Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug Fix: Phishing Detection Dataset Discrepancies #3440

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

not-a-rootkit
Copy link
Collaborator

@not-a-rootkit not-a-rootkit commented Oct 22, 2024

Task/Issue URL: https://app.asana.com/0/1204023833050360/1208567121137949/f
Tech Design URL:
CC:

Description:
In Implement desktop integration efficacy tests - 5-7 days it was discovered that Swift's client-side caching results in out-of-date datasets and significant dataset discrepancies between different clients. For example, it's very common for the same request to return different results from the backend, resulting in a client believing they are updating to a newer revision than they are. Over time, this compounds and results in disparate versions of the same dataset across different clients, putting users at risk of landing on newer phishing pages.

Fix:

  • Remove Client Side Caching in PhishingDetectionClient.swift
  • Ensure embedded dataset is used to replace the on-disk dataset when the revision of the embedded dataset > on disk dataset

Steps to test this PR:

  1. Check unit tests
  2. Change on-disk revision:
  3. echo "1650000" > "/System/Volumes/Data/Users/<user>/Library/Application Support/com.duckduckgo.macos.browser.debug/revision.txt"
  4. Build the browser
  5. Visit https://privacy-test-pages.site/security/badware/phishing.html
  6. Ensure blocked
  7. Check on-disk revision:
  8. cat "/System/Volumes/Data/Users/<user>/Library/Application Support/com.duckduckgo.macos.browser.debug/revision.txt"
  9. Should be > 1650000

Definition of Done:


Internal references:

Pull Request Review Checklist
Software Engineering Expectations
Technical Design Template
Pull Request Documentation

Copy link

This PR has been inactive for more than 7 days and will be automatically closed 7 days from now.

@github-actions github-actions bot added the stale label Oct 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant