- From: Lukasz Olejnik via GitHub <sysbot+gh@w3.org>
- Date: Wed, 27 Jul 2016 16:55:49 +0000
- To: public-device-apis@w3.org
lknik has just created a new issue for https://github.com/w3c/sensors: == Updating security and privacy considerations == I would suggest updating > Variations in sensor readings as well as event firing rates offer the possibility of fingerprinting to identify users. User agents may reduce the risk by limiting event rates available to web application developers. to > Variations in sensor readings as well as event firing rates offer the possibility of fingerprinting to identify users. User agents may reduce the risk by limiting event rates available to web application developers. > > Minimizing the accuracy of a sensor's readout generally decreases the risk of fingerprinting. User agents should not provide unnecessarily verbose readouts of sensors data. Each sensor should be assessed individually. Rationale: sometimes too verbose readout provides data on user's system/architecture, but is not necessary at all. Example: battery readout of 0.999424722 and 0.99 (sufficient). Also, changing > User agents should consider providing the user an indication of when the sensor is used and allowing the user to disable it. to > User agents should consider providing the user an indication of when the sensor is used and allowing the user to disable it. Additionally, user agents should consider allowing the user to verify past sensor use patterns. Please view or discuss this issue at https://github.com/w3c/sensors/issues/117 using your GitHub account
Received on Wednesday, 27 July 2016 16:55:56 UTC