Re: Screensharing - Application restricting whole screen from Eric Rescorla on 2015-11-25 (public-media-capture@w3.org from November 2015)

From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 25 Nov 2015 06:29:58 -0800
To: Anne van Kesteren <annevk@annevk.nl>
Cc: "Hutton, Andrew" <andrew.hutton@unify.com>, Mathieu Hofman <Mathieu.Hofman@citrix.com>, Jan-Ivar Bruaroey <jib@mozilla.com>, Martin Thomson <martin.thomson@gmail.com>, Media Capture TF <public-media-capture@w3.org>
Message-ID: <CABcZeBOLVWk9n3ooW+e7Nxkarhqqk4UWF1GxCwBvEPwun7GXpw@mail.gmail.com>

I think you may be applying the wrong threat model here. This isn't about
stopping employees from intentionally sending out pictures of their
screens. It's about making it harder for them unintentionally to do so.
So, sure, the employee could use a different provider or an iPhone to
take a picture of their screen. This is just about making it less likely
that
they will inadvertantly do so when they meant to share just a single window,
which happens a lot (this also happens in the presentation context
when people forget to turn off IM notifications and the like).

-Ekr

On Wed, Nov 25, 2015 at 2:13 AM, Anne van Kesteren <annevk@annevk.nl> wrote:

> On Wed, Nov 25, 2015 at 10:30 AM, Hutton, Andrew
> <andrew.hutton@unify.com> wrote:
> > Yes if you want to be sure but that is very difficult to achieve and
> administer given all the different browsers and OS used. A simple standard
> browser API is the simplest way to do this and would meet the requirement.
>
> I guess, but it wouldn't actually be secure.
>
>
> --
> https://annevankesteren.nl/
>

Received on Wednesday, 25 November 2015 14:31:13 UTC