2016-02-29 22:47 GMT+01:00 Joseph Lorenzo Hall <joe@cdt.org>: > On Mon, Feb 29, 2016 at 2:37 PM, David Singer <singer@apple.com> wrote: > >> > >> > >> So, is this API a fingerprint risk, or a beacon risk? > >> > >> It provides information > > > > that’s my puzzle. it provides almost no information at all. what > information does it provide? > > > > it can transmit information (e.g. the vibrate pattern), it can identify > a device ‘in a crowd’, and so on, but… > > I think this is semantic confusion. Lukasz here seems to be saying > through the API a developer provides vibration patterns to the device > which vibrates according to those patterns. So these are beacon > facilitating risks (a cookie value could be marshaled into a set of > vibration patterns and then picked up acoustically by another device > to register the first device was in acoustic proximity) > Actually, what I mean israther - probing accelerometer/gyroscope/etc sensors, which are known to differ from each others. This is basically an extraction of an identifier. Quintessential fingerprinting. > > -- > Joseph Lorenzo Hall > Chief Technologist, Center for Democracy & Technology [https://www.cdt.org > ] > e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key > Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 > > CDT's annual dinner, Tech Prom, is April 6, 2016! > https://cdt.org/annual-dinner >
Received on Monday, 29 February 2016 21:54:16 UTC