Re: Security issue of orientation events.

Le jeudi 18 août 2011 à 10:26 +0200, Wojciech Masłowski a écrit :
> http://www.newscientist.com/article/mg21128255.200-smartphone-jiggles-reveal-your-private-data.html
> 
> TLDR: It is possible to construct a keylogger using only accelerometer 
> data. Maybe we should think about revising security policy for device 
> orientation events and force UA to ask user if he wants to allow site to 
> use orientation events.

Isn't it that this is only problematic if a Web page wants to keep
getting orientation events when not visible? Maybe permission would need
to be asked only in cases a Web page needs to get these events even when
not visible?

Dom

Received on Thursday, 18 August 2011 10:20:20 UTC