From cc7602e56614850209af5cda7665f132043a6cc3 Mon Sep 17 00:00:00 2001
From: Torsten Grote <t@grobox.de>
Date: Tue, 23 Aug 2016 17:28:09 -0300
Subject: [PATCH 1/2] Remove sensitive information from crash and feedback
 reports

---
 .../android/BriarApplicationImpl.java         | 33 ++++++++++++++++++-
 .../android/report/BriarReportPrimer.java     | 11 ++++---
 2 files changed, 38 insertions(+), 6 deletions(-)

diff --git a/briar-android/src/org/briarproject/android/BriarApplicationImpl.java b/briar-android/src/org/briarproject/android/BriarApplicationImpl.java
index 4d88c6536..c78ff2dfc 100644
--- a/briar-android/src/org/briarproject/android/BriarApplicationImpl.java
+++ b/briar-android/src/org/briarproject/android/BriarApplicationImpl.java
@@ -14,6 +14,25 @@ import org.briarproject.android.report.DevReportActivity;
 
 import java.util.logging.Logger;
 
+import static org.acra.ReportField.ANDROID_VERSION;
+import static org.acra.ReportField.APP_VERSION_CODE;
+import static org.acra.ReportField.APP_VERSION_NAME;
+import static org.acra.ReportField.BRAND;
+import static org.acra.ReportField.BUILD_CONFIG;
+import static org.acra.ReportField.CRASH_CONFIGURATION;
+import static org.acra.ReportField.CUSTOM_DATA;
+import static org.acra.ReportField.DEVICE_FEATURES;
+import static org.acra.ReportField.DISPLAY;
+import static org.acra.ReportField.INITIAL_CONFIGURATION;
+import static org.acra.ReportField.LOGCAT;
+import static org.acra.ReportField.PACKAGE_NAME;
+import static org.acra.ReportField.PHONE_MODEL;
+import static org.acra.ReportField.PRODUCT;
+import static org.acra.ReportField.REPORT_ID;
+import static org.acra.ReportField.STACK_TRACE;
+import static org.acra.ReportField.USER_APP_START_DATE;
+import static org.acra.ReportField.USER_CRASH_DATE;
+
 @ReportsCrashes(
 		reportPrimerClass = BriarReportPrimer.class,
 		logcatArguments = {"-d", "-v", "time", "*:I"},
@@ -21,7 +40,19 @@ import java.util.logging.Logger;
 		mode = ReportingInteractionMode.DIALOG,
 		reportDialogClass = DevReportActivity.class,
 		resDialogOkToast = R.string.dev_report_saved,
-		deleteOldUnsentReportsOnApplicationStart = false
+		deleteOldUnsentReportsOnApplicationStart = false,
+		customReportContent = {
+				REPORT_ID,
+				APP_VERSION_CODE, APP_VERSION_NAME, PACKAGE_NAME,
+				PHONE_MODEL, ANDROID_VERSION, BRAND, PRODUCT,
+				BUILD_CONFIG,
+				CUSTOM_DATA,
+				STACK_TRACE,
+				INITIAL_CONFIGURATION, CRASH_CONFIGURATION,
+				DISPLAY, DEVICE_FEATURES,
+				USER_APP_START_DATE, USER_CRASH_DATE,
+				LOGCAT
+		}
 )
 public class BriarApplicationImpl extends Application
 		implements BriarApplication {
diff --git a/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java b/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java
index df2ac7430..0192fe745 100644
--- a/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java
+++ b/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java
@@ -36,6 +36,7 @@ import static android.content.Context.WIFI_SERVICE;
 import static android.net.ConnectivityManager.TYPE_MOBILE;
 import static android.net.ConnectivityManager.TYPE_WIFI;
 import static android.net.wifi.WifiManager.WIFI_STATE_ENABLED;
+import static org.briarproject.util.StringUtils.scrubMacAddress;
 
 public class BriarReportPrimer implements ReportPrimer {
 
@@ -165,10 +166,8 @@ public class BriarReportPrimer implements ReportPrimer {
 				if (wifiInfo != null) {
 					int ip = wifiInfo.getIpAddress(); // Nice API, Google
 					int ip1 = ip & 0xFF;
-					int ip2 = (ip >> 8) & 0xFF;
-					int ip3 = (ip >> 16) & 0xFF;
 					int ip4 = (ip >> 24) & 0xFF;
-					String address = ip1 + "." + ip2 + "." + ip3 + "." + ip4;
+					String address = ip1 + ".[scrubbed]." + ip4;
 					customData.put("Wi-Fi address", address);
 				}
 			}
@@ -200,7 +199,8 @@ public class BriarReportPrimer implements ReportPrimer {
 			customData.put("Bluetooth status", btStatus);
 
 			if (bt != null)
-				customData.put("Bluetooth address", bt.getAddress());
+				customData.put("Bluetooth address",
+						scrubMacAddress(bt.getAddress()));
 			String btSettingsAddr;
 			try {
 				btSettingsAddr = Settings.Secure.getString(
@@ -208,7 +208,8 @@ public class BriarReportPrimer implements ReportPrimer {
 			} catch (SecurityException e) {
 				btSettingsAddr = "Could not get address from settings";
 			}
-			customData.put("Bluetooth address from settings", btSettingsAddr);
+			customData.put("Bluetooth address from settings",
+					scrubMacAddress(btSettingsAddr));
 
 			return Collections.unmodifiableMap(customData);
 		}

From 743053930a9454acfb568eda657306856d437932 Mon Sep 17 00:00:00 2001
From: Torsten Grote <t@grobox.de>
Date: Tue, 23 Aug 2016 18:27:25 -0300
Subject: [PATCH 2/2] Remove crash report settings

Closes #311
---
 briar-android/res/values/strings.xml          |  7 +---
 briar-android/res/xml/settings.xml            | 29 ----------------
 .../android/report/BriarReportPrimer.java     |  6 ++--
 .../android/report/DevReportActivity.java     | 34 ++-----------------
 4 files changed, 8 insertions(+), 68 deletions(-)

diff --git a/briar-android/res/values/strings.xml b/briar-android/res/values/strings.xml
index 496fd0c59..98ae94696 100644
--- a/briar-android/res/values/strings.xml
+++ b/briar-android/res/values/strings.xml
@@ -303,12 +303,7 @@
 	<string name="notify_sound_setting_disabled">None</string>
 	<string name="choose_ringtone_title">Choose ringtone</string>
 
-	<!-- Settings Crash reports and feedback -->
-	<string name="crash_report_settings_title">Crash reports</string>
-	<string name="enable_acra_setting">Enable crash reporter</string>
-	<string name="acra_syslog_setting">Send system logs</string>
-	<string name="acra_user_email_setting">Optional contact email</string>
-	<string name="acra_alwaysaccept_setting">Always send reports</string>
+	<!-- Settings Feedback -->
 	<string name="feedback_settings_title">Feedback</string>
 	<string name="send_feedback">Send feedback</string>
 
diff --git a/briar-android/res/xml/settings.xml b/briar-android/res/xml/settings.xml
index 881f700bf..92048e8cf 100644
--- a/briar-android/res/xml/settings.xml
+++ b/briar-android/res/xml/settings.xml
@@ -87,35 +87,6 @@
 
 	</PreferenceCategory>
 
-	<PreferenceCategory
-		android:title="@string/crash_report_settings_title">
-
-		<CheckBoxPreference
-			android:defaultValue="true"
-			android:key="acra.enable"
-			android:title="@string/enable_acra_setting"/>
-
-		<CheckBoxPreference
-			android:defaultValue="true"
-			android:dependency="acra.enable"
-			android:key="acra.syslog.enable"
-			android:title="@string/acra_syslog_setting"/>
-
-		<EditTextPreference
-			android:dependency="acra.enable"
-			android:key="acra.user.email"
-			android:inputType="textEmailAddress"
-			android:summary=""
-			android:title="@string/acra_user_email_setting"/>
-
-		<CheckBoxPreference
-			android:defaultValue="false"
-			android:dependency="acra.enable"
-			android:key="acra.alwaysaccept"
-			android:title="@string/acra_alwaysaccept_setting"/>
-
-	</PreferenceCategory>
-
 	<PreferenceCategory
 		android:title="@string/feedback_settings_title">
 
diff --git a/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java b/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java
index 0192fe745..355690a3d 100644
--- a/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java
+++ b/briar-android/src/org/briarproject/android/report/BriarReportPrimer.java
@@ -36,7 +36,7 @@ import static android.content.Context.WIFI_SERVICE;
 import static android.net.ConnectivityManager.TYPE_MOBILE;
 import static android.net.ConnectivityManager.TYPE_WIFI;
 import static android.net.wifi.WifiManager.WIFI_STATE_ENABLED;
-import static org.briarproject.util.StringUtils.scrubMacAddress;
+import static org.briarproject.util.PrivacyUtils.scrubMacAddress;
 
 public class BriarReportPrimer implements ReportPrimer {
 
@@ -166,8 +166,10 @@ public class BriarReportPrimer implements ReportPrimer {
 				if (wifiInfo != null) {
 					int ip = wifiInfo.getIpAddress(); // Nice API, Google
 					int ip1 = ip & 0xFF;
+					int ip2 = (ip >> 8) & 0xFF;
+					int ip3 = (ip >> 16) & 0xFF;
 					int ip4 = (ip >> 24) & 0xFF;
-					String address = ip1 + ".[scrubbed]." + ip4;
+					String address = ip1 + "." + ip2 + "." + ip3 + "." + ip4;
 					customData.put("Wi-Fi address", address);
 				}
 			}
diff --git a/briar-android/src/org/briarproject/android/report/DevReportActivity.java b/briar-android/src/org/briarproject/android/report/DevReportActivity.java
index c029ffa66..919a0b620 100644
--- a/briar-android/src/org/briarproject/android/report/DevReportActivity.java
+++ b/briar-android/src/org/briarproject/android/report/DevReportActivity.java
@@ -1,7 +1,6 @@
 package org.briarproject.android.report;
 
 import android.content.Context;
-import android.content.SharedPreferences;
 import android.content.res.Configuration;
 import android.os.AsyncTask;
 import android.os.Bundle;
@@ -20,12 +19,10 @@ import android.widget.EditText;
 import android.widget.LinearLayout;
 import android.widget.TextView;
 
-import org.acra.ACRA;
 import org.acra.ReportField;
 import org.acra.collector.CrashReportData;
 import org.acra.dialog.BaseCrashReportDialog;
 import org.acra.file.CrashReportPersister;
-import org.acra.prefs.SharedPreferencesFactory;
 import org.briarproject.R;
 import org.briarproject.android.util.UserFeedback;
 
@@ -55,7 +52,6 @@ public class DevReportActivity extends BaseCrashReportDialog
 	private static final Logger LOG =
 			Logger.getLogger(DevReportActivity.class.getName());
 
-	private static final String PREF_EXCLUDED_FIELDS = "excludedReportFields";
 	private static final String STATE_REVIEWING = "reviewing";
 	private static final Set<ReportField> requiredFields = new HashSet<>();
 
@@ -69,8 +65,7 @@ public class DevReportActivity extends BaseCrashReportDialog
 	}
 
 	private AppCompatDelegate delegate;
-	private SharedPreferencesFactory sharedPreferencesFactory;
-	private Set<ReportField> excludedFields;
+	private Set<ReportField> excludedFields = new HashSet<>();
 	private EditText userCommentView = null;
 	private EditText userEmailView = null;
 	private CheckBox includeDebugReport = null;
@@ -95,16 +90,6 @@ public class DevReportActivity extends BaseCrashReportDialog
 
 		getDelegate().setContentView(R.layout.activity_dev_report);
 
-		sharedPreferencesFactory = new SharedPreferencesFactory(
-				getApplicationContext(), getConfig());
-
-		SharedPreferences prefs = sharedPreferencesFactory.create();
-		excludedFields = new HashSet<>();
-		for (String name : prefs.getStringSet(PREF_EXCLUDED_FIELDS,
-				new HashSet<String>())) {
-			excludedFields.add(ReportField.valueOf(name));
-		}
-
 		Toolbar tb = (Toolbar) findViewById(R.id.toolbar);
 		getDelegate().setSupportActionBar(tb);
 
@@ -164,9 +149,6 @@ public class DevReportActivity extends BaseCrashReportDialog
 			}
 		});
 
-		String userEmail = prefs.getString(ACRA.PREF_USER_EMAIL_ADDRESS, "");
-		userEmailView.setText(userEmail);
-
 		if (state != null)
 			reviewing = state.getBoolean(STATE_REVIEWING, isFeedback());
 
@@ -362,25 +344,15 @@ public class DevReportActivity extends BaseCrashReportDialog
 
 			@Override
 			protected void onPostExecute(Boolean success) {
-				final SharedPreferences prefs =
-						sharedPreferencesFactory.create();
-				final SharedPreferences.Editor prefEditor =
-						prefs.edit();
-				Set<String> fields = new HashSet<>();
-				for (ReportField field : excludedFields) {
-					fields.add(field.name());
-				}
-				prefEditor.putStringSet(PREF_EXCLUDED_FIELDS, fields);
-				prefEditor.apply();
-
 				if (success) {
 					// Retrieve user's comment and email address, if any
 					String comment = "";
 					if (userCommentView != null)
 						comment = userCommentView.getText().toString();
 					String email = "";
-					if (userEmailView != null)
+					if (userEmailView != null) {
 						email = userEmailView.getText().toString();
+					}
 					sendCrash(comment, email);
 				}
 				finish();