Re: [ambient-light] Security and Privacy considerations for ALS from Lukasz Olejnik via GitHub on 2017-08-16 (public-device-apis-log@w3.org from August 2017)

From: Lukasz Olejnik via GitHub <sysbot+gh@w3.org>
Date: Wed, 16 Aug 2017 15:49:58 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-322815526-1502898593-sysbot+gh@w3.org>

Could we include:

> Readout of Ambient Light Sensor may potentially enable cross-origin communication or information leaks.


Or something along the lines. Feel free to modify. I'm referring to a [PoC](https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/) of stealing web browsing history.

-- 
GitHub Notification of comment by lknik
Please view or discuss this issue at https://github.com/w3c/ambient-light/issues/13#issuecomment-322815526 using your GitHub account

Received on Wednesday, 16 August 2017 15:49:58 UTC