Opened 2 years ago

Closed 22 months ago

Last modified 18 months ago

#25906 closed defect (fixed)

Disable third-party tracking frameworks Adjust and Leanplum in mobile Tor Browser

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-mobile, ff60-esr, TorBrowserTeam201808R
Cc: Actual Points:
Parent ID: #26531 Points:
Reviewer: Sponsor: Sponsor8


It seems Mozilla has outsourced gathering analytics about mobile browser usage to a bunch of people. We should make sure this is disabled in Tor Browser. See:

Child Tickets

Change History (6)

comment:1 Changed 2 years ago by gk

See: for additional risks associated with it.

comment:2 Changed 2 years ago by sysrqb

Parent ID: #26531

Required for first alpha.

comment:3 Changed 22 months ago by sysrqb

Status: newneeds_review

From ticket:25851#comment:1

LeanPlum is not included by default. It is only included if MOZ_ANDROID_MMA is
true (false by default) and MOZ_ANDROID_GCM must be true (which we set false
at configure time):

From ticket:25851#comment:2

Adjust is excluded at build-time, so we can ignore that. It is excluded
if MOZ_INSTALL_TRACKING is not set. This is similar to LeanPlum - it
requires MOZ_ANDROID_GCM, too. We could change the MOZ_INSTALL_TRACKING
default value, too (being extra safe) - but currently it will not be

This is safe as long as we don't include --with-google-play-services. We already include ac_add_options --without-google-play-services in .mozconfig-android so neither LeanPlum or Adjust are included.

I also created a branch - 25906 in my repo - for review where we set the configure options as |false| by default, as another safety measure.

In reality, even if leanplum or adjust were enabled, mach configure should fail because there is an additional dependency on specifying a leanplum-sdk-file and adjust-sdk-file which we don't include. But I'd prefer playing this safe.

comment:4 Changed 22 months ago by sysrqb

Keywords: TorBrowserTeam201808R added

comment:5 Changed 22 months ago by gk

Resolution: fixed
Status: needs_reviewclosed

Thanks. Applied to tor-browser-60.1.0esr-8.0-1 (commit ccb635fc7b7c02c4431adfbe67bff2f73e491157).

comment:6 Changed 18 months ago by gk

Sponsor: Sponsor8

Sponsor8 in August 2018.

Note: See TracTickets for help on using tickets.