- From: Anssi Kostiainen via GitHub <sysbot+gh@w3.org>
- Date: Sun, 27 Aug 2017 06:02:34 +0000
- To: public-device-apis-log@w3.org
I think an even more explicit text in this case would be warranted that mentions attack vectors that are detecting visited links and stealing cross-origin resources by reading light emitted by each pixel separately. You could make your proposal sound more explicit by noting these details. Would you mind providing us an updated proposed text? Otherwise, I'll propose something myself. Consider your extra bullet in the context of the current text to avoid redundancy: https://w3c.github.io/ambient-light/#security-and-privacy This would allow implementers to know exactly what they need to mitigate against. I feel the current proposal is too abstract. -- GitHub Notification of comment by anssiko Please view or discuss this issue at https://github.com/w3c/ambient-light/issues/13#issuecomment-325179063 using your GitHub account
Received on Sunday, 27 August 2017 06:02:31 UTC