Bug 23934 - Proposal: Always launch permission prompt to avoid leakage from Jim Barnett on 2013-11-27 (public-media-capture@w3.org from November 2013)

From: Jim Barnett <Jim.Barnett@genesyslab.com>
Date: Wed, 27 Nov 2013 14:40:01 +0000
To: "public-media-capture@w3.org" <public-media-capture@w3.org>
Message-ID: <57A15FAF9E58F841B2B1651FFE16D2811F07C2@GENSJZMBX03.msg.int.genesyslab.com>

I am opposed to this.  I think that it would complicate app development and make the user experience worse.

I think that we can reduce information leakage by not returning the name of the failed mandatory constraints from gUM.  (Unknown mandatory constraints would be returned but they don't leak information about the user's devices.  Which constraints the UA  knows about depends on the maker and version of the UA, and that  information is already available.)

It's true that in this proposal, the app can still play 20 questions to tease out information, but  I don't think that there's any way to stop that without leaving apps unable to figure  anything useful out.  If we want to let the user know when the app is poking around,  the UA can always post a message in the chrome:  "app URL is checking your hardware".


-          Jim

Received on Wednesday, 27 November 2013 14:40:25 UTC