W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > February 2019

Re: [mediacapture-main] Mitigate fingerprinting from OverconstrainedError in gUM(). (#564)

From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
Date: Thu, 21 Feb 2019 14:14:11 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-466014183-1550758449-sysbot+gh@w3.org>
@alvestrand Yes, in fact I originally wrote that demo to show @youennf *getUserMedia* leaks the same info as *enumerateDevices()* as [he wants to make enumerateDevices() more fingerprint-safe](https://github.com/w3c/mediacapture-main/issues/559#issuecomment-456598662) than today.

This [equivalence is a problem](https://github.com/w3c/mediacapture-main/issues/559#issuecomment-456990813) if we want to move the needle on fingerprinting. It may not seem like a problem if we want the spec to stay where it is... *except*:

It sometimes leaks more info than *enumerateDevices()*:

 1. My demo bypasses *enumerateDevices()'s* [[storedDeviceList]] and time-fuzzing mitigations in browsers that allow *getUserMedia* calls to fulfill in background-tabs without focus. I.e. a background tab can detect fairly accurately when a device is inserted or removed, and time-correlate this across domains, even between regular and private browsing, to identify someone on multiple sites as the same individual.

 2. As @youennf showed [above](https://github.com/w3c/mediacapture-main/pull/564#issuecomment-463712683), the same trick can be used to bypass the "empty dictionary" mitigation of [deviceInfo.getCapabilities()](https://w3c.github.io/mediacapture-main/getusermedia.html#dom-inputdeviceinfo-getcapabilities), to leak detailed device information, like width, height and frame-rate, pre-initial-grant.

So I claim we need to address this and https://github.com/w3c/mediacapture-main/issues/561, to even keep the needle where we thought it was.

-- 
GitHub Notification of comment by jan-ivar
Please view or discuss this issue at https://github.com/w3c/mediacapture-main/pull/564#issuecomment-466014183 using your GitHub account
Received on Thursday, 21 February 2019 14:14:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 4 June 2019 15:32:55 UTC