Re: An alternate approach to enumerating devices from Harald Alvestrand on 2013-03-25 (public-media-capture@w3.org from March 2013)

From: Harald Alvestrand <harald@alvestrand.no>
Date: Mon, 25 Mar 2013 10:35:23 +0100
To: public-media-capture@w3.org
Message-ID: <51501A5B.9080302@alvestrand.no>

On 03/22/2013 01:54 PM, Stefan Håkansson LK wrote:
> I like Haralds proposal, it is an improvement over the current one IMO.
>
> That said, I think Jim has a point. We have earlier talked about that 
> no-one should be excluded from a video service because they do not 
> have a camera (instead they could use a file as a "fake" camera 
> source). With sourceId/sourceInfo the app could exclude users.

I think this is orthogonal to the difference between the current draft 
and what I'm proposing.

If the browser is willing to supply fake cameras, the browser can be 
willing to supply fake IDs for the fake cameras. I think the browser 
should present a consistent picture.

>
> If you compare to the access to files on the system, the analogous 
> behavior would be that the app could, without any user consent, find 
> out how many files there are and what types (extensions) they are. 
> That is not possible IIUC.
>
> I would feel better if (at least) the first time used the app could 
> not find out much without informing the user. And that trust given can 
> be revoked.

I agree about "not finding out much", the two approaches expose exactly 
the same information before consent is given (the number of devices and 
their IDs). The WG has already agreed that this info is OK to reveal.

The difference is the question of "facing". If the WG feels happier if 
"facing" is also hidden until permission is given, I don't mind.


>
> Stefan
>
> On 3/21/13 8:57 PM, Jim Barnett wrote:
>> I know that most users never change the defaults, but I still think
>> that some of these difficulties are reduced if we give the user
>> multiple security settings: 1.  "don't tell apps anything" (i.e., the
>> app must call gUM to get any information at all) 2.  "tell them if I
>> have video/audio, but nothing more"  (i.e. before the app calls gUM)
>> 3.  "let them see labels, facing info, etc."
>>
>> (If we introduce a distinction between trusted and untrusted apps,
>> the levels above would apply to untrusted ones, I would think.) This
>> way the (few) people who understand the situation and care can get
>> the behavior that they want.
>>
>> - Jim -----Original Message----- From: Harald Alvestrand
>> [mailto:harald@alvestrand.no] Sent: Thursday, March 21, 2013 3:38 PM
>> To: public-media-capture@w3.org Subject: Re: An alternate approach to
>> enumerating devices
>>
>> On 03/21/2013 08:23 PM, Jim Barnett wrote:
>>> It may just be that the format is odd on my system, but is 'facing'
>>> available if the app is not trusted?
>> Opinions sought .... "facing" was the last thing I added. Exposing it
>> means that the drive-by web now can make a very good guess on whether
>> you're a phone or a PC; not exposing it means that the app has to do
>> at least one camera grab blind (see other thread).
>>
>>
>
>

Received on Monday, 25 March 2013 09:35:58 UTC