- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Wed, 08 Jul 2015 20:09:59 +0200
- To: public-privacy@w3.org
Hi, An interesting paper on how a seemingly innocuous API (battery level reading) ends up providing exploitable fingerprinting surface: A privacy analysis of the HTML5 Battery Status API http://eprint.iacr.org/2015/616.pdf Some of the risks highlighted are specific to an implementation (providing arguably too detailed information), some are probably more generic to any API that bridges with hardware. It might be interesting to look if the self-review questionnaire would have helped mitigating these risks at the spec level. Dom
Received on Wednesday, 8 July 2015 18:11:19 UTC