(bcc security & privacy, please keep discussion on dev-webapi)
In the Idle API bug (https://bugzilla.mozilla.org/show_bug.cgi?id=715041),
there was discussion around the privacy threat of websites correlating two
anonymous identities by comparing system idle times. In response a 'fuzz'
factor w
On Jun 7, 2012, at 9:32 PM, Ben Francis wrote:
> On Wed, Jun 6, 2012 at 9:23 AM, Paul Theriault wrote:
> It is expected that all Gaia apps will fall into the certified category
>
> Really?! If all Gaia apps are considered to require enough privileges to need
> the "certified" level, given that
, at 12:44 AM, Ben Francis wrote:
> On Thu, Mar 22, 2012 at 1:50 AM, ptheriault wrote:
> To me these controls are not mutually exclusive, but rather a series of
> controls that provide mitigations against slightly different threats.
>
> 1. Require the app host to have SSL?
> 2.
Even the wiki page was getting very long, so I have had a go at trying to
summarize the various aspects of the permissions model:
https://wiki.mozilla.org/Apps/Security#Summary
Also I thought that maybe it might be helpful to fork the discussion out into
the separate headings in the summary (and
will be exposed to attack every time the
browser app visits a website, so this isn't adding any attack surface.
On Mar 22, 2012, at 9:03 PM, Kevin Chadwick wrote:
> On Thu, 22 Mar 2012 12:50:33 +1100
> ptheriault wrote:
>
>> 1. I can't think of any reason not to deplo
To me these controls are not mutually exclusive, but rather a series of
controls that provide mitigations against slightly different threats.
1. Require the app host to have SSL?
2. Require the app to be static HTML/JS/CSS (and prevent loading of dynamic
code)?
3. Require the app to be hosted o
To aid the discussion of controls vs threats, I have drafted an initial list of
threats with associated controls here:
https://wiki.mozilla.org/B2G_App_Security_Model/Threat_Model
I have tried to include all threats/controls raised in the thread so far, but I
have no doubt missed or misinterpr
On Mar 15, 2012, at 12:16 PM, lkcl luke wrote:
> Some time ago, Paul wrote this:
>
>> How do domains which install themselves as Web Apps fit into this model? Is
>> there perhaps a default lower set of permissions that websites can install
>> themselves with - basically the same types as websit
I actually liked the idea of "more privilege for "installed" apps, less for
"remote" apps" - the number of apps that will need elevated permissions are a
very small percentage (and I think that was B2G's original plan?) . As I
understand it, Gaia apps are already static HTML apps (i.e. it would
So my understanding is that the goal would be one process per app, however for
performance reasons, apps may need to be grouped. There will always be at least
one lower-privileged process for running content (apps) and ideally there would
be at least enough to separate critical apps (dialer, sms
Jonas,
Thanks for taking the time to document your thoughts. I also caught up with
Chris Jones from B2G yesterday to go security, and we discussed app permissions
as well. I have written up a couple pages of notes, but I'd like to a key
difference. From our discussion yesterday (and Chris corre
Chris,
Below is a summary of threats and controls for further discussion. Disclaimer:
this is my understanding from various conversations, wiki pages, bugs and IRC
chats, so it's rough, probably varies from whats implemented (or what the final
goals are), but its a starting point. Ultimately th
12 matches
Mail list logo
