WhatsApp false positives due to obsolete CIDR #341
Comments
|
Here is another sample measurement which shows the false positive: https://explorer.ooni.org/measurement/20200218T201823Z_AS24757_5zgq4DYv6ady7ZcZOq9JSngkhY49Tj6hIHd81WuM44U6GKB8L7. It seems that in both these cases what is triggering the anomaly is This is most likely being caused by the fact that the CIDR list at this point is very stale: https://github.com/measurement-kit/measurement-kit/blob/62d477f085f767bc8235f04ad08dedd32a03afc6/src/libmeasurement_kit/ooni/whatsapp.cpp#L26 and WhatsApp has stopped updating it with fresh data. I did a whois on the resolved addresses in both of those test results and I see that they both are mapping to AWS. Maybe a viable hotfix for this problem could be that of checking if the resolved IPs match to AWS infrastructure. Alternatively we could disable the DNS consistency check altogether and favour not showing false positives in the app and rather defer analysis to a post-processing stage. |
|
@hellais thanks for researching this. I think we should not release the mobile app until this is fixed in MK (cc: @lorenzoPrimi). |
This strikes me as a good hotfix. Will implement it as soon as I am in front of my computer again 🙄. |
bassosimone
changed the title
bassosimone
changed the title
Parse raw report and ignore checks from probe due to ooni/probe-engine#341
|
So, I have implemented a workaround in MK as part of measurement-kit/measurement-kit#1915. Because this is annoying and may have data analysis implications, I have also documented it as part of the experiment spec in ooni/spec#178. There are more follow-up actions required from me to move forward this issue, including tagging a new release of Measurement Kit, rebuilding everything, and shipping it. I will reference this issue as the master issue for all these activities, since it's basically the interrupt to which I reacted. |
Parse raw report and ignore checks from probe due to ooni/probe-engine#341
|
I'm proceeding to release MK v0.10.10 and to rebuild everything. |
bassosimone
added
effort/L
|
Have rebuilt MK v0.10.10 for Catalina here: measurement-kit/homebrew-measurement-kit@e28d890 |
We're specifically pinning a commit of probe-engine that is using MK v0.10.11, so that we address the following issues: 1. we use db-ip.com for the country database as opposed to using the increasingly stale MaxMind database (see ooni/probe-engine#334) 2. we're using an implementation of WhatsApp that does not suffer from the super-old CIDR bug (see ooni/probe-engine#341) 3. we're not linking to libcurl anymore on Windows and Linux, thanks to this new version of MK where we can optionally disable libcurl; we are still linking to libcurl on macOS, but that has no impact on the binary size since on macOS libcurl is part of the system This should be enough, from my side to bless a new release of the probe-cli (see ooni/probe#1028).
We're specifically pinning a commit of probe-engine that is using MK v0.10.11, so that we address the following issues: 1. we use db-ip.com for the country database as opposed to using the increasingly stale MaxMind database (see ooni/probe-engine#334) 2. we're using an implementation of WhatsApp that does not suffer from the super-old CIDR bug (see ooni/probe-engine#341) 3. we're not linking to libcurl anymore on Windows and Linux, thanks to this new version of MK where we can optionally disable libcurl; we are still linking to libcurl on macOS, but that has no impact on the binary size since on macOS libcurl is part of the system This should be enough, from my side to bless a new release of the probe-cli (see ooni/probe#1028).
|
Done for Android here: measurement-kit/android-libs@d2b58c8 |
|
Done for iOS here measurement-kit/mkall-ios@32b7606 and here https://github.com/measurement-kit/mkall-ios/releases/tag/v0.8.0 |
|
This issue should actually be open. We have implemented a workaround in MK but we have not fixed the real bug, i.e. that we're using an obsolete WhatsApp CIDR. |
bassosimone
added
discuss
|
This should also be discussed along with plans to improve the IM tests methodology. |
|
This is no longer an issue: the plan in #740 will fix this |
See https://explorer.ooni.org/measurement/20200216T230231Z_AS11427_2QcLCBIJStNE89Fd8mRD0YNoRAxy5wDNHhUSVJjenmkJ0sEVGZ
Reported by @agrabeli and @lorenzoPrimi
The text was updated successfully, but these errors were encountered: