- From: schwittmann via GitHub <sysbot+gh@w3.org>
- Date: Sat, 09 Apr 2016 20:40:50 +0000
- To: public-device-apis@w3.org
I strongly agree that privacy is an issue in the Ambient Light Sensor API. Besides the threats discussed in the report I'd like to point out an additional example of information leakage: a malicious website can identify videos or TV channels playing in the user's proximity. This works since light emitted by a screen causes measurable changes in a room's ambient light. We recently published a paper at PerCom2016 describing and evaluating this method. You can find a preprint at https://vs.uni-due.de/schwittmann/2016_Schwittmann_Video_Recognition_using_Ambient_Light_Sensors.pdf We also analyzed possible countermeasures. As suggested in the report, we have shown that discretizing sensor readings has a significant impact. Limiting illuminance readings to steps of 6 lx made video recognition impossible in our scenario. -- GitHub Notification of comment by schwittmann Please view or discuss this issue at https://github.com/w3c/ambient-light/issues/8#issuecomment-207850202 using your GitHub account
Received on Saturday, 9 April 2016 20:40:52 UTC