I think Adrian has brought up a good point. We should consider providing an official unique instance id or a unique device id.
Both iOS and Android did not have a proper identification method. This has lead to privacy issues when apps or carriers ship off a user's phone number or IMEI or other special number as a key for their database. The AT&T massive leak of email addresses was caused by their using the ICC-ID. We have a chance to avoid this pitfall. For example the instance id could be generated by a cryptographic hash of the IMEI + timestamp at first boot + Wifi's MAC + nanosecond timestamp at first request for instance + device ids of connected usb devices at first request + iSerial + idProduct + idVendor. Given enough entropy the hash should be safe for unprivileged access (Security team should eview any sheme). By abstracting away from any specific special number we can handle the future of baseband-less tablets or network-less kiosk stands. We would prefer people not rely on identifying an installation or device. This was the approach Android took but instead people just used a single and poor entropy number for the indentifier. If we do this at the Gonk level then we can do it right. Perhaps the biggest consideration is how this would affect the web. The obvious solution is to keep this restricted to privileged apps. That should save us from carriers abusing special numbers. Assuming there is nothing accessible from webapps which can be abused as an identifier then we should be covered. Any thoughts? Has this been considered before? Daniel 2014/1/6 Mike Habicher <[email protected]>: > On 14-01-04 06:29 AM, Alexandre Lissy wrote: >> >> Le 04/01/2014 12:24, Adrian Custer a écrit : >>> >>> >>> The Android community has been tackling this need for a long time and >>> has developed multiple approaches though, in modern versions, the OS >>> provides a way for user code (Java) to obtain a unique id per device. See >>> * >>> >>> http://android-developers.blogspot.com/2011/03/identifying-app-installations.html >>> >>> * http://www.pocketmagic.net/2011/02/android-unique-device-id/ >>> * >>> http://stackoverflow.com/questions/13744565/android-device-id-confusion >>> for discussion of the issues and various solutions. >>> >>> So far I am poking around in /proc and /sys land from 'adb shell' but >>> have not yet found anything canonical. There is >>> cat /sys/devices/virtual/android_usb/android0/iSerial (MSM7627A) >>> cat /sys/devices/virtual/android_usb/android0/idProduct (9025) >>> cat /sys/devices/virtual/android_usb/android0/idVendor (05c6) >>> but I am not sure how 'unique' the iSerial number is. (Note that the >>> idVendor is probably, in general, related to the list on the page: >> >> What device are you experiencing on ? How did you flashed it ? >> >> As far as I can say, iSerial should not be overwritten in public devices >> and build, but it's the case on some build you can do by yourself. >> > It's possible iSerial may change on different devices, but the value above > is > the part number for the CPU of the phone. > > --m. > > > _______________________________________________ > dev-b2g mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-b2g _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
