On 06/11/2012 02:09 PM, Justin Dolske wrote: > On 6/11/12 3:11 AM, Henri Sivonen wrote: > > >> About potential user backlash: even though both Microsoft and Google >> have a feature like this in IE and Chrome, Mozilla who could still >> face a user backlash from doing this sort of thing in Firefox. If >> Firefox sends data to Google just like Chrome, Firefox loses the >> advantage of not sending data to Google relative to Chrome. As for >> Microsoft, they have the explicit opt in mentioned above. > > Depends on exactly what details are sent, our judgement on how > privacy-sensitive it is, and what contractual limitations we can ask the > provider (Google) to do with whatever data they can collect. > > I think we got this right with SafeBrowsing feature (ie antiphish/attack > warnings)... It's vaguely making a similar choice: given a URL, is it > good or bad. It was designed and built to be privacy-sensitive enough > that it can just be on by default. > > I'd hope we could build this in a similar way...
To clear things up completely: this is an addition to the existing SafeBrowsing feature in Firefox. This feature augments what the current one can detect, but will involve sending out URLs in pings. Based on Moheeb's reply (in this thread), I think we should move ahead with implementing this for our windows users. It seems to me, and please chime in if I'm out of line here, that we should: 1. Stand up a proxy that handles both pings and list updates. ** This proxy would strip the last octet out of IP addresses for pings ** Firefox then pings us (the proxy) instead of Google directly 2. Explore tying in other reputation systems via the proxy 3. Document the endpoints in detail so users/enterprises can select to use Google directly (probably via about:config prefs) or choose an alternate reputation service provider. Sound good? -Sid _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
