- From: Joseph Lorenzo Hall <joe@cdt.org>
- Date: Mon, 29 Feb 2016 14:47:46 -0700
- To: David Singer <singer@apple.com>
- Cc: "Lukasz Olejnik (W3C)" <lukasz.w3c@gmail.com>, Chaals McCathie Nevile <chaals@yandex-team.ru>, Frederick Hirsch <w3c@fjhirsch.com>, W3C Device APIs WG <public-device-apis@w3.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
On Mon, Feb 29, 2016 at 2:37 PM, David Singer <singer@apple.com> wrote: >> >> >> So, is this API a fingerprint risk, or a beacon risk? >> >> It provides information > > that’s my puzzle. it provides almost no information at all. what information does it provide? > > it can transmit information (e.g. the vibrate pattern), it can identify a device ‘in a crowd’, and so on, but… I think this is semantic confusion. Lukasz here seems to be saying through the API a developer provides vibration patterns to the device which vibrates according to those patterns. So these are beacon facilitating risks (a cookie value could be marshaled into a set of vibration patterns and then picked up acoustically by another device to register the first device was in acoustic proximity) -- Joseph Lorenzo Hall Chief Technologist, Center for Democracy & Technology [https://www.cdt.org] e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 CDT's annual dinner, Tech Prom, is April 6, 2016! https://cdt.org/annual-dinner
Received on Monday, 29 February 2016 21:48:36 UTC