- From: Nick Doty <npdoty@w3.org>
- Date: Wed, 10 Dec 2014 12:14:12 -0800
- To: Joseph Lorenzo Hall <joe@cdt.org>
- Cc: chaals@yandex-team.ru, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Received on Wednesday, 10 December 2014 20:14:27 UTC
On Dec 10, 2014, at 7:06 AM, Joseph Lorenzo Hall <joe@cdt.org> wrote: > > I'm wondering if there isn't a solution like an origin-specific "allow > access to information about the keyboard and keyboard shortcuts" that > the spec could recommend browser vendors implement here to mitigate this > increased fingerprinting risk. HTML WG's scope may preclude making > statements like that, I suspect. That’s an interesting idea. I’m always a little hesitant to suggest more browser permissions, though. And I think this one would be a particular challenge for the user. It would take a particularly expert user to recognize that “allow access to information about the keyboard and keyboard shortcuts” might also imply “allow this site to remember me and guess what other pages/software I have open on my computer”. More relevant, I imagine it would be difficult for a UA to explain the resulting implications clearly. Nick
Received on Wednesday, 10 December 2014 20:14:27 UTC