- From: Mark Seaborn <mseaborn@chromium.org>
- Date: Thu, 10 Jun 2010 11:10:42 -0700
- To: public-webapps@w3.org
- Cc: Jonas Sicking <jonas@sicking.cc>
Received on Thursday, 10 June 2010 18:11:12 UTC
On Thu, Jun 10, 2010 at 10:04 AM, Jonas Sicking <jonas@sicking.cc> wrote: > For what it's worth, it's unlikely that we at mozilla will implement > this anytime soon, if at all. We're currently working on trying to > reduce the ability to fingerprint [1] and this would be a step in the > wrong direction for us. This is based on discussions with security > folks here, so it's possible that others at mozilla has different > opinions, but I still think it's unlikely that this will get past our > security reviews for now. > While I'm very much in favour of reducing the browser fingerprint, I suspect that if you expose non-determinism via concurrent message-passing between web workers, a web app can probably work out how many cores the machine has. It can spawn multiple web workers, send many messages, and look at the message interleaving. (Do web workers have access to any high resolution timers that would make this easier?) That said, just because it's possible to get this information doesn't mean it should be made easy. Cheers, Mark
Received on Thursday, 10 June 2010 18:11:12 UTC