anonymize ESSIDs and AP MAC addresses

Bug #746900 reported by Mats Ahlgren on 2011-04-01
This bug affects 2 people
Affects Status Importance Assigned to Milestone
apport (Ubuntu)
Martin Pitt
linux (Ubuntu)

Bug Description

ESSIDs of the network interface are shown

they are furthermore submitted without showing the user what is being submitted, even if you click on "details"

furthermore, logs including paths such as /home or running processes or other sensitive information should be grepped for such text and removed

SRU TEST CASE: Run "apport-bug network-manager", and in the details expander, open the "IwConfig" field. It shows the "ESSID" in the final oneiric version, with the update you should see "ESSID: <hidden>".

blue balls (blueballs5432) wrote :

  Indeed, the repports using "apport-bug" the ESSID is included.
  Even worse, the network key is included also, which is VERY BAD !

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 746900

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: privacy
Martin Pitt (pitti) on 2011-10-13
Changed in linux (Ubuntu):
status: Incomplete → Invalid
summary: - Privacy leak in ubuntu-bug -p linux
+ anonymize ESSIDs

/home paths etc. are already anonymized. If you find a case where it isn't, can you please file a new bug with a concrete example?

I'll filter out ESSIDs and access point MAC addresses, they indeed shouldn't be there.

> they are furthermore submitted without showing the user what is being submitted, even if you click on "details"

The output of "iwconfig" is shown in details expander for me.

Where does the password get shown? it's not in iwconfig, and in syslog I just get

   Oct 13 09:26:51 donald NetworkManager[1204]: <info> Config: added 'psk' value '<omitted>'

I did "ubuntu-bug --save /tmp/bug linux" and grepped /tmp/bug for my wifi password, no hit. If you still get this, can you please file a new report with some more precise instructions how to replicate this, or with a .crash file which exposes this? You can exchange the password with something like "MYWIFIPASSWORD", just knowing where it appears exactly will be enough for me.

I'll devote this bug to the ESSIDs and AP MAC addresses.


Changed in apport (Ubuntu):
assignee: nobody → Martin Pitt (pitti)
importance: Undecided → Medium
status: New → In Progress
summary: - anonymize ESSIDs
+ anonymize ESSIDs and AP MAC addresses
Martin Pitt (pitti) wrote :

Note, the encryption key hiding was done in bug 446299 and fixed in lucid already.

Martin Pitt (pitti) on 2011-10-13
Changed in apport (Ubuntu):
status: In Progress → Fix Committed
status: Fix Committed → In Progress
status: In Progress → Fix Committed
Mats Ahlgren (mats-ahlgren) wrote :

Why has this been marked as "invalid" as opposed to "fixed"?

Martin Pitt (pitti) wrote :

It's only invalid in the linux task, the apport task is "fix committed".

Launchpad Janitor (janitor) wrote :
Download full text (4.3 KiB)

This bug was fixed in the package apport - 1.24-0ubuntu1

apport (1.24-0ubuntu1) precise; urgency=low

  * New upstream release 1.23.1:
    - apport/ Ensure that duplicate table only has one entry per
      report ID.
    - apport-retrace: Pass correct executable path to gdb in --gdb with
      --sandbox mode.
    - apport-retrace: Do not leave behind temporary directories on errors.
    - apport-retrace: Drop assertion failure for existance of "Stacktrace".
      This isn't present in the case of gdb crashing, and there is not much we
      can do about it. This should not break the retracer.
    - apport/ Unwind XError() from stack traces for the
      "StacktraceTop" field, as they take a significant part of the trace.
      This causes bugs to be duplicated which really have different causes.
  * New upstream release 1.24:
   - apport-retrace: Add --timestamp option to prepend a timestamp to log
     messages. This is useful for batch operations.
   - crash-digger: Call apport-retrace with --timestamps, to get consistent
     timestamps in log output.
   - Add two new functions attach_gsettings_package() and
     attach_gsettings_schema() for adding user-modified gsettings keys to a
     report. (LP: #836489)
   - Add new function in_session_of_problem() which returns
     whether the given report happened in the currently running XDG session.
     This can be used to determine if e. g. ~/.xsession-errors is relevant and
     should be attached.
   - backends/, install_packages(): Also copy
     apt/sources.list.d/ into sandbox.
   - backends/, install_packages(): Install apt keyrings
     from config dir or from system into sandbox. (LP: #856216)
   -, backends/ Define that
     install_packages() should return a SystemError for broken
     configs/unreachable servers etc., and fix the apt/dpkg implementation
   - apport-retrace: Don't crash, just give a proper error message if servers
     are unreachable, or configuration files are broken. (LP: #859248)
   - backends/ Fix crash when
     /etc/apport/native-origins.d contains any files. (LP: #865199)
   - hookutils, recent_logfile(): Fix invalid return value if log file is not
     readable. (LP: #819357)
   - test/crash: Fix race condition in the "second instance terminates
     immediately" check.
   - Replace attach_gconf() with a no-op stub. It used static
     python modules like "gconf" which broke the PyGI GTK user interface, and
     gconf is rather obsolete these days.
   -, open_url(): Greatly simply and robustify by just using xdg-open.
     This already does the right thing wrt. reading the default browser from
     GNOME, KDE, XCE, and other desktops. (LP: #198449)
   - data/general-hooks/ Only attach ~/.xsession_errors if the bug
     is reported in the same XDG session as the crash happened. (LP: #869974)
   - Ignore crashes for programs which got updated in between the crash and
     reporting. (LP: #132904)
   - Special-case crashes of 'twistd': Try to determin...


Changed in apport (Ubuntu):
status: Fix Committed → Fix Released
Martin Pitt (pitti) on 2011-10-20
description: updated
Changed in apport (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux (Ubuntu Oneiric):
status: New → Invalid

Hello Mats, or anyone else affected,

Accepted apport into oneiric-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See for documentation how to enable and use -proposed. Thank you in advance!

tags: added: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 1.23-0ubuntu4

apport (1.23-0ubuntu4) oneiric-proposed; urgency=low

  * apport-gtk: In bug update mode, make details dialog resizable and fix
    default size. Patch cherry-picked from trunk r1991. (LP: #865754)
  * backends/ Fix crash when
    /etc/apport/native-origins.d contains any files. Patch cherry-picked from
    trunk r1973. (LP: #865199)
  * apport/ Special-case crashes of 'twistd': Try to determine the
    client program and assign the report to that, or fail with an
    UnreportableReason. Patch cherry-picked from trunk r1989. (LP: #755025)
  *, attach_wifi(): Anonymize ESSID and AP MAC from "iwconfig"
    output. Patch cherry-picked from trunk 1993. (LP: #746900)
 -- Martin Pitt <email address hidden> Thu, 20 Oct 2011 12:08:11 +0200

Changed in apport (Ubuntu Oneiric):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers