Re: [mediacapture-main] Spec does no handle fingerprinting related to exposing non default capture devices (#559)

> Pre-first-grant:

I think fixing for this case is reasonable. The rest of this post is about the *pre-subsequent-grant* case, because you specifically mentioned not wanting to implement (b) earlier.

I assume we're only talking about cross-site fingerprints, because:
localStorage.fingerprint = Math.random().toString(36);
.. and if user clears cookies [1] then go to "Pre-first-grant". Otherwise:

> > Pre-subsequent-grant:
> > ...
> > 3. 99% of the time, enumerateDevices() leaks no more than getUserMedia() probing.

Here, I should have written:

 3. 99% of the time, enumerateDevices() leaks no more than JS already knows through cookies.

...since most users probably rarely change their config. For them, JS already has a reliable cross-site fingerprint: Labels of all cameras, as well as all capabilities of cameras used.

I agree this fingerprint is unreliable for a (small) sub-population who might plug/unplug USB cameras occasionally, and that sites might use *enumerateDevices()* to update this fingerprint for this sub-population from working some of the time, to all of the time. I also agree that, these configs being rare, their fingerprinting value is higher.

Do I have the value-add right?

[[1]]( *"The "device-info" permission MUST be revoked when deviceIds for an origin are reset. "*

GitHub Notification of comment by jan-ivar
Please view or discuss this issue at using your GitHub account

Received on Thursday, 24 January 2019 19:03:31 UTC