Re: Proposal for device "enumeration"

On 2012-12-07 18:42, Martin Thomson wrote:
> On 6 December 2012 21:51, Adam Bergkvist <adam.bergkvist@ericsson.com> wrote:
>> Is the gain of enumerating the deviceIds that high that it's worth the
>> finger printing surface?
>
> The fingerprinting surface provided by this is exactly equivalent to
> getNumDevices() as Travis proposed.  The advantages are that you can
> build an application that has consistent behaviour over time.

The fingerprinting surface is obviously greater if we expose a list of 
ids (getDeviceIds()) compared to only the length of such a list (which 
would be getNumDevices()).

>> Couldn't you solve the use case of requesting a specific specific camera
>> (you have used before and know works) by only exposing the deviceId on that
>> source and having a constraint to request that particular device again with
>> getUserMedia()?
>
> That is the alternative, if you consider the idea that this amount of
> increase in fingerprinting is unacceptable.  The only two options with
> smaller fingerprinting area than this are:
>   a) don't provide a way to discover if the user has devices of a given type
>   b) provide a way to detect that devices of a given type exist, but not how many
> Then we have:
>   c) this proposal - let the application discover how many devices
> exist for a given type
> And if we consider fingerprinting to be a lost cause:
>   d) let the application know about devices to some degree (facing, max
> resolution)
>   e) let the application know everything
>
> I don't believe that option (a) is tolerable for all the
> aforementioned reasons.  (b) would enable re-acquisition of devices,
> which I think I would be OK with*.  (e) is such a radical departure
> from contemporary practice that I don't believe them to be even worth
> considering.  (d) might actually be useful...

If we have a device id on granted devices, I don't see that 
getDeviceIds() has any benefits over getNumDevices(). It's not really 
useful for the app (other than for fingerprinting) to have ids for 
devices that it doesn't know anything more about (i.e. have never used).

The main problem with getDeviceIds(), from a fingerprinting point of 
view, is that the app gets access to all the devices ids without the 
user granting permissions to anything. It enables "drive by" 
fingerprinting. That kind of fingerprinting would not be possible if the 
device id only got exposed to the app after the user granted permission 
to that device with getUserMedia().

/Adam

>
> The thing that bothers me most about just knowing about the existence
> of cameras (even with case (c)) is the first generation iPhone and
> devices of its ilk.  These have one camera that faces away from the
> user.  This camera is useless for communications applications.
> Getting an indication that a camera exists is therefore insufficient
> for those applications to know whether to offer video chat.  This is
> where (d) starts to be tempting.  But I'm not there yet.
>

Received on Monday, 10 December 2012 08:34:15 UTC