W3C home > Mailing lists > Public > public-device-apis-log@w3.org > June 2017

Re: [ambient-light] Security and Privacy considerations for ALS

From: Lukasz Olejnik via GitHub <sysbot+gh@w3.org>
Date: Wed, 21 Jun 2017 15:18:31 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-310112465-1498058310-sysbot+gh@w3.org>
> When we have these details discussed and agreed upon here, we are in a better position to update the security and privacy consideration section with concrete guidance to implementers -- and can finally close this issue that's been open for a while.

I guess the considerations would still stand. Also, what you mean by "known attacks" might not be that future-proof. And I reiterate that any implementation of ALS might, to some extent, be used to profiling.

> Sorry, maybe I didn't explain properly. Values in a range of [0-50] might be useful to destinguish between dark environmental conditions, for example 'Full moon' vs 'Overcast sunset'. I'm not sure whether it would be big problem if we would loose sensitivity in that range. So, those values are not that informative.

What I thought is that you want to expose the following values: 0, 50, 100, 150, ... - so round the reading to the closest n*50. I guess for n<20 you'd miss out on information, as for larger n's the differences aren't that large (with respect to the outside sorrounding).

So my proposal:

- expose CSS MQ values
- if exposing more precision, ask for permission. For the use cases, e.g. calibrating a camera, permission should not be an issue... Or why not bundle a camera permission with ALS too and name it somehow (as opposed to Motion Sensor).


-- 
GitHub Notification of comment by lknik
Please view or discuss this issue at https://github.com/w3c/ambient-light/issues/13#issuecomment-310112465 using your GitHub account
Received on Wednesday, 21 June 2017 15:18:37 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 12:18:53 UTC