- From: Kiran Kumar <g.kiranreddy4u@gmail.com>
- Date: Thu, 26 Sep 2013 10:26:19 +0530
- To: cowwoc <cowwoc@bbs.darktech.org>
- Cc: Anne van Kesteren <annevk@annevk.nl>, "public-media-capture@w3.org" <public-media-capture@w3.org>, Harald Alvestrand <harald@alvestrand.no>, "Robert O'Callahan" <robert@ocallahan.org>, Martin Thomson <martin.thomson@gmail.com>
- Message-ID: <CAGW1TF6zGFftaRvENRrpk9c-ypFxA73Bq+F_VefqFFhox+SL2Q@mail.gmail.com>
Gili, At-least for me, this solution seems to be problematic regarding security considerations. I suggest one modification to avoid this problem, that is, for every time I open the same application, browser should prompt the existing permissions (instead of just reviewAllpermissions option), and should give facility to change them or continue with them. (This is just an overview, of-course still I have to think more deeper into this problem by analyzing various other scenarios too). Thanks, Kiran. On Wed, Sep 25, 2013 at 6:07 PM, cowwoc <cowwoc@bbs.darktech.org> wrote: > Kiran, > > I assume you're referring to Windows. Under Windows, if your wife logs > in under the same user account as you then for all intensive purposes she > *is* you. If she wants separate permissions then she should use her own > user account (which is preferable since she will get her own list of > bookmarks, saved passwords, etc). > > Gili > > > On 25/09/2013 1:00 AM, Kiran Kumar wrote: > > Hi Gili, > > I have a doubt here, which requires some clarification for your (hybrid) > proposal, > > "Browser caches the permissions for some particular website to use the > same permissions for the next time", my doubt in this statement is, > If I open a website and gave permission to access my camera, after some > time if my wife want to open the same app in the same computer/mobile, > where she don't want to give permission to the camera. Chances are there > for providing permissions to camera unknowingly. > > I don't know whether I understood it correctly or is there any > misunderstanding, > > Thanks, > Kiran. > > > > On Tue, Sep 24, 2013 at 3:36 AM, Martin Thomson <martin.thomson@gmail.com > > wrote: > >> I tend to agree with this conclusion. That said, the guidance I've >> received indicates that this is a little better understood than Anne >> suggests. That guidance is pretty clear: it is not currently a good idea to >> talk to users about fingerprinting risks, no matter how the question is >> formulated. But times, and people, change, so putting this side for now >> seems wise. >> On Sep 24, 2013 7:55 AM, "Anne van Kesteren" <annevk@annevk.nl> wrote: >> >>> On Mon, Sep 23, 2013 at 1:17 AM, Harald Alvestrand <harald@alvestrand.no> >>> wrote: >>> > Adding directly the 3 people who I think you have to convince >>> explicitly. >>> >>> I think we need to revisit this at some point in a more general >>> context. I think being able to indicate somehow (declarative maybe, >>> manifest) what you need and having success/failure for these as the >>> user starts using the respective features (or you might grant a few if >>> the user bookmarks the app) might make sense. >>> >>> I don't think we're quite there yet though in fully understanding what >>> an app on the web is. It's fine to experiment, but too soon to >>> standardize. >>> >>> >>> -- >>> http://annevankesteren.nl/ >>> >> > >
Received on Thursday, 26 September 2013 04:57:06 UTC