- From: Kostiainen, Anssi <anssi.kostiainen@intel.com>
- Date: Mon, 4 Jul 2016 08:54:26 +0000
- To: Dominique Hazael-Massieux <dom@w3.org>, Marcos Caceres <marcos@marcosc.com>
- CC: Frederick Hirsch <w3c@fjhirsch.com>, W3C Device APIs WG <public-device-apis@w3.org>
Hi, > On 01 Jul 2016, at 11:12, Dominique Hazael-Massieux <dom@w3.org> wrote: > >>> * after discussion with the Director, the likely next step for Battery >>> will be to publish an updated Proposed Recommendation (Dom in charge, >>> pun intended) >> >> Mozilla's DOM Team is considering removing the Battery API from Gecko >> because of the recent abuse by companies like Uber [1] - and because >> of a lack of credible set of use cases. Abuses like that harm users >> and the credibility of apps in general. > > Thanks for letting us know, that's indeed important information to > determine our next steps. > > Given this, I would like to suggest that we should instead of a new > Proposed Recommendation, fall back to Candidate Recommendation where we > can evaluate the expected future implementations of the API, or evaluate > mitigation strategies to the concerns you mentioned. The mitigation strategies baked into the spec currently are the following: * BatteryManager is gated behind a promise allowing implementations to leave the promise in a pending state, for example, if no user consent is acquired. In particular, the promise never rejects, as to not allow implementations to know whether the user did not grant access or whether she just did not act on the request. * Implementations may obfuscate the exposed values, and/or adjust the precision of the readouts as they see fit. See also: https://w3c.github.io/battery/#security-and-privacy-considerations > Frederick, Anssi, what do you think? There is a certain amount of time > sensitiveness to this: we owe the Advisory Committee an update on the > Battery API (since they reviewed it as a Proposed Recommendation quite a > while ago), so I would like whatever next step we choose to be put in > place next week if possible. Let's fall back to CR. If Mozilla ends up unshipping the API, we should probably consider publishing the spec as a Note instead. However, I'd let the spec stay in CR for a while as we try to address this concern, and get feedback from other implementers. Thanks, -Anssi >> [1] http://www.independent.co.uk/life-style/gadgets-and-tech/news/uber-knows-when-your-phone-is-about-to-run-out-of-battery-a7042416.html
Received on Monday, 4 July 2016 08:55:21 UTC