Mozilla Will Delete Firefox Crash Reports Collected by Accident

Catalin Cimpanu, writing for BleepingComputer: Mozilla said last week it would delete all telemetry data collected because of a bug in the Firefox crash reporter. According to Mozilla engineers, Firefox has been collecting information on crashed background tabs from users' browsers since Firefox 52, released in March 2017. Firefox versions released in that time span did not respect user-set privacy settings and automatically auto-submitted crash reports to Mozilla servers. The browser maker fixed the issue with the release of Firefox 57.0.3. Crash reports are not fully-anonymized.

ALERT

From Tom Lendacky
Subject [PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors
Date Tue, 26 Dec 2017 23:43:54 -0600
share 0
share 2k
AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against. The AMD microarchitecture
does not allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode
when that access would result in a page fault.

Disable page table isolation by default on AMD processors by not setting
the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI
is set.

Signed-off-by: Tom Lendacky
---
arch/x86/kernel/cpu/common.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index c47de4e..7d9e3b0 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -923,8 +923,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)

setup_force_cpu_cap(X86_FEATURE_ALWAYS);

- /* Assume for now that ALL x86 CPUs are insecure */
- setup_force_cpu_bug(X86_BUG_CPU_INSECURE);
+ if (c->x86_vendor != X86_VENDOR_AMD)
+ setup_force_cpu_bug(X86_BUG_CPU_INSECURE);

fpu__init_system(c);

Re:ALERT

A method of avoiding virtual world fatigue by generating an active avatar in an avatar wallet. The method includes creating and storing an active avatar in the avatar wallet, selecting target worlds for the active avatar to visit, modifying the initial appearance, the user information, the contact map and the characteristic sharing information of the active avatar in accordance with user preferences with respect to each of the target worlds so as to generate a version of the active avatar for each of the target worlds, and initiating a submission of a version of the active avatar to the corresponding target world such that the version is automatically tailored to allowable avatar properties of the corresponding target world.

ffs tom what were you thinking
where is the use case

Telemetry and privacy.

At least they're doing better than Windows 10.

Inverted bugs ?

[Laxator2]

In the past bugs meant that the product was _not_ doing what it was supposed to do. For example a bug would mean that Firefox would fail to collect the reports.

Same with Google's voice-activated assistant: a bug would mean that it does not record conversations.

However, recent bugs mean that the Firefox collects everything, and that Google's assistant records 24/7. Or when Google's cars doing the mapping for Street View "accidentally" slurped all wi-fi passwords they could find.

I think a new word should be invented to describe this type of "mistake". How about "gub" instead of "bug" ?

Re:Inverted bugs ?

[mysidia]

I call it Accidental Spyware. Since this sort of bug is a type of defect where user information is LEAKED to the software vendor through call-home after the user SPECIFICALLY chose the opt-out box in order to NOT leak information back to the software vendor.

It just comes to show.... even open source software normally thought of benign such as Firefox CANNOT reasonably be trusted to have implemented opt-out correctly and completely in the client, even when opt-out is offered.

This speaks in favor of having 3rd party solutions to "monitor" applications' you are using for unexpected telemetry transmission.

Re:Inverted bugs ?

What are you talking about?

if (spyOnMe = YES_PLEASE) {
    sendAllMyInfoToTheMotherShip();
}

Totally a bug. And not malicious.

oh that is nice of them.

But what about the copy of the data that was made in transit by the criminals in secret services fishing in the upstream? When will they delete it?

It's a stupid idea to send raw contents of a crashed process over the internet, no matter how you frame it.

Re:oh that is nice of them.

[TheRaven64]

Or copies that ended up in backups, or copies that were on engineers machines that were lost, and so on. It's nice of them to try, but the general rule of data is that the only way you can guarantee that something is completely deleted is to make sure that something important depends on it and rely on Murphy's Law.

shrug - I moved over to Pale Moon

After the ridiculous plug-in debacle.

Mozilla have been corrupted by money and size. They have a LOOOT of staff and a LOOOOT of money.

They're getting a lot like MS or Google.

Time for more Firefox hate.

Slashdot loves to hate Firefox, with Waterfox, Palemoon and now Basilisk available there is no reason to use Firefox anymore. Mozilla took their credibility and smashed it up. Only losers now use Firefox in 2018.

about:config

I have been doing searches for "mozilla.org" deleting telemetry related URLs and any other privacy leaking addresses for a long time now just to be on the safe side. Unless those addresses are hard-coded, that should stop any telemetry info going to mozilla regardless of the privacy settings.

Paranoids want to know

Will the employee(s) that "accidentally" collected the data be removed from the organization, or is their cover still intact to prepare for the next "accident"?

Gone, but not forgotten?

[geekmux]

Since they're being open about a bug that "accidentally" captured user telemetry data, would Mozilla now care to share what they've done with that data since March of 2017 when v52 was released? Who else has that data? Has it been bought and sold already?

When it comes to controlling not-so-anonymized information, a half-assed effort is essentially fucking worthless.

Re:Gone, but not forgotten?

I'd like to know why it took them so long to realize "Hey, all of a sudden everyone's opted in to giving us crash reports!"

I find it difficult to believe they didn't notice something was up, assuming they didn't cause it on purpose. Were people starting to catch on to the bad behavior to make them come clean? :p

hi Anon, this is Moz Dev ABC returning...

...your bugreport you submitted on crashed Chrome browser. Yeahhhhhh, I'm going to ask you for he short-term to stop visiting that video on LUXURE TV because the bachelloe party video of that german shepard knotting Rob 'taco' Malda while Hemos and Neil watch is actually a codec flaw from the 23 second mark emitting a squealling-pig noise that crashes your webbrowser's add-on memory manager. I've taken the liberty of passing your viewing habits onto The IUCCC as well as Macromedia and and you should be rx a reply from them as well. Thankyou for using FireFox in the year 2018.

But what about Google?

Do the crash reports go straight to Mozilla's servers, are are they fed into google analytics that moziila uses? (and yes, as of last year Mozilla does use GA for some stuff. But don't worry, they have a iron-clad contract with google to protect your privacy).

Not to mention....

It took them 9 months to discover a *SELF INFLICTED REPORTING BUG*.

Thank god TBB disables crash reporting, but this means every other browser I could have been using for the last 9 months could have been leaking data to Mozilla that doxxed my systems.

As an example, I2P doesn't have a full featured TBB equivalent at this point. If you were foolish enough to add outproxy support to your default in-network tunnels (I2P is default isolated to only .i2p addresses, but allows you to tie local or remote outproxy services into the client service port to provide clearnet access for your proxy enabled browser.)

As a result of this services with clearnet proxy access have been leaking reports that could compromise the individuals' identity outside of the anonymity networks.

any references apart from the article?

Is there any reference to an official Mozilla statement?
Because Catalin Cimpanu didn't mention any sources in his BleepingComputer article.
I wasn't able to find anything at Mozilla either. Did they really say that last week?

Firefox sold out to the NSA a long time ago

Who the fuck needs telemetry in a fucking browser.

Re:Firefox sold out to the NSA a long time ago

Who the fuck needs telemetry in a fucking browser.

CIA, FBI, NCIS, KFC, CHIPS, TLDR, BYOD, Mafia, hell, just about everyone!

Paranoid /. posters yelling at FF again

[bjdevil66]

To the paranoid weirdos here: Cut the FF devs and leadership some slack. They're coming clean about an accidental collection of some crash data - which has only been going on since 52.x, and they've said they're not selling that data to anyone in the past.

Yes, they're far from perfect. They ARE, however, the only browser left that at least tries to respect user privacy (even to their own UX's detriment). You should all be thanking them for even still working on the project vs. abandoning the project altogether and leaving you with Chrome's or Edge's data collection.

Re:Paranoid /. posters yelling at FF again

The only reason Firefox has value to me is that it is open source. That way, I can use a fork that has this kind of thing stripped out completely by someone who actually cares about my privacy instead of acting like they do. I have been using Firefox since Phoenix. Just visiting Firefox's website and reading their privacy policy makes it clear that Firefox is not for me.

Re:Paranoid /. posters yelling at FF again

The version of chromium without the optional features might also suffice. Or is Google so evil that nobody even bothers to check the chromium code?

Re:Paranoid /. posters yelling at FF again

Seriously, what the fuck is this shit:

https://blog.mozilla.org/internetcitizen/2017/11/08/data-detox/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=ih-content-hub

The whole firefox website is cringeworthy.

https://www.mozilla.org/en-US/about/

Holy shit!

Re:Paranoid /. posters yelling at FF again

[AHuxley]

People like FF for the ability to install support like No script.
The browser and its brand is just a way of getting the real tools needed working.
User privacy comes from what a user then has to install to make a browser great.

Fixed in Firefox 52 too

[Barefoot+Monkey]

This bug was also fixed in Firefox 52, on the same day that they released the FF 57 bugfix. So if you want to keep crash reports off, receive latest security updates and still have all your old extensions work then Firefox 52 is still an option.

What about 52 ESR?

[alexo]

What about 52 ESR, the version meant to be used in corporate environments? Will a fix be issued?

Re:What about 52 ESR?

[Barefoot+Monkey]

52 ESR was already fixed last week Thursday with version 52.5.3.

Right

They did it on purpose. Then only reason they are changing this is due to the addon fiasco. They learned and didn't want to be caught with their pants down again. Good for you Mozilla.

Crash report, Accident

Obligatory bad car analogy in 3...2...1...

This "accident" SHOULD NOT HAVE BEEN POSSIBLE!

Some accidents are truly accidents. They could not have reasonably been foreseen, and they could not have reasonably been prevented.

I don't classify this "accident" as being such an accident. This "accident" should not have even been possible!

Firefox should not include any sort of user data collection or transmission of this kind. None at all. It doesn't matter what it might have been tracking. It should not have collected this data. It should not have sent it to Mozilla. Mozilla should not have stored it. None of this should have even been possible.

If Firefox crashes, have it write any relevant information to a text file. Request that the user submit it manually, perhaps by email or by uploading it to a web site. But this data submission should never happen automatically.

This "accident" should not have happened, because the mechanisms that allowed for this disaster to occur should never have existed in the first place.

Re:This "accident" SHOULD NOT HAVE BEEN POSSIBLE!

The "should not have been possible" argument is a bullshit self-serving one that can be used to justify all kinds of irrational responses. If the feature exists in the product, it is possible that it might be malfunctioning, or (since people tend to love conspiracy theories) was maliciously enabled. Simple as that.

Likewise we "should not" have to rely on Mozilla as our petty emotional vent. We "should not" have to criticize everything they do as though it's an Intel-scale privacy disaster where doxxing attacks lurk in every corner. But we do. Because we love to choose easy targets rather than accomplishing something.

Re:This "accident" SHOULD NOT HAVE BEEN POSSIBLE!

Likewise we "should not" have to rely on Mozilla as our petty emotional vent.

Yet you want GP to accept your emotional turds. Hmmm

Re:This "accident" SHOULD NOT HAVE BEEN POSSIBLE!

AmiJojo, is that you?

Actually read Firefox's privacy policy! It's bad.

They ARE, however, the only browser left that at least tries to respect user privacy

You should really read Firefox's privacy policy. Please, do it, for your own safety.

Firefox's very own privacy policy readily admits that it can share personal data with Google and other companies in a variety of ways.

The September 28, 2017 version of it states (with emphasis added):

Webpage and technical data to Google’s SafeBrowsing service: To help protect you from malicious downloads, Firefox sends basic information about unrecognized downloads to Google's SafeBrowsing Service, including the filename and the URL it was downloaded from.

Location data to Google's geolocation service: Firefox always asks before determining and sharing your location with a requesting website (for example, if a map website needs your location to provide directions). To determine location, Firefox may use your operating system’s geolocation features, Wi-fi networks, cell phone towers, or IP address, and may send this data to Google's geolocation service, which has its own privacy policy.

On iOS and Android: Firefox by default sends mobile campaign data to Adjust, our analytics vendor, which has its own privacy policy. Mobile campaign data includes a Google advertising ID, IP address, timestamp, country, language/locale, operating system, and app version.

It can also send information to SalesForce:

Your email address is sent to our email vendor, SalesForce Marketing Cloud

And to some "Adjust" company:

Firefox by default sends mobile campaign data to Adjust, our analytics vendor

And to some "Leanplum" company:

Firefox by default sends data about what features you use in Firefox to Leanplum, our mobile marketing vendor

If you're using Firefox because you wrongly think it "tries to respect user privacy", then you're very mistaken. Firefox's very own privacy policy shows that it collects a lot of user data, and it can send this user data all over the place, including to Google.

In my opinion, Firefox does not respect its users privacy at all. It's even worse that there are people like you spreading misinformation about Firefox, suggesting it respects the privacy of its users when as far as I'm concerned it very clearly doesn't.

Use Tor Browser

Tor Browser removes all telemetry/crash reports and it's optimized for privacy.
Also add MITM blocker to know about your connection.

Use the palemoon fork

no telemetry bullshit

the big question

Is Mozilla trustworthy?