W3C home > Mailing lists > Public > public-media-capture@w3.org > January 2012

Re: Hints argument & privacy concerns

From: Robin Berjon <robin@berjon.com>
Date: Mon, 23 Jan 2012 14:49:53 +0100
Cc: Stefan Hakansson LK <stefan.lk.hakansson@ericsson.com>, "public-media-capture@w3.org" <public-media-capture@w3.org>
Message-Id: <6050F4BF-F9F4-4DCC-BE99-F02A381B2215@berjon.com>
To: Travis Leithead <Travis.Leithead@microsoft.com>
On Jan 20, 2012, at 09:08 , Travis Leithead wrote:
> It turns out that figuring out front vs back is also a hard problem for User Agents because (at least in Windows) the OS can only provide this information if the hardware device encodes it -- which means that only devices with built-in cameras can be identified as such.

Right, but I don't think that that's a huge problem. Even when the UA can identify where back and front are, I fully expect it to give the user a choice (using the hint only to select the default camera). The hint is there to increase the chance that the default option will be pre-selected (or at the top, or whatever else makes sense in that context) so as to make for an even better UX but it's not a MUST-level requirement. It's very important that users be empowered to pick the source they want even when there's a hint and the UA knows for sure which device it maps to.

In cases in which the hint cannot be resolved, the UA simply provides a choice in the way that it believes makes most sense to the user.

> Another creative option that I've heard suggested is a simple "next" or "swap" API on the MediaStream that just cycles through the available cameras/mic. As was mentioned--the best way to reliably select the desired camera is to see the camera's preview. If the user wants the "other" one, they can just "swap" the MediaStream over to it.

But does this not assume that the code has immediate access to all cameras? I would really hope that granting access to a web app would only grant access to the *one* camera I specified.

> Regarding the fingerprinting issue with enumeration of devices/characteristics--I understand that the risk of enumeration is in providing it _before_ user approval, right? So, what if it's available only _after_ user approval? (e.g., first the developer hints at what they want, then the user selects a device, then the developer can verify if the user's choice is suitable for the application and fail/succeed at that point?)

I would definitely alleviate fingerprinting issues, but would it be useful? Users are more important than developers, and their decision should be final and unchallengeable. If I select the back camera but the app complains that it wanted the front and insists on refusing to work with that, the first thing I'll want is for my UA to lie to the app so that it lets me do what I want (actually, the first thing I'll want is to head-butt the developer, but that's mostly between him and me).

-- 
Robin Berjon - http://berjon.com/ - @robinberjon
Received on Monday, 23 January 2012 13:50:20 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 16:14:58 GMT