Draft because @gitlimes wants me to change this due to some security concerns
PR makes changes to the AIMessageProcessor class to increase the thresholds, as well as adds the ability for Bandwidth to scrub and convert common proxy server dumps
The changes made to the AIMessageProcessor are done because Bandwidth's AI is still not perfect, and would result in false positives. Setting the thresholds to perfect scores essentially disables the feature for now until we have time to sit down and improve it. These changes were already in Bandwidth by changing the values on the server with nano, this just brings them into the repo now
Bandwidth now scans messages for attachments containing common proxy server dumps. It does this via the attachments extension. Bandwidth will then download said file and use the charles CLI tool to convert them into JSON summaries, scrub them of personal information and then upload them again converted to HAR
The following data is removed
Headers
authorization
x-nintendo-serial-number
x-nintendo-device-cert
x-nintendo-servicetoken
account.nintendo.net / account.pretendo.cc
/v1/api/oauth20/access_token/generate
password from the request
refresh_token from the request
token from the response
refresh_token from the response
/v1/api/people/@me/profile
Email address from the response
Birthday from the response
/v1/api/provider/service_token/@me
token from the response
/v1/api/provider/nex_token/@me
token from the response
nex_password from the response
nasc.nintendowifi.net / nasc.pretendo.cc
/ac
fcdcert from the request. Contains your LocalFriendCodeSeed_B
csnum from the request. Serial number
macadr from the request. MAC address
bssid from the request
passwd from the request. This is the NEX password the console wants to use. Only sent when the console is registering a new NEX account (like after a factory reset)
token from the response. Only seen if requesting a NEX token
servicetoken from the response. Only seen if requesting a service token
jonbarrow
commented
9 months ago
Draft because @gitlimes wants me to change this due to some security concerns
PR makes changes to the
AIMessageProcessorclass to increase the thresholds, as well as adds the ability for Bandwidth to scrub and convert common proxy server dumpsThe changes made to the
AIMessageProcessorare done because Bandwidth's AI is still not perfect, and would result in false positives. Setting the thresholds to perfect scores essentially disables the feature for now until we have time to sit down and improve it. These changes were already in Bandwidth by changing the values on the server withnano, this just brings them into the repo nowBandwidth now scans messages for attachments containing common proxy server dumps. It does this via the attachments extension. Bandwidth will then download said file and use the
charlesCLI tool to convert them into JSON summaries, scrub them of personal information and then upload them again converted to HARThe following data is removed
Headers
authorizationx-nintendo-serial-numberx-nintendo-device-certx-nintendo-servicetokenaccount.nintendo.net / account.pretendo.cc
/v1/api/oauth20/access_token/generatepasswordfrom the requestrefresh_tokenfrom the requesttokenfrom the responserefresh_tokenfrom the response/v1/api/people/@me/profile/v1/api/provider/service_token/@metokenfrom the response/v1/api/provider/nex_token/@metokenfrom the responsenex_passwordfrom the responsenasc.nintendowifi.net / nasc.pretendo.cc
/acfcdcertfrom the request. Contains your LocalFriendCodeSeed_Bcsnumfrom the request. Serial numbermacadrfrom the request. MAC addressbssidfrom the requestpasswdfrom the request. This is the NEX password the console wants to use. Only sent when the console is registering a new NEX account (like after a factory reset)tokenfrom the response. Only seen if requesting a NEX tokenservicetokenfrom the response. Only seen if requesting a service token