W3C home > Mailing lists > Public > public-web-intents@w3.org > July 2012

RE: Explicit intents privacy concern

From: Deepanshu Gautam <deepanshu.gautam@huawei.com>
Date: Wed, 25 Jul 2012 05:57:26 +0000
To: Greg Billock <gbillock@google.com>
CC: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, "paulkinlan@google.com" <paulkinlan@google.com>, "public-web-intents@w3.org" <public-web-intents@w3.org>
Message-ID: <DA22857AC9F15C469BB47FE88C020129423C53AD@szxeml547-mbx.china.huawei.com>
Inline....

Deepanshu Gautam
Senior Engineer, Service Standards, Huawei
O: +86 25 56620008 M: +8613585147627

> -----Original Message-----
> From: Greg Billock [mailto:gbillock@google.com]
> Sent: Tuesday, July 24, 2012 11:47 PM
> To: Deepanshu Gautam
> Cc: Frederick.Hirsch@nokia.com; paulkinlan@google.com; public-web-
> intents@w3.org
> Subject: Re: Explicit intents privacy concern
> 
> On Mon, Jul 23, 2012 at 5:51 PM, Deepanshu Gautam
> <deepanshu.gautam@huawei.com> wrote:
> > The client site (Image Manager) may not be hostile but the service site
> (Image Editor) it send my data to, can be something I *don't like* or
> something I don't trust. As long as my data is with client site it is not
> compromised.
> 
> When using an explicit intent, the client site is integrating with a
> particular service. If they can't use web intents to get your data
> there, they can use another method. The point being, there are many
> ways for this data transfer to happen once the client has the data. I
> don't see the argument yet for closing it off for explicit intents.
[DG] I would have reservation for that "another method" too, if it is about transferring user data without user consent and it is to be written in W3C spec. But, here we are talking about Web Intents and explicit intent (does user knows that the intent being registered is a explicit intent aka integrated-with-specific-service intent) enabling transmission of user data without user consent doesn't looks good to me. 
> 
> > Regards
> >
> > Deepanshu Gautam
> > Senior Engineer, Service Standards, Huawei
> > O: +86 25 56620008 M: +8613585147627
> >
> >> -----Original Message-----
> >> From: Greg Billock [mailto:gbillock@google.com]
> >> Sent: Tuesday, July 24, 2012 4:59 AM
> >> To: Frederick.Hirsch@nokia.com
> >> Cc: paulkinlan@google.com; public-web-intents@w3.org
> >> Subject: Re: Explicit intents privacy concern
> >>
> >> Sure, but the attacker here is the client site -- which by definition
> >> already has the data. The point being, if that site is hostile, the
> >> data is already compromised before an intent is ever invoked.
> >>
> >> On Mon, Jul 23, 2012 at 1:29 PM,  <Frederick.Hirsch@nokia.com> wrote:
> >> > Yes, the major concern is that the data reaches a site without user
> consent
> >> or involvement.
> >> >
> >> > The approach discussed in the face - face, the "speed bump" , is not to
> pass
> >> the data with this initial connection, allow a user to go "back" without
> >> sharing data
> >> >
> >> >
> >> > regards, Frederick
> >> >
> >> > Frederick Hirsch
> >> > Nokia
> >> >
> >> >
> >> >
> >> > On Jul 23, 2012, at 2:20 AM, ext Paul Kinlan wrote:
> >> >
> >> >> My general thought would be that this is mitigated by the fact that we
> can
> >> deliver data asynchronously, and if required get the users approval to let
> the
> >> data in to the service app.
> >> >>
> >> >> I think some of the worry is that I am don't have the service installed,
> >> because I don't know where the data is going when I click on the button in
> a
> >> client page, it might open up Facebook or G+ and I might find that my data
> >> being visible to these abhorent, it might be worse to the user if the
> service
> >> invoked is a site that is completely untrusted.
> >> >>
> >> >> P
> >> >
> >
Received on Wednesday, 25 July 2012 05:58:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 25 July 2012 05:58:10 GMT