Hi Tails developers, Whisperback is the application used in Tails to report issues to the developers. Its reports are encrypted and send via a Tor hidden service to some trusted members of the Tails team.
If the user doesn't out-out, Whisperback collects information about the problem such as logs. As they contains identifying information, they are cleaned before sending by regexp replacement (whisperBack/utils.py:138 sanitize_hardware_info in whisperback sources). But new identifying information that are not cleaned are discovered again and again. See https://labs.riseup.net/code/issues/6343 I wonder what would be a good fix to that issue. We could keep on adding patterns to the regexp, the that looks like an endless blacklist approach. However I fail to see how to take a white-list approach on this without killing the whole purpose of this additional information. The only idea I have is to remove everything that follow the "serial" word, matching case insensitive. That would work for most issues that have been discovered yet, but would also remove some non-harming lines. Any thought? Cheers _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
