W3C home > Mailing lists > Public > public-device-apis-log@w3.org > January 2018

[gyroscope] Include Known Gyroscope Privacy Exposures in Gyroscope Document

From: Jason A. Novak via GitHub <sysbot+gh@w3.org>
Date: Tue, 02 Jan 2018 15:50:31 +0000
To: public-device-apis-log@w3.org
Message-ID: <issues.opened-285463655-1514908229-sysbot+gh@w3.org>
jasonanovak has just created a new issue for https://github.com/w3c/gyroscope:

== Include Known Gyroscope Privacy Exposures in Gyroscope Document ==
At the review of the Sensors API at TPAC 2017, PING and the Sensors WG discussed including known privacy exposures for a given sensor, e.g. the use of the gyroscope as a microphone, in the W3C specification for that specific sensor as opposed to incorporating the exposure by reference. The goal of doing so is that an implementer of the specific sensor API would see the specific privacy exposure — and mitigations — for a sensor in the spec for that sensor API.

In the case of gyroscope, that would entail incorporating a reference to the risk of a gyroscope acting as a microphone, e.g. https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-michalevsky.pdf.  For mitigations, the proposed mitigations in the Generic Sensor API specification could be brought over or referenced.

Please view or discuss this issue at https://github.com/w3c/gyroscope/issues/27 using your GitHub account
Received on Tuesday, 2 January 2018 15:50:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:34:25 UTC