This plugin is basically encouraging reports of user browser history. For privacy reasons, the user might not want to submit an exact timestamp that could be correlated with network capture.
we should consider fuzzing the submitted timestamp. some options:
- to nearest UTC day boundary (
submitted_time = (time/86400)*86400)
- add some randomness (
submitted_time = time + random(-max_offset,max_offset))
another question: should we explicitly state that the time was fuzzed? that will make the collector able to reason about it more clearly.
This plugin is basically encouraging reports of user browser history. For privacy reasons, the user might not want to submit an exact timestamp that could be correlated with network capture.
we should consider fuzzing the submitted timestamp. some options:
submitted_time = (time/86400)*86400)submitted_time = time + random(-max_offset,max_offset))another question: should we explicitly state that the time was fuzzed? that will make the collector able to reason about it more clearly.