Re: [mediacapture-screen-share] API for Grabbing a Screenshot (#160) from Elad Alon via GitHub on 2021-04-22 (public-webrtc-logs@w3.org from April 2021)

From: Elad Alon via GitHub <sysbot+gh@w3.org>
Date: Thu, 22 Apr 2021 21:50:54 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-825207823-1619128252-sysbot+gh@w3.org>

> A site could do [this](https://jsfiddle.net/jib1/hxzs3to0/show) for example.

IIUC, this is an argument against attempting to detect suspicious behavior through low opacity. The demo demonstrates another attack, and implies that there are too many tricks for us to write heuristics against. It is a good argument and I take the lesson to heart.

A question remains - what social-engineering could be employed to convince the user to approve a screenshot, and would such social-engineering trick a reasonable user?

-- 
GitHub Notification of comment by eladalon1983
Please view or discuss this issue at https://github.com/w3c/mediacapture-screen-share/issues/160#issuecomment-825207823 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 22 April 2021 21:50:57 UTC