WebAPI/Security/SMS: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Created page with "Name of API: Web SMS API References: https://bugzilla.mozilla.org/show_bug.cgi?id=674725 Brief purpose of API: Send and recieve SMS messages General Use Cases: None Inherent ...")
 
No edit summary
 
(7 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Name of API: Web SMS API
== Web SMS API ==
 
Brief purpose of API: Send and receive SMS messages
References: https://bugzilla.mozilla.org/show_bug.cgi?id=674725
 
Brief purpose of API: Send and recieve SMS messages


General Use Cases: None
General Use Cases: None
Line 13: Line 10:
Threat severity: critical per https://wiki.mozilla.org/Security_Severity_Ratings
Threat severity: critical per https://wiki.mozilla.org/Security_Severity_Ratings


== Regular web content (unauthenticated) ==
References: https://bugzilla.mozilla.org/show_bug.cgi?id=674725<br>
Use cases for unauthenticated code: App prompts user to send SMS
Discussion: https://groups.google.com/group/mozilla.dev.webapps/browse_thread/thread/58a66963732b09a0/9ae97f65a9e74c78
 
Authorization model for uninstalled web content: Explicit (via web activities)
 
Authorization model for installed web content: Explicit (via web activities)
 
Potential mitigations:
 
== Trusted (authenticated by publisher) ==
Use cases for authenticated code: Full-featured SMS app. Read & send SMS.
 
Authorization model: Explicit


Potential mitigations: Check your phone bill?
{| border="1" class="wikitable"
! Type
! Use Cases
! Authorization Model
! Notes & Other Controls
|-
| Web Content || App prompts user to send SMS || No  direct access (access via web activities) ||
|-
| Installed Web Apps || App prompts user to send SMS || No  direct access (access via web activities) ||
|-
| Privileged Web Apps || App prompts user to send SMS * || No  direct access (access via web activities) ||
|-
| Certified Web Apps || SMS app || Implicit ||
|}


== Certified (vouched for by trusted 3rd party) ==
=== Notes ===
Use cases for certified code:  SMS app


Authorization model: Implicit
Note that further integration for Web SMS access to privileged APIs is planned for the future. These may employ the following mitigating controls:
*Set thresholds or warnings on premium numbers. 
*Only allow sending of SMS's to user-provided contacts. 
*Show OS confirmation of message before sending.


Potential mitigations: None beyond certification
__NOTOC__


Note: Should trusted apps be able to register as handlers for SMS web activities/intents, or only certified apps?
[[Category:Web APIs]]
[[Category:Security]]

Latest revision as of 23:41, 1 October 2014

Web SMS API

Brief purpose of API: Send and receive SMS messages

General Use Cases: None

Inherent threats:

  • Sending an SMS costs user money, premium SMS services, SMS payments etc
  • Receiving SMS has privacy implications, SMS also used for 2-factor authentication

Threat severity: critical per https://wiki.mozilla.org/Security_Severity_Ratings

References: https://bugzilla.mozilla.org/show_bug.cgi?id=674725
Discussion: https://groups.google.com/group/mozilla.dev.webapps/browse_thread/thread/58a66963732b09a0/9ae97f65a9e74c78

Type Use Cases Authorization Model Notes & Other Controls
Web Content App prompts user to send SMS No direct access (access via web activities)
Installed Web Apps App prompts user to send SMS No direct access (access via web activities)
Privileged Web Apps App prompts user to send SMS * No direct access (access via web activities)
Certified Web Apps SMS app Implicit

Notes

Note that further integration for Web SMS access to privileged APIs is planned for the future. These may employ the following mitigating controls:

  • Set thresholds or warnings on premium numbers.
  • Only allow sending of SMS's to user-provided contacts.
  • Show OS confirmation of message before sending.
Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/Security/SMS&oldid=1021346"