- From: David Singer <singer@apple.com>
- Date: Wed, 10 Dec 2014 14:00:20 -0800
- To: Nicholas Doty <npdoty@w3.org>
- Cc: Joseph Lorenzo Hall <joe@cdt.org>, chaals@yandex-team.ru, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
> On Dec 10, 2014, at 12:14 , Nick Doty <npdoty@w3.org> wrote: > > On Dec 10, 2014, at 7:06 AM, Joseph Lorenzo Hall <joe@cdt.org> wrote: >> >> I'm wondering if there isn't a solution like an origin-specific "allow >> access to information about the keyboard and keyboard shortcuts" that >> the spec could recommend browser vendors implement here to mitigate this >> increased fingerprinting risk. HTML WG's scope may preclude making >> statements like that, I suspect. > > That’s an interesting idea. I’m always a little hesitant to suggest more browser permissions, though. And I think this one would be a particular challenge for the user. It would take a particularly expert user to recognize that “allow access to information about the keyboard and keyboard shortcuts” might also imply “allow this site to remember me and guess what other pages/software I have open on my computer”. More relevant, I imagine it would be difficult for a UA to explain the resulting implications clearly. Yes. At the recent workshop, we asked whether giving the user “control” over their privacy necessarily means giving the user more “controls”, especially when the consequences of the choices are not obvious. David Singer Manager, Software Standards, Apple Inc.
Received on Wednesday, 10 December 2014 22:00:49 UTC