From: Emmanuel Grumbach <egrumbach@gmail.com>
To: Johannes Berg <johannes@sipsolutions.net>,
Kalle Valo <kvalo@qca.qualcomm.com>
Cc: Ben Greear <greearb@candelatech.com>,
ath10k <ath10k@lists.infradead.org>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>
Subject: Re: Firmware debugging patches?
Date: Sun, 08 Jun 2014 19:01:53 +0300 [thread overview]
Message-ID: <539488F1.2040900@gmail.com> (raw)
In-Reply-To: <1402218792.4406.2.camel@jlt4.sipsolutions.net>
On 06/08/2014 12:13 PM, Johannes Berg wrote:
> On Sun, 2014-06-08 at 11:35 +0300, Kalle Valo wrote:
>
>>> I was thinking we should not add a MAC to the dump, for privacy concerns,
>>> but whatever user-space tools gather the dump could add MAC if user perfers.
>>
>> The MAC addresses can be extracted from the target memory anyway so I
>> don't see harm from including that in the dump. Is it even possible to
>> address all privacy issues when dealing with firmware dumps?
>
> We had something of a discussion about this - it's usually not just
> BSSIDs/MAC addresses, but also encryption keys (say WEP keys, or at
> least temporal keys, sometimes more), SSIDs, etc. In short, there's a
> whole bunch of private data that can be included in such dumps.
>
> However, we haven't really found a good solution. Popping up big scary
> warnings to the user is unlikely to be productive, trying to keep the
> data private and only accessible to (the right) developers is not going
> to work ... encryption might work, but who manages that?
>
I disagree here. We found something that met the requirements of the organization we work for.
Note that each company has its requirements when it comes to this kind of things.
If we wanted to come up with a community statement of user privacy, the first step would be to stop printing the BSSID of the AP we associate to the kernel which is typically captured automatically by bug trackers...
So we need to separate between different things: we have the kernel / driver on one side, and we have the distribution on the other. We don't ship kernels to user. The distribution does.
The way I see it, we need to keep the distribution informed on what information this dump might include and how easy it is parse / hack. If the distribution wants to enable it or not is another problem.
Loading iwlwifi with debug=0xffffffff or even tracing can record pretty much everything. Should we stop allowing usage of these?
This doesn't make sense to me.
> Certainly the data shouldn't be attached to a public bug tracker
> automatically...
>
Sure - but again, I don't think that "good" or "bad" will help here. We need to come up with a real statement of what we information might be enclosed and guarantee that nothing else is included in the data. Then we can make a declaration somewhere.
Note that the distribution is shipping the whole package and that the distribution typically have a "legal department" that handles this kind of things - including a privacy statement that is agreed by the user when he installs the distribution.
next prev parent reply other threads:[~2014-06-08 16:01 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <53891ACD.7070902@candelatech.com>
[not found] ` <87wqczz3h9.fsf@kamboji.qca.qualcomm.com>
[not found] ` <538CA904.4000508@candelatech.com>
[not found] ` <87ioojz1b1.fsf@kamboji.qca.qualcomm.com>
2014-06-02 17:42 ` Firmware debugging patches? Ben Greear
2014-06-02 18:46 ` Emmanuel Grumbach
2014-06-02 18:58 ` Ben Greear
2014-06-02 19:29 ` Emmanuel Grumbach
2014-06-02 19:48 ` Ben Greear
2014-06-04 19:23 ` Emmanuel Grumbach
2014-06-04 19:29 ` Ben Greear
2014-06-05 11:10 ` Kalle Valo
2014-06-05 15:51 ` Ben Greear
2014-06-05 11:06 ` Kalle Valo
2014-06-05 15:57 ` Ben Greear
2014-06-06 6:51 ` Kalle Valo
2014-06-06 16:02 ` Ben Greear
2014-06-07 13:03 ` Kalle Valo
2014-06-07 15:27 ` Ben Greear
2014-06-08 8:35 ` Kalle Valo
2014-06-08 9:13 ` Johannes Berg
2014-06-08 16:01 ` Emmanuel Grumbach [this message]
2014-06-08 15:39 ` Ben Greear
2014-06-09 8:17 ` Kalle Valo
2014-06-09 15:09 ` Ben Greear
2014-06-09 15:47 ` Ben Greear
2014-06-09 16:27 ` Ben Greear
2014-06-10 6:05 ` Kalle Valo
2014-06-10 15:06 ` Ben Greear
2014-06-26 15:26 ` Ben Greear
2014-06-26 16:01 ` Kalle Valo
2014-06-05 10:58 ` Kalle Valo
2014-06-05 15:59 ` Ben Greear
2014-06-05 10:51 ` Kalle Valo
2014-06-05 16:03 ` Ben Greear
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=539488F1.2040900@gmail.com \
--to=egrumbach@gmail.com \
--cc=ath10k@lists.infradead.org \
--cc=greearb@candelatech.com \
--cc=johannes@sipsolutions.net \
--cc=kvalo@qca.qualcomm.com \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).