- From: John Morris <jmorris@cdt.org>
- Date: Thu, 20 May 2010 23:24:19 -0400
- To: W3C Device APIs and Policy WG <public-device-apis@w3.org>
+1 on Thomas's request for specific, realistic use cases for revealing MAC addresses through the web browser. I'd also be interested in any argument that revealing MAC addresses is "not really a threat" -- I think that such a capability would have very significant and problematic implications for privacy. John On May 20, 2010, at 5:28 PM, Thomas Roessler wrote: > On 20 May 2010, at 14:23, Brian LeRoux wrote: > >> Some notes from the phonegap team for consideration: >> >> - MAC addresses can be used to uniquely identify a network device >> which we can/have/do use for some apps. I can give some specific use >> cases here if neccessary. We feel this is useful in the spec and not >> really a threat. > > I'd be interested in seeing the specific use cases. In particular: > *What* is it that you really want to uniquely identify? The network > interface? The user? The device? > >> - Also: MAC addresses can be spoofed! > > Yes, but that's not very likely to occur. > >> - IP Addresses only give a rough estimate of where a person is...and >> if we don't include it can be easily retrieved with >> http://whatismyipaddress.com anyhow. We should include in the spec. > > These may well be different addresses: The device might be behind a > NAT, a proxy of sorts, or may use an anonymization service. > > >
Received on Friday, 21 May 2010 03:25:03 UTC