.com>
> > To: "Thomas Ward" <trekcaptainusa.tw at gmail.com>
> > Cc: <ubuntu-bugsquad at lists.ubuntu.com>
> > Subject: ProcMaps.txt may contain private information such as username
> > Date: Mon, Jul 30, 2012 19:20
> >
> >
> > Yeah, users can look what is being submitted.
> > On one hand, the user really wants to submit that bug and help out.
> > On the other hand, the user does not want to reveal PII and compromise
> > his privacy.
> >
> > The user is nice enough to take the time to report a bug, he it
> > putting in effort and time.
> > Why should he have to sacrifice his privacy too?
> >
> > What reasonable actions can we take to prevent PII leakage?
> > If we cant get rid of all PII leakage, maybe we can at least reduce it.
> >
> > What measures can we take to increase privacy, decrease PII leakage,
> while
> > not
> > reducing the quality of the report?
> >
> > Could $USER and $HOSTNAME be assigned something else to the Apport
> process?
> >
> > On Mon, Jul 30, 2012 at 7:45 PM, Thomas Ward
> > <trekcaptainusa.tw at gmail.com> wrote:
> >> You mean from humans going through with a fine toothed comb, and having
> >> more
> >> than one user look at it?
> >>
> >> I work in IT Security, i can identify PII relatively easily.  Part of my
> >> job
> >> is to identify instances of PII leakage, whether accidental or
> >> maliciously.
> >> I can spot those things.  Likely, most of Bug Control can identify that
> as
> >> well.
> >>
> >> As I've said and at least one other person has said on this email
> chain, I
> >> think the likelihood of PII leakage falls upon two groups of people: the
> >> competency of people on the team(s) that can see the private bugs, and
> the
> >> competency of the user who is submitting the data to actually *look* at
> >> what's being submitted.  I believe apport should better identify the
> risk
> >> of
> >> submitting the information, making a note that PII might be in the
> report.
> >> I still believe that autoremoving these items is not a good idea.
> >>
> >> Even then, if I thought it *were* a good idea, there's a feasibility
> issue
> >> here, of how to automatically identify and remove the information.  How
> >> are
> >> we going to identify *every variation* of how PII shows up?  How're we
> >> going
> >> to remove that PII without any side-effects (see the 'go' example in the
> >> email chain)?
> >>
> >> I also personally believe that the likelihood of any true PII leakage is
> >> at
> >> or near zero.  Most of the responsibility falls on the users themselves
> to
> >> say "Do I really want to include this information?", and if so then
> that's
> >> the end of it, otherwise they have to go through and decide whether they
> >> really want to include the information.
> >>
> >> (I might be restating my opinions, but from my perspective as someone
> who
> >> works with PII fairly often, and as a programmer, there is a "feature
> >> feasibility" issue here)
> >>
> >>
> >> -----------
> >> Thomas
> >>
> >>
> >> On Mon, Jul 30, 2012 at 12:40 PM, Fred . <eldmannen at gmail.com> wrote:
> >>>
> >>> Well then just modifying $USER and $HOSTNAME maybe work?
> >>>
> >>> What options do we have for improving privacy and prevent PII leakage?
> >>>
> >>> On Mon, Jul 30, 2012 at 6:01 PM, Claudio Moretti <
> flyingstar16 at gmail.com>
> >>> wrote:
> >>> > On Mon, Jul 30, 2012 at 3:50 PM, Fred . <eldmannen at gmail.com> wrote:
> >>> >>
> >>> >> You wouldn't search and replace for just "go", you would include the
> >>> >> directory separator and search for "/go/", and probably even include
> >>> >> home there and search for "/home/go/"
> >>> >> So a stacktrace should be no problem.
> >>> >
> >>> >
> >>> > Sure, but you won't be able to replace strings that contain only the
> >>> > username, and the user at hostname:pwd string too..
> >>> >
> >>> > Claudio
> >>>
> >>> --
> >>> Ubuntu-bugsquad mailing list
> >>> Ubuntu-bugsquad at lists.ubuntu.com
> >>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugsquad
> >>
> >>
> >
> > --
> > Ubuntu-bugsquad mailing list
> > Ubuntu-bugsquad at lists.ubuntu.com
> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugsquad
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-bugsquad/attachments/20120730/e4ac4b76/attachment-0001.html>