How confidential are automatic crash reports made by apport?

I noticed that starting with Ubuntu 13.10 (or maybe 13.04), thunderbird crash reports are handled by apport, while they were handled by Mozilla's tool before.

Question

How confidential are automatic crash reports made by apport ? I have not seen any option to tell that the program memory may include confidential information.

Search before you post

I could not see any official information from Ubuntu pages, only How to use Apport to Report Bugs in Ubuntu | Ubuntu Manual dated 2011 that says:

If you were entering confidential information when the crash occurred you should click 'Cancel'.

Additional questions

For example, if thunderbird, evolution or any mail tool crashes:

  • will the report include the internal state of the program, possibly including parts of e-mails that may include confidential (e.g. business) content ?
  • will that possibly confidential content be sent to Ubuntu servers ? (that alone may be a problem)
  • if yes, will it be treated confidentially or made a public bug report ?

Thank you for your attention.


Solution 1:

All crash bug reports filed by Apport are marked private by default and are only visible to people with relevant privileges (generally, the Bug Control members for bugs filed on packages from the repository).

Usually, crash bug reports don't contain any sensitive information (mostly because they don't involve software that deal with private information). However, it is still possible CoreDump.gz and Stacktrace.txt attached to the bug report contain sensitive information like the one you described. Hence, they are marked private to be on the safe side.

When you are filing a bug report, you can review what information is being uploaded for your own sake. Here's an image of an Apport crash dialog.

Apport bug

You should closely go through the information being provided under CoreDump and Stacktrace. If it contains information that you are not comfortable being uploaded, you can cancel the process.

What about Whoopsie?

Since 12.04, Apport has been silently collecting crash data for Whoopsie without requiring any user interaction. That itself is not a direct privacy problem though because only people who signed the non-disclosure agreement have access to the Ubuntu error tracker.

See also:

  • How do I enable or disable Apport?
  • What is the 'whoopsie' process and how can I remove it?
  • How can I track a bug that caused a crash and was reported via apport / whoopsie?

A final note on Privacy policy

All bug reports you submit are covered by Ubuntu privacy policy. Quoting relevant sections from it for reference:

Error reports

When you chose to send an error report, it includes a unique identifier for your computer. This identifier does not identify you, unless you (or someone acting on your behalf) discloses it separately. An error report may include personal information such as the state of programs that were running at the time. You can block future error reports from the privacy panel of System Settings.

Solution 2:

Error reports may reveal private information. If you were working on something that deals with confidential or sensitive information, you should not authorize the transmission of the error report.

  • one cannot be sure who will access the error report, nor how well intentioned are the people that do access it.

  • even if little information is included in the error report, it is possible for more information (e.g. input) to be deduced when searching for the causes of the error.

There has been some research in this area, in the past years. For example:

  • http://www.gsd.inesc-id.pt/~romanop/files/papers/ESOP14.pdf
  • http://research.microsoft.com/en-us/projects/betterbug/castro08better.pdf