W3C home > Mailing lists > Public > www-international@w3.org > July to September 2010

Re: FW: proposal: add input/keyboard locale to text and keyboard events

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 17 Aug 2010 23:17:16 +0200
To: "Aharon (Vladimir) Lanin" <aharon@google.com>
Cc: www-international@w3.org, "Richard Ishida" <ishida@w3.org>, www-dom@w3.org, "Doug Schepers" <schepers@w3.org>
Message-ID: <op.vhlpe2w464w2qv@anne-van-kesterens-macbook-pro.local>
On Tue, 17 Aug 2010 22:14:44 +0200, Aharon (Vladimir) Lanin  
<aharon@google.com> wrote:
> Is that fingerprinting as in phishing? Given that a phishing site usually
> knows the user's IP address and thus the country, as well as the  
> browser's requested languages, does exposing the input locale really add  
> to the
> phisher's capability?

Mostly as in giving away something unique to the user allowing for e.g.  
user tracking without use of cookies etc. This might be quite different  
 from other information exposed. E.g. my most of my stuff is in English,  
but I happen to use a Dutch keyboard (and sometimes a Norwegian, depending  
on the laptop).

I'm mostly saying this because recently Gecko and to some extent Opera  
have been taking small steps in reducing exposure of such information.


-- 
Anne van Kesteren
http://annevankesteren.nl/
Received on Tuesday, 17 August 2010 21:17:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 17 August 2010 21:17:58 GMT