Re: [vibration] privacy consideration PING comments

2016-02-29 22:47 GMT+01:00 Joseph Lorenzo Hall <joe@cdt.org>:

> On Mon, Feb 29, 2016 at 2:37 PM, David Singer <singer@apple.com> wrote:
> >>
> >>
> >> So, is this API a fingerprint risk, or a beacon risk?
> >>
> >> It provides information
> >
> > that’s my puzzle.  it provides almost no information at all.  what
> information does it provide?
> >
> > it can transmit information (e.g. the vibrate pattern), it can identify
> a device ‘in a crowd’, and so on, but…
>
> I think this is semantic confusion. Lukasz here seems to be saying
> through the API a developer provides vibration patterns to the device
> which vibrates according to those patterns. So these are beacon
> facilitating risks (a cookie value could be marshaled into a set of
> vibration patterns and then picked up acoustically by another device
> to register the first device was in acoustic proximity)
>

Actually, what I mean israther -  probing accelerometer/gyroscope/etc
sensors, which are known to differ from each others. This is basically an
extraction of an identifier. Quintessential fingerprinting.


>
> --
> Joseph Lorenzo Hall
> Chief Technologist, Center for Democracy & Technology [https://www.cdt.org
> ]
> e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
> Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871
>
> CDT's annual dinner, Tech Prom, is April 6, 2016!
> https://cdt.org/annual-dinner
>

Received on Monday, 29 February 2016 21:54:14 UTC