Opened 5 years ago

Last modified 23 months ago

#12695 new task

Audit Application Reputation feature

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-firefox-patch
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Google has offered an application reputation feature to detect malicious downloads as part of Google Safe Browsing and Mozilla has implemented that in ESR 31. We should look at possible issues before switching to ESR 31. Note that the remote lookup feature is not included yet which needs to get audited before we switch to ESR 38:

https://wiki.mozilla.org/Security/Features/Application_Reputation_Design_Doc

The tracking bug is

https://bugzilla.mozilla.org/show_bug.cgi?id=662819

Child Tickets

Change History (5)

comment:1 Changed 5 years ago by gk

As we are currently disabling Safe Browsing (see #8557) auditing that part may not be so urgent. Note that this bug is specific to the Application Reputation feature. The issues shared with the underlying Safe Browsing approach are to be discussed in #8557.

comment:2 Changed 5 years ago by erinn

Component: Firefox Patch IssuesTor Browser
Keywords: tbb-firefox-patch added
Owner: changed from mikeperry to tbb-team

comment:3 Changed 5 years ago by mikeperry

Keywords: TorBrowserTeam201409 added

comment:4 Changed 5 years ago by mikeperry

Keywords: ff31-esr TorBrowserTeam201409 removed

comment:5 Changed 23 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.