Isolating Graphical Failure-Inducing Input for Privacy Protection in Error Reporting Systems

What is it about?

This work proposes a new privacy-enhancing system that minimizes the disclosure of information in error reports. Error reporting mechanisms are of the utmost importance to correct software bugs but, unfortunately, the transmission of an error report may reveal users’ private information. Some privacy-enhancing systems for error reporting have been presented in the past years, yet they rely on path condition analysis, which we show in this paper to be ineffective when it comes to graphical-based input. Knowing that numerous applications have graphical user interfaces (GUI), it is very important to overcome such limitation. This work describes a new privacy-enhancing error reporting system, based on a new input minimization algorithm called GUIᴍɪɴ that is geared towards GUI, to remove input that is unnecessary to reproduce the observed failure. Before deciding whether to submit the error report, the user is provided with a step-by-step graphical replay of the minimized input, to evaluate whether it still yields sensitive information. We also provide an open source implementation of the proposed system and evaluate it with well-known applications.

Featured Image

Why is it important?

Nowadays, most operating systems include error reporting tools that enable users to report software problems to developers. However, reporting errors raises privacy concerns, which may either disclose private information or prevent the user from reporting software problems. One should not have to choose between privacy protection and software reliability, hence this is a critical trade-off that is important to address.