On 10/26/2012 06:12 PM, Martin Thomson wrote: > On 26 October 2012 05:58, Timothy B. Terriberry <tterriberry@mozilla.com> wrote: >> I was thinking more along the lines of providing an HTMLLevelMeter element, >> which would have the benefit of also being useful to developers who don't >> want to go through the difficulty of using the WebAudio API to compute mic >> levels manually. Though I'd be happy to delay such a thing until "version >> 2". > Having a meter element that is therefore protected in the same way > that a video output would be, could work. > > I'd suggest waiting. > >> The difficulty with exposing this via statistics is that now you've created >> a side-channel leaking information about the tainted streams with, I expect, >> roughly as much information about them as the much-hyped VBR information >> leak. > I was going to say the same thing. I'd go further than that and bet > that it is instead far more effective than the VBR leak. > The effectiveness is a good question; as far as I can tell, it depends on the granularity of the data and the ability to get a regular signal. At least in Chrome, I couldn't reliably get a callback to fire every 20 ms when I tried. But I'm happy with waiting; we've shown that there are multilple avenues to pursue here.Received on Sunday, 28 October 2012 08:30:00 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:17:34 UTC