Re: Screen capture from Harald Alvestrand on 2013-01-31 (public-media-capture@w3.org from January 2013)

From: Harald Alvestrand <harald@alvestrand.no>
Date: Thu, 31 Jan 2013 23:06:50 +0100
To: Martin Thomson <martin.thomson@gmail.com>
CC: "public-media-capture@w3.org" <public-media-capture@w3.org>
Message-ID: <510AEAFA.1050402@alvestrand.no>

On 01/31/2013 11:00 PM, Martin Thomson wrote:
> Actually, I got some really good feedback on this feature in a
> discussion last night.  The security concerns over giving access to a
> screen capture are pretty serious.  There is a very good reason that
> applications are prevented from sampling any part of the page that are
> not from the same origin.  Screen capture would circumvent that.  It
> may be that a simple user confirmation/permission question is
> insufficient to convince some people that capture is safe to permit
> for this reason.
>
> It's actually very simple.  I load an iframe to your bank, using your
> login cookie, briefly display some highly sensitive resource, capture
> the screen, ???, profit.
>
> I knew this was a problem, but I didn't realize the strength of the reaction.

It's exactly the same problem as a remote control interface like PCAnywhere.
Many people find those creepy (and with some justification).


>
> On 31 January 2013 21:11, Harald Alvestrand <harald@alvestrand.no> wrote:
>>> Why then does one not exist yet?
>> It's "just" a matter of defining the constraints, if the WG agrees to follow
>> this convention.
> :)  I know you know that it's never that easy.
>
>> I don't know what API we should use to generate the identifiers for "things
>> that can be used in a screen capture". The cameras and microphones can be
>> "listed" with the VideoDeviceIds / AudioDeviceIds in Travis' "v6" proposal,
>> but with "things that can be used in a screen capture", I don't know a) how
>> to list them, or b) what the privacy restrictions should be on listing them.
> Oh, maybe you don't need to list these along with other "devices".  If
> the feature exists, then you don't need to be that specific (unless
> you want to do per-window capture and identity the same window over
> time, which I think isn't really that useful).  The identifiers that
> the resulting objects are given could be allocated in a similar
> fashion to devices, with a single "capture" device ID.  You wouldn't
> be able to learn that device ID a priori, hence the suggestion to have
> another constraint for this purpose.  (screen: true, or a generalized
> videoDeviceType: capture/camera/file)

inputdevicetype=capture, which pops up a "what do you want to capture" 
dialog?
That sounds about right....

Received on Thursday, 31 January 2013 22:07:20 UTC