W3C home > Mailing lists > Public > public-webrtc@w3.org > November 2013

Re: Why does screen sharing require a browser extension?

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 25 Nov 2013 12:02:24 -0800
Message-ID: <CABkgnnXX-7R0Xwo8gvxd9rr6+H1SDFyh_YZAnaCQAKRjqY=Mww@mail.gmail.com>
To: cowwoc <cowwoc@bbs.darktech.org>
Cc: "public-webrtc@w3.org" <public-webrtc@w3.org>
On 25 November 2013 11:44, cowwoc <cowwoc@bbs.darktech.org> wrote:
> The only way I can see this happening is for secure websites that do not
> require user interaction (meaning, you checked "automatically log me in from
> this computer"). So yes, in such a case I definitely see a security risk but
> that brings up the question: why not just target the intersection of screen
> capturing, iframes and cross-site requests? Screen capturing should not be
> allowed to capture hidden elements, or the contents of cross-site requests.
> Moving this into an extension doesn't really solve the problem.

That is incorrect.  Confidential information isn't just restricted to
stuff that is shown when you are logged in.  And, this presupposes
that you don't have concurrent uses of sites where you can be screen
sharing in one and in a private/sensitive session in another.

>> How exactly were you going to identify an application as malicious?
>> After they steal someone's life savings?  Keep in mind that it's only
>> the matter of milliseconds to stand up a new site with a new
>> certificate.
>
> This contradicts Justin's argument as I understood it. He stated that by
> moving the code from JS into a browser extension Google could ban malicious
> apps as they are found. I don't see the difference between enforcing bans by
> way of extensions or by way of having developer asking the app store to
> approve their application (point to an external address + SSL certificate)
> and then if the application is found to be malicious simply ban all apps
> associated with the SSL certificate. This way Google still gets to review
> apps, ban the ones that are malicious, and users don't need to go through
> the hassle of installing a plugin.

I might disagree with Justin (might) about the level of protection
that is afforded the user by the "install" process.  That is true.
TLS doesn't help you here.
Received on Monday, 25 November 2013 20:02:53 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:36 UTC