TPE SecEng/SafeBrowsing
From MozillaWiki
SafeBrowsing
References:
- Mozilla Wiki: https://wiki.mozilla.org/Phishing_Protection
- Google SafeBrowsing: https://developers.google.com/safe-browsing/
- SB v2 Developer Guide: https://developers.google.com/safe-browsing/developers_guide_v2
- How Safe Browsing Works in Firefox: https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/
- SB Introduction Slides: http://people.mozilla.org/~fmarier/tmp/tpe-safebrowsing-intro.pdf
Main Engineers
- Francois Marier (SecEng, Vancouver, CA)
- Dimi Lee (SecEng, Taipei, TW)
- Henry Chang (SecEng, Taipei, TW)
Taipei Dashboard
Meta bugs
ID | Summary | Priority | Status |
---|---|---|---|
1167038 | [meta] Add support for version 4 of the Safe Browsing protocol | P2 | RESOLVED |
1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);
Ship bugs
ID | Summary | Status | Resolution | Assigned to | Depends on | Blocks | Whiteboard |
---|---|---|---|---|---|---|---|
750751 | Implement tests for on-wire update format | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1167038 | ||
1037560 | Safebrowsing pleasereset resets all tables | VERIFIED | FIXED | Dimi Lee [:dimi] | 1029886, 1149867, 1167038 | #sbv4-m1 | |
1179301 | Latent buffer overrun bug in SafebrowsingHash | RESOLVED | FIXED | Henry Chang [:hchang] | 1167038 | #sbv4-m1 [adv-main51-] | |
1254766 | Stop caching Safe Browsing completions to disk | RESOLVED | FIXED | Dimi Lee [:dimi] | 1272239, 1289028, 1291024 | 1167038 | #sbv4-m0 |
1264885 | Refactor the listmanager to add support for both V2 an V4 of the protocol | RESOLVED | FIXED | Henry Chang [:hchang] | 1037555, 1273395 | 1167038 | #sbv4-m0 |
1273398 | Implement RequestBackoff for Safe Browsing v4 | RESOLVED | FIXED | Henry Chang [:hchang] | 1167038 | #sbv4-m0 | |
1274112 | Implement Safe Browsing v4 update request | VERIFIED | FIXED | Henry Chang [:hchang] | 1275507, 1276595, 1305567 | 1167038 | #sbv4-m0 |
1276826 | Implement Safe Browsing v4 hash completion request | RESOLVED | FIXED | Henry Chang [:hchang] | 1276827, 1319286, 1323856 | 1167038, 1329808 | #sbv4-m5 |
1283009 | Store variable-length prefix to disk | RESOLVED | DUPLICATE | Dimi Lee [:dimi] | 1283007, 1284178 | 1167038 | #sbv4-m1 |
1287058 | Supports SafeBrowsing v4 partial update | RESOLVED | DUPLICATE | Dimi Lee [:dimi] | 1287059 | 1167038, 1305486 | #sbv4-m1 |
1288633 | Page URL sent instead of matching URL for Safe Browsing false positives | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1315097, 1341514, 1345569, 1347493 | 538204, 1195242, 1331138, 1167038 | |
1288833 | Ensure that full hashes received in updates aren't used before we call gethash on them | RESOLVED | WONTFIX | Thomas Nguyen (:tnguyen) | 1167038 | #sbv4-m1 | |
1296820 | Enabling Safe Browsing V4 updates breaks all list updates | RESOLVED | FIXED | Henry Chang [:hchang] | 1342900 | 1167038 | #sbv4-m1 |
1298257 | Implement url matching for variable-length prefix set | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1312339 | 1167038, 1312939 | #sbv4-m3 |
1302044 | Disabled v4 tables would still be updated | RESOLVED | FIXED | Henry Chang [:hchang] | 1167038 | #sbv4-m1 | |
1305478 | Use 0-1 min as the initial update delay for both V2 and V4 | RESOLVED | FIXED | Henry Chang [:hchang] | 1167038 | #sbv4-m1 | |
1305486 | Enable V4 update by default on Nightly only | RESOLVED | FIXED | Henry Chang [:hchang] | 1285848, 1287058, 1305780, 1305801, 1310142, 1315097, 1315386 | 1167038 | #sbv4-m4 |
1307026 | goog-phish-proto is not available with mozilla API key | RESOLVED | FIXED | Henry Chang [:hchang] | 1167038 | ||
1307541 | V4 updates are not scheduled at the right time | RESOLVED | FIXED | Henry Chang [:hchang] | 1167038 | #sbv4-m0 | |
1312888 | Incorrect debug output for V2 lists | RESOLVED | FIXED | Dimi Lee [:dimi] | 1167038 | #sbv4-m8 | |
1312939 | [META] Add Telemetry for Safe Browsing v4 | RESOLVED | FIXED | 1298257, 1311910, 1311926, 1311931, 1311933, 1315893, 1322523, 1332780, 1335974, 1336865, 1336886, 1336903, 1336909, 1336911, 1337260, 1338033 | 1167038 | ||
1329366 | Avoid the reuse of the same chunk numbers in classifierHelper.js | RESOLVED | FIXED | Dimi Lee [:dimi] | 1167038, 1274105 | #sbv4-m8 | |
1329817 | Enable V4 lookups | RESOLVED | FIXED | Dimi Lee [:dimi] | 1329808 | 1167038 | #sbv4-m6 |
1330253 | Supply a Google API key on try to enable testing against the Safe Browsing service | RESOLVED | FIXED | Dimi Lee [:dimi] | 1334093 | 1167038 | #sbv4-m6 [google-api-safe-browsing] |
1331139 | Update download protection for V4 | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1358333 | 1167038 | #sbv4-m5 |
1332767 | 4% of V4 updates return a 400 | RESOLVED | DUPLICATE | Dimi Lee [:dimi] | 1167038 | #sbv4-m5 | |
1336915 | Disable Safe Browsing V4 updates and fullhash requests when the Google API key is missing | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1336922, 1361048 | 1167038 | #sbv4-m7 |
1336920 | Display the presence/absence of a valid Google API key in about:support | RESOLVED | FIXED | Sebastian Hengst [:aryx] (needinfo me if it's about an intermittent or backout) | 1167038 | ||
1336922 | Disable v4 update in test_safe_browsing_initial_download.py testcase | RESOLVED | FIXED | François Marier [:francois] | 1167038, 1336915 | ||
1349338 | MOZ_SAFEBROWSING_DUMP_FAILED_UPDATES should be defined in debug builds | RESOLVED | WORKSFORME | 1167038 | #sbv4-m7 | ||
1350798 | Ignore v4 completion too early will cause telemetry::URLCLASSIFIER_MATCH_RESULT gets wrong results | RESOLVED | FIXED | Dimi Lee [:dimi] | 1167038 | #sbv4-m6 | |
1359337 | [META] QA bugs of Safe Browsing v4 | RESOLVED | FIXED | 1359347, 1369290, 1392204 | 1167038 | ||
1362484 | 404s during Safe Browsing V4 updates | RESOLVED | FIXED | François Marier [:francois] | 1365027 | 1167038 | #sbv4-m7 |
1363879 | Sort gethash prefixes to hide noise entries | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1167038 | #sbv4-m7 | |
1363882 | Gethash entries are not cast safely | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1167038 | #sbv4-m8 | |
1364606 | Checksum mismatches in V4 updates | RESOLVED | WORKSFORME | Dimi Lee [:dimi] | 1364607 | 1167038 | #sbv4-m7 |
1366920 | SafeBrowinsg V4 only in nightly 56 | RESOLVED | FIXED | Dimi Lee [:dimi] | 1375890, 1394053, 1394056, 1394335 | 1167038, 1366965 | #sbv4-m8 |
1376410 | Crash in OOM | large | NS_ABORT_OOM | nsACString::Replace | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1167038 | #sbv4-m9 | |
1377267 | SBv4 Crashrate opt-out study | RESOLVED | FIXED | Kamyar Ardekani (he/him) | 1376589, 1390698 | 1167038 | #sbv4-m9 |
1377976 | [meta] Support for Safe Browsing V4 in Fennec | RESOLVED | FIXED | 1303393, 1370753, 1375277, 1384326, 1394017, 1397930, 1397938, 1399785 | 1167038 | ||
1377983 | Remove comparative V2/V4 Application Reputation telemetry probes | RESOLVED | FIXED | Thomas Nguyen (:tnguyen) | 1167038 | #sbv4-m8 | |
1377987 | Ensure that Linux distros get Google API keys for Safe Browsing in time for 56 | RESOLVED | FIXED | François Marier [:francois] | 1167038 | #sbv4-m9 | |
1387651 | Staged rollout of Safe Browsing V4 to the release population using Shield | RESOLVED | FIXED | François Marier [:francois] | 1393954, 1393980 | 1167038 | #sbv4-m9 |
1388218 | Work with Soft Vision to test Safe Browsing V2 and V4 in Beta | RESOLVED | FIXED | Wesly Huang (EPM) | 1167038 | #sbv4-m9 | |
1431370 | Crash in OOM | large | mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | nsTArray_base<T>::EnsureCapacity<T> | nsTArray_base<T>::InsertSlotsAt<T> | nsTArray_Impl<T>::SetLength<T> | mozilla::safebrowsing::DoRiceDeltaDecode | RESOLVED | FIXED | François Marier [:francois] | 1434662 | 1167038, 1285848 | |
1435859 | Crash in OOM | large | NS_ABORT_OOM | mozilla::safebrowsing::Classifier::DeleteTables | RESOLVED | FIXED | François Marier [:francois] | 1167038 |
46 Total; 0 Open (0%); 44 Resolved (95.65%); 2 Verified (4.35%);