Re: [mediacapture-main] Bug in spec: circular dependency for enumerateDevices() (#709)

> > The upsides of the change:
> > 
> > * a perceived "privacy enhancement" around capture indicators
> 
> No.
> The upsides are noticeable privacy enhancements that have been positively welcomed by privacy experts.
> See [#709 (comment)](https://github.com/w3c/mediacapture-main/issues/709#issuecomment-686409911) for some benefits.

It's a regression in the conversation to again refer to the benefits of not exposing device IDs for fingerprinting. That is not what is in question here; nobody has, or is, questioning that.

We must be more precise of the exact benefit if we are to further this discussion; because it's not possible to respond to "privacy reasons" by "privacy experts".

I previously asked if you could clarify the additional privacy of requiring a web page to **successfully** open some device (an additional event which happens after permission is given by the user). You centred on this being that a capture indicator would be present in the browser.

But subsequently we both agreed a web page could do some capture and then use enumerateDevices() after. So the possibilty of a web page doing enumerateDevices() without a capture indicator is always there. This is what I meant by "benefits cannot be realised in practice".

(And, elsewhere the 'workaround' is exactly that: a generic getUserMedia({audio:true}) and then close the stream)

I am trying to advance the conversation by demonstrating (for now) that, given these steps:

1. getUserMedia
1. permissions check: user may be prompted
1. device gets successfully opened

there is no upgrade in privacy happens after the completion of step 2. Waiting for step 3, which the spec forces, has no privacy benefit.

But you are saying there is? Can you clarify exactly what the specific benefit is?

-- 
GitHub Notification of comment by hills
Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/709#issuecomment-688406537 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 7 September 2020 15:53:14 UTC