What happens when enterprise policy will prohibit the user from installing extensions? At this point I see requirement to install extensions for screen sharing only as a mechanism to penalize small new providers vs large providers. For the large established providers extensions would be much more likely to be pre-installed/approved by the enterprise IT team. It is much less likely to happen for smaller new services. I have mentioned earlier that extension mechanism serves no purpose at all as far as security is concerned. The risk that attacker can share users browser via a rouge WebEx ot GoToMeeting session is no different then the risk that he can share users browser via a custom session he have created. _____________ Roman Shpount On Wed, Jan 15, 2014 at 5:34 PM, Justin Uberti <juberti@google.com> wrote: > Blocking HTTPS makes it impossible to share a Google Docs doc or > presentation > > Look, this is a hard problem, and we've come to a point where use of the > screensharing feature in Chrome requires jumping through a hoop (i.e. > installing an extension), but not a ridiculously difficult one. I suspect > that web applications will find fairly elegant ways to incorporate this > into their flow. > > > On Mon, Jan 13, 2014 at 6:13 AM, Tim Panton new <thp@westhawk.co.uk>wrote: > >> >> On 13 Jan 2014, at 00:40, Silvia Pfeiffer <silviapfeiffer1@gmail.com> >> wrote: >> >> >> A whitelist of bank sites? >> >> >> Wouldn't bank sites always need to be "blacklisted" (i.e.: don't show >> their content)? >> >> >> Strikes me that a good short term default would be that https:// sites >> default >> to not supporting screenshot. http:// sites allow it, as do any that >> have the >> meta-screenshot tag set. >> >> I realize that as more sites adopt https:// only practices this default >> will dwindle in usefulness. >> >> T. >> > >
Received on Wednesday, 15 January 2014 23:14:23 UTC