W3C home > Mailing lists > Public > public-media-capture@w3.org > April 2014

[Bug 25245] Specify "access" in the context of getMediaDevices

From: <bugzilla@jessica.w3.org>
Date: Mon, 07 Apr 2014 15:57:56 +0000
To: public-media-capture@w3.org
Message-ID: <bug-25245-5753-mD8JYPiJ8A@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25245

Ian 'Hixie' Hickson <ian@hixie.ch> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ian@hixie.ch

--- Comment #2 from Ian 'Hixie' Hickson <ian@hixie.ch> ---
This is a fingerprinting vulnerability (it provides previously-unavailable
unique bits to identify the user), and thus should be considered in a privacy
context.

This is a potential abuse vulnerability (combined with other APIs, it allows
the author to send content to remote speakers without the user's consent).

As a user, I would not want a Web page to be able to enumerate any devices I
have without my explicit opt-in.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
Received on Monday, 7 April 2014 15:57:57 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:26:26 UTC