Re: [ambient-light] Security and Privacy considerations for ALS

I made few measurements using several devices under different environmental conditions, results can be found in [this table](https://docs.google.com/spreadsheets/d/1vUojkaaif6AmftQmtqra1w9Z7CH00Cn9pb0Ci6v5_Jk).

Normal conditions
 - Auto brightness on, device sets level at 50%
 - Light reflected from normal surfaces

Speculative conditions
 - Auto brightness off, brightness at max
 - Light reflected from highly reflective surfaces (mirror, white diffusers)

Under normal conditions, differences between ALS readings reported for ‘white’ and ‘black’ levels are in a range of 0.05-14.03 lx. Under speculative conditions, e.g., close to a mirror or white diffuse material, max delta was 127.07 lx. When two devices are attached screen-to-screen and changing brightness levels, max delta was 478 lx.

Based on the data, [JS wrapper](https://gist.github.com/alexshalamov/e6a250cad4fe7486453b27d0e0ca8d66) with threshold of 50 lx was used to verify that [POC](https://arturjanc.com/ls/) referred in [the article](https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
) is not able to provide reliable results.

Drawbacks for the 50 lx threshold is that sensitivity in 0-50 lx range would be lost. After 50 lx, illuminance values for EV or light levels describing environmental conditions ([light levels](https://www.noao.edu/education/QLTkit/ACTIVITY_Documents/Safety/LightLevels_outdoor+indoor.pdf), [EV](https://en.wikipedia.org/wiki/Exposure_value), [daylight](https://en.wikipedia.org/wiki/Daylight)) are increasing logarithmically, therefore, relative precision would be increasing together with illuminance values (e.g., not important if lx value is 20.000 or 20.050).

-- 
GitHub Notification of comment by alexshalamov
Please view or discuss this issue at https://github.com/w3c/ambient-light/issues/13#issuecomment-302393458 using your GitHub account

Received on Thursday, 18 May 2017 12:47:49 UTC