On 2014-10-24, at 22:56, Jonas Sicking <[email protected]> wrote: > > It's unclear to me what you are suggesting that we should or should not do. > > Also, often times there's much more sensitive information captured > from a user's camera, than from a user's screen. Doesn't SOP and CSRF > concerns apply there too?
I think that ekr is merely observing that consent is not sufficient protection, because obvious risks (a site might get to see what is on my desktop) are accompanied by non-obvious risks (SOP violations, :visited scraping, undermining CWRF protections, etc…) that are also very hard to comprehend. Camera and microphone don’t really have SOP and CSRF concerns to the same extent. Yes, you might use a microphone to learn what another site is playing. But the user is very much aware of that, as much as they might be aware of the mirror that is in frame. The challenge with screen sharing is the sorts of things roc identified: if you can scrape the screen, there are plenty of interesting things that can be obtained, particularly when you have control over what is being displayed on that screen. I think that it would be foolish of us to try to build a mechanism that prevented this information from being captured if the user was determined to share the screen with a site. I think our focus is better concentrated on ensuring that this only happens when the user is genuinely determined, in much the same way we try to ensure that the decision to install an add-ons isn’t an idle one. The risks are commensurate. _______________________________________________ dev-platform mailing list [email protected] https://lists.mozilla.org/listinfo/dev-platform
