Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Privacy Reviews]Call For Comments: Snappy Symbolic Server
17 views
Skip to first unread message
Curtis Koenig
Apr 30, 2012, 9:53:38 AM4/30/12
to dev-pl...@lists.mozilla.org
The security team is asking for input on a privacy review for Snappy
Symbolic Server
https://wiki.mozilla.org/Privacy/Reviews/SnappySymbolicServer This call
for input will remain open until 7-May-2012 and then recommendations
will be taken back to the team for discussion with them. Please help us
identify any additional risks not already outlined in the wiki page, and
also ways to ensure the risks are minimize. Please follow up to this
thread directly to help focus the discussion and ensure we don't miss
your feedback. At the end of this input period, we will incorporate
feedback provided into the review page, and follow up with the Snappy
team to move forward. Thanks, -- /Curtis
Symbolic Server
https://wiki.mozilla.org/Privacy/Reviews/SnappySymbolicServer This call
for input will remain open until 7-May-2012 and then recommendations
will be taken back to the team for discussion with them. Please help us
identify any additional risks not already outlined in the wiki page, and
also ways to ensure the risks are minimize. Please follow up to this
thread directly to help focus the discussion and ensure we don't miss
your feedback. At the end of this input period, we will incorporate
feedback provided into the review page, and follow up with the Snappy
team to move forward. Thanks, -- /Curtis
Ted Mielczarek
Apr 30, 2012, 11:24:54 AM4/30/12
to dev-pl...@lists.mozilla.org
On Mon, Apr 30, 2012 at 9:53 AM, Curtis Koenig <cur...@mozilla.com> wrote:
> The security team is asking for input on a privacy review for Snappy
> Symbolic Server
> https://wiki.mozilla.org/Privacy/Reviews/SnappySymbolicServer
I just have one related point of info here: this server collects less
> The security team is asking for input on a privacy review for Snappy
> Symbolic Server
> https://wiki.mozilla.org/Privacy/Reviews/SnappySymbolicServer
data than we already collect at crash-stats, and the set of data it
collects is less than the set of data we already expose publicly at
crash-stats. (Stack addresses and memory mapping info.) None of this
info seems particularly sensitive.
-Ted
Sid Stamm
Apr 30, 2012, 4:13:42 PM4/30/12
to Ted Mielczarek
On 4/30/12 8:24 AM, Ted Mielczarek wrote:
> I just have one related point of info here: this server collects less
> data than we already collect at crash-stats, and the set of data it
> collects is less than the set of data we already expose publicly at
> crash-stats. (Stack addresses and memory mapping info.) None of this
> info seems particularly sensitive.
This is what I was thinking too, Ted, but we have to be careful here;
> I just have one related point of info here: this server collects less
> data than we already collect at crash-stats, and the set of data it
> collects is less than the set of data we already expose publicly at
> crash-stats. (Stack addresses and memory mapping info.) None of this
> info seems particularly sensitive.
"we already do X" doesn't mean it will always be the right thing to do.
In this case I think the proposed system is totally reasonable, but we
shouldn't rely on precedent alone to make decisions. If we do, we will
only end up with more relaxed data controls and not the more
privacy-preserving tighter data controls.
-Sid
Curtis Koenig
May 8, 2012, 10:08:43 AM5/8/12
to Sid Stamm, dev-pl...@lists.mozilla.org
Thank you for your feedback on
We will now incorporate all the risks and countermeasures not already
captured into the wiki and communicated back to the Snappy team. The
status of each of these items will be tracked on the wiki for the review
if you wish to follow progression of the privacy review results.
Thanks,
/Curtis
> _______________________________________________
> dev-planning mailing list
> dev-pl...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-planning
We will now incorporate all the risks and countermeasures not already
captured into the wiki and communicated back to the Snappy team. The
status of each of these items will be tracked on the wiki for the review
if you wish to follow progression of the privacy review results.
Thanks,
/Curtis
> dev-planning mailing list
> dev-pl...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-planning
0 new messages