W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > October 2019

Re: [webrtc-stats] Exposing RTCIceCandidateStats.networkType might trigger fingerprinting (#374)

From: pes via GitHub <sysbot+gh@w3.org>
Date: Thu, 31 Oct 2019 20:12:15 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-548549161-1572552734-sysbot+gh@w3.org>
Just to second what was said at TPAC, and to second @youennf 's point.  Strong vote to remove the end point all together, for several reasons:

1) Its first hop, so its not going to be useful in almost all cases
2) It leaks hardware info, and since there is no permission that maps onto this hardware info, thats a hardline that shouldn't be crossed
3) More than just fingerprinting, you could likely use this info + IP to learn people's work, and maybe home too, etc (e.g. anywhere thats frequently visited + ethernet is work or home).  The privacy cost to this feature is very high.

-- 
GitHub Notification of comment by snyderp
Please view or discuss this issue at https://github.com/w3c/webrtc-stats/issues/374#issuecomment-548549161 using your GitHub account
Received on Thursday, 31 October 2019 20:12:17 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:22:29 UTC