W3C home > Mailing lists > Public > public-device-apis-log@w3.org > August 2017

Re: [ambient-light] Security and Privacy considerations for ALS

From: Lukasz Olejnik via GitHub <sysbot+gh@w3.org>
Date: Wed, 16 Aug 2017 15:49:58 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-322815526-1502898593-sysbot+gh@w3.org>
Could we include:

> Readout of Ambient Light Sensor may potentially enable cross-origin communication or information leaks.

Or something along the lines. Feel free to modify. I'm referring to a [PoC](https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/) of stealing web browsing history.

GitHub Notification of comment by lknik
Please view or discuss this issue at https://github.com/w3c/ambient-light/issues/13#issuecomment-322815526 using your GitHub account
Received on Wednesday, 16 August 2017 15:49:58 UTC

This archive was generated by hypermail 2.4.0 : Monday, 4 July 2022 12:47:54 UTC