Skip to content
This repository has been archived by the owner on Sep 16, 2024. It is now read-only.

Better privacy with random unique device ids #54

Closed
kirillt opened this issue Oct 17, 2023 · 2 comments
Closed

Better privacy with random unique device ids #54

kirillt opened this issue Oct 17, 2023 · 2 comments
Assignees
@alvinosh
Labels
feature good first issue Good for newcomers

Comments

@kirillt
Copy link
Member

kirillt commented Oct 17, 2023

We introduce machine-uid crate in this PR:

The crate comes with a disclaimer:

In Linux, machine id is a single newline-terminated, hexadecimal, 32-character, lowercase ID. When decoded from hexadecimal, this corresponds to a 16-byte/128-bit value. This ID may not be all zeros. This ID uniquely identifies the host. It should be considered “confidential”, and must not be exposed in untrusted environments. And do note that the machine id can be re-generated by root.

Alternative would be generating a random device id, storing it in app data folder, sharing it privately with other devices when necessary, etc.

We've decided in favor of machine-uid because it's much easier to implement and outside entity can't figure out the ids if secure transport is utilized. But with unique random ids, unencrypted transport could be used. If privacy becomes a concern, we should implement this approach.
@kirillt kirillt mentioned this issue Oct 21, 2023
Merged
@kirillt
Copy link
Member Author

kirillt commented Dec 20, 2023

Unique ids per app instance might be preferred over machine-uid. It provides better privacy comparing to fingerprinting, because app id is different for each installation and can be reset. After resetting versions marked with old id will look foreign for the app though, but this is probably not an issue.

For implementing unique ids, we need to implement some kind of callbacks into arklib which pass location of app data, this location is different for Desktop and Mobile versions (Android, and later iOS). It means, apps will need to pass the location to arklib during loading.

@kirillt kirillt moved this to Todo in Development Dec 20, 2023
This was referenced Dec 22, 2023
Closed
Closed
This was referenced Jan 3, 2024
Open
Open
Open
@kirillt
Copy link
Member Author

kirillt commented Jan 3, 2024

Also, machine-uid is not supported on Android yet.

@kirillt kirillt added the good first issue Good for newcomers label Jan 3, 2024
@kirillt kirillt mentioned this issue Jan 11, 2024
Merged
@kirillt kirillt moved this from Todo to In Progress in Development Jan 11, 2024
@kirillt kirillt assigned alvinosh and unassigned Rizary Jan 11, 2024
alvinosh added a commit that referenced this issue Jan 12, 2024
@alvinosh
#54: Replace machine-id with stored uuid (#64)
1249e6c 
* Replacing machine-id with custom stored uuid.

* Changed Name From device_id to app_id

* Made Function Public

* Loaded App Id On Remaining Tests

* Fixed Tests

* Renamed Folder
@kirillt kirillt closed this as completed Jan 13, 2024
@github-project-automation github-project-automation bot moved this from In Progress to Done in Development Jan 13, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@alvinosh alvinosh

Labels
feature good first issue Good for newcomers
Projects
Development
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kirillt @Rizary @alvinosh