- From: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
- Date: Tue, 19 Nov 2013 18:08:14 +0000
- To: Jan-Ivar Bruaroey <jib@mozilla.com>, Harald Alvestrand <harald@alvestrand.no>, "public-media-capture@w3.org" <public-media-capture@w3.org>
On 19/11/13 18:00, Jan-Ivar Bruaroey wrote:
> On 11/19/13 10:56 AM, Jan-Ivar Bruaroey wrote:
>>> Would it make sense to go with only optional constraints for the first
>>> version?
>>
>> See, now how is that preferable to what I'm proposing?
>
> Sorry, you were talking about the leaking problem
I was talking about leaking and that people tell me that some OS' lie
anyway - so even if you get a successful return from gUM you still don't
know.
> (though I proposed a
> solution to that as well, the "user always gets a prompt").
I think this is a good solution.
> Given the
> number of changes I have to concede what you are proposing as a
> possibility. I just think it would be unfortunate.
>
> On the leak topic:
>
> Having tried to perfect an algorithm that extorts as much info as
> possible, I should say there are limits to the info one can glean from
> one session, since the eventual appearance of a permission prompt if I
> prod too narrowly, is a giveaway.
>
> The hacker's problem is that
>
> { mandatory: {foo: true, width: 1600 } }
>
> failing, doesn't mean with certainty that the user doesn't have that
> resolution. So the only way to know for sure is to probe for "sets of
> interest" directly, or probe single constraints.
>
> That said, a site that gets repeat visits will eventually get a full
> picture if they probe a different constraint each time, even if the user
> never permits anything. That still seems wrong.
I agree, but with your proposal (always prompting) we have a solution to
that!?
>
> .: Jan-Ivar :.
>
>
Received on Tuesday, 19 November 2013 18:08:39 UTC