- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Thu, 18 Aug 2011 12:20:04 +0200
- To: Wojciech Masłowski <wmaslowski@opera.com>
- Cc: "public-geolocation@w3.org" <public-geolocation@w3.org>
Le jeudi 18 août 2011 à 10:26 +0200, Wojciech Masłowski a écrit : > http://www.newscientist.com/article/mg21128255.200-smartphone-jiggles-reveal-your-private-data.html > > TLDR: It is possible to construct a keylogger using only accelerometer > data. Maybe we should think about revising security policy for device > orientation events and force UA to ask user if he wants to allow site to > use orientation events. Isn't it that this is only problematic if a Web page wants to keep getting orientation events when not visible? Maybe permission would need to be asked only in cases a Web page needs to get these events even when not visible? Dom
Received on Thursday, 18 August 2011 10:20:20 UTC