W3C home > Mailing lists > Public > public-device-apis-log@w3.org > August 2017

Re: [ambient-light] Security and Privacy considerations for ALS

From: Lukasz Olejnik via GitHub <sysbot+gh@w3.org>
Date: Wed, 16 Aug 2017 15:49:58 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-322815526-1502898593-sysbot+gh@w3.org>
Could we include:

> Readout of Ambient Light Sensor may potentially enable cross-origin communication or information leaks.


Or something along the lines. Feel free to modify. I'm referring to a [PoC](https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/) of stealing web browsing history.

-- 
GitHub Notification of comment by lknik
Please view or discuss this issue at https://github.com/w3c/ambient-light/issues/13#issuecomment-322815526 using your GitHub account
Received on Wednesday, 16 August 2017 15:49:58 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 12:18:53 UTC