[screen-wake-lock] Security Review (#282)

David-Chadwick has just created a new issue for https://github.com/w3c/screen-wake-lock:

== Security Review ==
Screen-wake-lock if not specified and implemented correctly can be a perfect DOS mode of attack by flattening the battery of the user's machine and rendering it unusable.

1. Whilst only visible documents can acquire the screen-wake-lock, nevertheless the user must be able to control this. Currently the specification says that it is only RECOMMENDED that the user agent shows this to the user, and no reasons are given for this. This should be converted to MUST so that the user definitely has control over it. It you want to stay with RECOMMENDED then you should specify the conditions when MUST does not apply.

2. A state transition diagram would be extremely beneficial to understand when the lock is on or off and how it is activated/deactived etc.

3. The security section as written is rather weak.  "Implementations should consider preventing wake lock application if they determine that the remaining battery capacity is low." This is a rather weak statement if we want to prevent DOS attacks. A stronger statement would be "Implementations MUST prevent wake lock application if they determine that the remaining battery capacity is low."

Please view or discuss this issue at https://github.com/w3c/screen-wake-lock/issues/282 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 3 September 2020 16:18:12 UTC