W3C home > Mailing lists > Public > public-device-apis-log@w3.org > April 2017

Re: [sensors] Javascript 120Hz devicemotion events for high end inertial applications

From: Alexander Shalamov via GitHub <sysbot+gh@w3.org>
Date: Tue, 11 Apr 2017 14:12:37 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-293276014-1491919955-sysbot+gh@w3.org>
@maryammjd Based on your [research work](https://arxiv.org/pdf/1602.04115.pdf) and also papers from other security researchers ([gyromic](https://crypto.stanford.edu/gyrophone/files/gyromic.pdf), [ACCessory](https://pdfs.semanticscholar.org/3673/2ae9fbf61f84eab43e60bc2bcb0a48d05b67.pdf), [Pin skimming](https://arxiv.org/pdf/1611.03748.pdf), [ALS Pin skimming]( http://delivery.acm.org/10.1145/2670000/2666622/p51-spreitzer.pdf)).

It looks like the security & privacy risks come from the data exposed by low-level sensors (gyro,accel, als and magn).

What would be the risk estimation for a high-level [orientation sensor](https://w3c.github.io/orientation-sensor/)?

We are collecting data for the security & privacy section of the [Chromium implementation design document](https://docs.google.com/document/d/1Ml65ZdW5AgIsZTszk4mD_ohr40pcrdVFOIf0ZtWxDv0/#heading=h.lmg4m6asf9b4) to find out optimal permission model for sensors. Your feedback would be very much appreciated.

-- 
GitHub Notification of comment by alexshalamov
Please view or discuss this issue at https://github.com/w3c/sensors/issues/98#issuecomment-293276014 using your GitHub account
Received on Tuesday, 11 April 2017 14:12:43 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 12:18:53 UTC