- From: Christine Runnegar <runnegar@isoc.org>
- Date: Fri, 19 Feb 2016 09:23:16 +0000
- To: Frederick Hirsch <w3c@fjhirsch.com>
- CC: "norcie@cdt.org" <norcie@cdt.org>, "David (Standards) Singer" <singer@apple.com>, Joseph Lorenzo Hall <joe@cdt.org>, Chaals McCathie Nevile <chaals@yandex-team.ru>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Many thanks for this Frederick. Christine > On 18 Feb 2016, at 6:04 PM, Frederick Hirsch <w3c@fjhirsch.com> wrote: > > In case it is helpful, here is the link for the Vibration API with the proposed changes in place, if you want to see them in context. > > https://rawgit.com/anssiko/vibration/rec-errata/index.html > > This is the redline showing all changes in the associated pull request, including the privacy related changes > > https://github.com/w3c/vibration/pull/1/files > > regards, Frederick > > Frederick Hirsch > Chair, W3C Device APIs WG (DAP) > > www.fjhirsch.com > @fjhirsch > > >> On Feb 17, 2016, at 12:35 AM, Christine Runnegar <runnegar@isoc.org> wrote: >> >> Charles, >> >> If this works for you and the Device API WG, let’s add this to the agenda for our next call (Thursday 26 February 2016 at UTC 17). >> Anyone from DAP who would like to join, would be most welcome. >> >> In the meantime, everyone, please continue sharing your perspectives on this thread. >> >> Christine >> >> >>> On 17 Feb 2016, at 2:40 AM, Greg Norcie <gnorcie@cdt.org> wrote: >>> >>> Would they be too faint? IIRC tempest attacks have picked up keystroke noises: >>> >>> https://www.schneier.com/blog/archives/2005/09/snooping_on_tex.html >>> >>> Couldn't a microphone also pick up vibration noises? >>> >>> >>> >>> /********************************************/ >>> Greg Norcie (norcie@cdt.org) >>> Staff Technologist >>> Center for Democracy & Technology >>> District of Columbia office >>> (p) 202-637-9800 >>> PGP: http://norcie.com/pgp.txt >>> >>> CDT's Annual Dinner (Tech Prom) is >>> April 6, 2016. Don't miss out! >>> learn more at https://cdt.org/annual-dinner >>> /*******************************************/ >>> >>> On Tue, Feb 16, 2016 at 8:06 PM, David (Standards) Singer <singer@apple.com> wrote: >>> yes, an obvious question is ‘beaconing’ using vibration. >>> >>> I guess this becomes more of a question for users with more than one device — especially a second device that has motion sensing. But the two devices would have to be awfully close for vibration to transfer. >>> >>> >>> >>>> On Feb 16, 2016, at 12:30 , Joseph Lorenzo Hall <joe@cdt.org> wrote: >>>> >>>> Are those two things or just one? That is, is this section claiming: >>>> 1) it is possible to fingerprint a device through the Vibration API by >>>> requesting information that could be used to uniquely identify a >>>> device by characterizing "tiny imperfections during their >>>> manufacturing"; and 2) it is possible for an external observer to >>>> identify someone close to them in physical reality ("meat space") by >>>> causing the user to visit a specific web page that then uses the >>>> Vibration API to vibrate the device (and the external observer >>>> observes this and connects a particular web session with a particular >>>> device)? >>>> >>>> Looking at the spec, it just accepts a list of integers and vibrates >>>> the device or not. So, I don't see a way to fingerprint devices using >>>> this spec by taking advantage of "tiny imperfections during their >>>> manufacturing" (of accelerometers and gyroscopes). Maybe it's in >>>> conjunction with another API that that becomes revelant? (e.g., if you >>>> were recording audio, I bet vibrating the phone with a little training >>>> could allow you to characterize the surface it's on and possibly the >>>> type of phone and if it's in a case) >>>> >>>> I think maybe drop the first fingerprinting concern (maybe I don't >>>> understand it) but keep the second concern that it allows an external >>>> observer in physical proximity to associate a device with a web >>>> session by causing the device to vibrate using the API. (A possible >>>> mitigation to allowing for highly unique vibration patterns would be >>>> to make only simple vibrations possible.) >>>> >>>> If you've read this far, know that at some point we'll probably have >>>> to deal with eavesdropping via mobile gyroscopes... so not >>>> fingerprinting but full on identification of speaker information and >>>> parsing speech: >>>> >>>> https://crypto.stanford.edu/gyrophone/files/gyromic.pdf >>>> >>>> On Tue, Feb 16, 2016 at 10:39 AM, Chaals McCathie Nevile >>>> <chaals@yandex-team.ru> wrote: >>>>> Hi, >>>>> >>>>> the Device API group are considering proposing a revision of the Vibration >>>>> API, and one of the things they propose adding is a section on Security and >>>>> Privacy. >>>>> >>>>> The current proposal is >>>>> <https://github.com/anssiko/vibration/commit/48489c54e0b7ed80900e0906fa79803c8fa77069> >>>>> >>>>> The two things identified are that vibration can be picked up with e.g. >>>>> motion sensors in the same device for fingerprinting, and that a vibrating >>>>> device can be physicall observed externally. >>>>> >>>>> Wondering if anyone has further input. >>>>> >>>>> Cheers >>>>> >>>>> -- >>>>> Charles McCathie Nevile - web standards - CTO Office, Yandex >>>>> chaals@yandex-team.ru - - - Find more at http://yandex.com >>>>> >>>> >>>> >>>> >>>> -- >>>> Joseph Lorenzo Hall >>>> Chief Technologist, Center for Democracy & Technology [https://www.cdt.org] >>>> e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key >>>> Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 >>>> >>>> CDT's annual dinner, Tech Prom, is April 6, 2016! https://cdt.org/annual-dinner >>>> >>> >>> David Singer >>> Manager, Software Standards, Apple Inc. >>> >>> >>> >> > > > >
Received on Friday, 19 February 2016 09:23:48 UTC