snyderp has just created a new issue for https://github.com/w3c/webrtc-stats: == Stats API should require additional permission / user opt-in == The stats collected by this API enable two new privacy harms / risks. This spec should enable the main uses of WebRTC, without automatically exposing these additional risks. a) Leaking communication / plain text Prior work (e.g. http://www.cs.unc.edu/~fabian/papers/foniks-oak11.pdf) has shown that you can recreate the plain text content of an encrypted, dTLS encoded audio conversation, based on patterns in packet size, frequency, etc. The fine level network information exposed by this API seems to be sufficient to re-carry out this attack. If this is needed for analysis / quality control / etc use, the API should limit it to these special cases (additional permission, for example). b) Hardware fingerprinting `decoderImplementation`, the `codec` data point, etc reveal information about the underlying hardware beyond what's identified by `getUserMedia` Please view or discuss this issue at https://github.com/w3c/webrtc-stats/issues/550 using your GitHub accountReceived on Tuesday, 18 February 2020 20:49:12 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 6 May 2023 21:19:50 UTC