* NEW: Add --disable-telemetry argument to disable telemetry collection

ReleaseHistory.md

@@ -16,6 +16,7 @@
 - NEW => new feature 
 ## UNRELEASED
 * DEP: Update `Sarif.Sdk` submodule from [bc8cb57 to fd6e615](https://github.com/microsoft/sarif-sdk/compare/bc8cb57...fd6e615). Reference [SARIF SDK Release History](https://github.com/microsoft/sarif-sdk/blob/fd6e615/ReleaseHistory.md).
+* NEW: Add `--disable-telemetry` argument to disable telemetry collection.
 * BUG: Fix `ERR998.ExceptionInAnalyze`: `InvalidOperationException: Unrecognized crypto HRESULT: 0x80096011` for check `BA2022.SignSecurely` when the signature is malformed, by adding missing error code to error description mappings. [969](https://github.com/microsoft/binskim/pull/969)
 
 ## **v4.2.1**

src/BinSkim.Driver/AnalyzeOptions.cs

@@ -53,6 +53,11 @@ public class AnalyzeOptions : AnalyzeOptionsBase
             HelpText = "If enabled, BinSkim won't break if we have a 'PdbLoadingException'.")]
         public bool? IgnorePdbLoadError { get; set; }
 
+        [Option(
+            "disable-telemetry",
+            HelpText = "If enabled, BinSkim will disable telemetry.")]
+        public bool? DisableTelemetry { get; set; }
+
         [Option(
             's',
             "statistics",

src/BinSkim.Driver/MultithreadedAnalyzeCommand.cs

@@ -70,6 +70,7 @@ public override BinaryAnalyzerContext InitializeGlobalContextFromOptions(Analyze
             // Update context object based on command-line parameters.
             context.SymbolPath = options.SymbolsPath ?? context.SymbolPath;
             context.IgnorePdbLoadError = options.IgnorePdbLoadError != null ? options.IgnorePdbLoadError.Value : context.IgnorePdbLoadError;
+            context.DisableTelemetry = options.DisableTelemetry != null ? options.DisableTelemetry.Value : context.DisableTelemetry;
             context.LocalSymbolDirectories = options.LocalSymbolDirectories ?? context.LocalSymbolDirectories;
             context.TracePdbLoads = options.Trace.Contains(nameof(Traces.PdbLoad));
 
@@ -172,6 +173,11 @@ public override int Run(AnalyzeOptions analyzeOptions)
         {
             Stopwatch stopwatch = null;
 
+            if (analyzeOptions.DisableTelemetry == true)
+            {
+                this.Telemetry = null;
+            }
+
             if (analyzeOptions.Trace.Where(s => s == nameof(DefaultTraces.ScanTime)).Any())
             {
                 stopwatch = Stopwatch.StartNew();
@@ -243,6 +249,6 @@ public override int Run(AnalyzeOptions analyzeOptions)
 
         internal Sarif.SarifVersion UnitTestOutputVersion { get; set; }
 
-        private Sdk.Telemetry Telemetry { get; }
+        private Sdk.Telemetry Telemetry { get; set; }
     }
 }

src/BinSkim.Sdk/BinSkim.Sdk.csproj

@@ -20,6 +20,11 @@
   </ItemGroup>
 
   <ItemGroup>
+    <Compile Update="EnvironmentResources.Designer.cs">
+      <DesignTime>True</DesignTime>
+      <AutoGen>True</AutoGen>
+      <DependentUpon>EnvironmentResources.resx</DependentUpon>
+    </Compile>
     <Compile Update="SdkResources.Designer.cs">
       <DesignTime>True</DesignTime>
       <AutoGen>True</AutoGen>
@@ -28,6 +33,10 @@
   </ItemGroup>
 
   <ItemGroup>
+    <EmbeddedResource Update="EnvironmentResources.resx">
+      <Generator>ResXFileCodeGenerator</Generator>
+      <LastGenOutput>EnvironmentResources.Designer.cs</LastGenOutput>
+    </EmbeddedResource>
     <EmbeddedResource Update="SdkResources.resx">
       <Generator>ResXFileCodeGenerator</Generator>
       <LastGenOutput>SdkResources.Designer.cs</LastGenOutput>

src/BinSkim.Sdk/BinaryAnalyzerContext.cs

@@ -82,6 +82,12 @@ public bool IgnorePdbLoadError
             set => this.Policy.SetProperty(BinaryParsersProperties.IgnorePdbLoadError, value);
         }
 
+        public bool DisableTelemetry
+        {
+            get => this.Policy?.GetProperty(BinaryParsersProperties.DisableTelemetry) == true;
+            set => this.Policy.SetProperty(BinaryParsersProperties.DisableTelemetry, value);
+        }
+
         public bool IncludeWixBinaries
         {
             get => this.Policy?.GetProperty(BinaryParsersProperties.IncludeWixBinaries) == true;

src/BinSkim.Sdk/EnvironmentResources.resx

@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+
+    Version 2.0
+
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+
+    Example:
+
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="DefaultTelemetryConnectionString" xml:space="preserve">
+    <value />
+  </data>
+</root>

src/BinSkim.Sdk/Telemetry.cs

@@ -124,6 +124,13 @@ private static void ConfigureTelemetryContext(TelemetryContext context)
                 return "InstrumentationKey=" + appInsightsKey;
             }
 
+            // Fall back to DefaultTelemetryConnectionString.
+            string defaultTelemetryConnectionString = EnvironmentResources.DefaultTelemetryConnectionString;
+            if (!string.IsNullOrWhiteSpace(defaultTelemetryConnectionString))
+            {
+                return defaultTelemetryConnectionString;
+            }
+
             return null;
         }
 

src/BinaryParsers/BinaryParsersProperties.cs

@@ -17,6 +17,7 @@ public IEnumerable<IOption> GetOptions()
             {
                 ComprehensiveBinaryParsing,
                 IgnorePdbLoadError,
+                DisableTelemetry,
                 IncludeWixBinaries,
                 LocalSymbolDirectories,
                 SymbolPath
@@ -34,6 +35,11 @@ public IEnumerable<IOption> GetOptions()
                 "BinaryParsers", nameof(IgnorePdbLoadError), defaultValue: () => false,
                 "Set this value to 'true' to don't break if we have a 'PdbLoadingException'.");
 
+        public static PerLanguageOption<bool> DisableTelemetry { get; } =
+            new PerLanguageOption<bool>(
+                "BinaryParsers", nameof(DisableTelemetry), defaultValue: () => false,
+                "Set this value to 'true' to disable telemetry.");
+
         public static PerLanguageOption<bool> IncludeWixBinaries { get; } =
             new PerLanguageOption<bool>(
                 "BinaryParsers", nameof(IncludeWixBinaries), defaultValue: () => false,

src/Test.FunctionalTests.BinSkim.Driver/CommandLineTests.cs

@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft. All rights reserved.
 // Licensed under the MIT license. See LICENSE file in the project root for full license information.
 
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Text;
@@ -10,7 +11,6 @@
 using FluentAssertions;
 
 using Microsoft.CodeAnalysis.IL;
-using Microsoft.CodeAnalysis.Sarif.Driver;
 
 using Xunit;
 
@@ -70,5 +70,40 @@ public void MostlyFunctionlessCommandlineTest()
             builder.Length.Should().Be(0,
                 $"all test cases should pass, but the following test cases failed:\n{builder}");
         }
+
+        [Fact]
+        public void DisableTelemetryCommandlineTest()
+        {
+            var testCases = new List<Tuple<string, bool?>>()
+            {
+                new Tuple<string, bool?>(@"analyze C:\Native.exe -o C:\result.sarif", null),
+                new Tuple<string, bool?>(@"analyze C:\Native.exe -o C:\result.sarif --disable-telemetry true", true),
+                new Tuple<string, bool?>(@"analyze C:\Native.exe -o C:\result.sarif --disable-telemetry false", false)
+            };
+
+            var builder = new StringBuilder();
+
+            foreach (Tuple<string, bool?> testCase in testCases)
+            {
+                string[] args = testCase.Item1.Split(' ');
+                bool parser = new Parser(cfg => cfg.CaseInsensitiveEnumValues = true).ParseArguments<AnalyzeOptions>(args)
+                    .MapResult(
+                    options =>
+                    {
+                        if (options.DisableTelemetry != testCase.Item2)
+                        {
+                            builder.AppendLine($"\u2022 {testCase.Item1}");
+                        }
+                        return true;
+                    },
+                    err =>
+                    {
+                        builder.AppendLine($"\u2022 {testCase.Item1}");
+                        return true;
+                    });
+            }
+            builder.Length.Should().Be(0,
+                $"all test cases should pass, but the following test cases failed:\n{builder}");
+        }
     }
 }