W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > July 2019

[mediacapture-main] fixed, per origin, device ID creates tracking risk (#607)

From: pes via GitHub <sysbot+gh@w3.org>
Date: Tue, 09 Jul 2019 19:39:38 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issues.opened-465951949-1562701174-sysbot+gh@w3.org>
snyderp has just created a new issue for https://github.com/w3c/mediacapture-main:

== fixed, per origin, device ID creates tracking risk ==
Problem:
The presence of fixed device IDs creates a signfigant tracking, privacy risk.  This risk is somewhat mitigated by tying their lifetime to cookies, but this in practice is insufficient, since many privacy systems protect their users w/o clearing cookie stores (e.g. Safari's ITP, Brave enforces a fixed life time on JS set cookies, etc.).

In general, fixed id's are dangerous for privacy.

Possible solution:
One possible way of addressing this issue would be to not use unique ID's but to just number them (1, 2, 3).  The browser could keep track of if the current device set, and if it changes, re-prompt the user for permission if the device set has changed since the site last asked for access.

Alt possible solution:
Double key deviceIds to local, top level frame.  [Prior discussion with PING states that this was completed](https://www.w3.org/2016/03/getusermedia-wide-review.html#ping) but I don't see this anywhere in the spec (which says deviceIds [must be unique by origin](https://w3c.github.io/mediacapture-main/getusermedia.html#device-info), not double keyed).

Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/607 using your GitHub account
Received on Tuesday, 9 July 2019 19:39:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:22:25 UTC