- From: Justin Uberti <juberti@google.com>
- Date: Mon, 25 Nov 2013 15:58:27 -0800
- To: cowwoc <cowwoc@bbs.darktech.org>
- Cc: Martin Thomson <martin.thomson@gmail.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>
- Message-ID: <CAOJ7v-1gJGgAxNemn-nxL1SH3GdjeB7YvCNo59cWuhMNJHYL+w@mail.gmail.com>
Others have already made the points I was going to, but I'll summarize: - Screensharing is more dangerous than webcam access, because the attacker can record the screen, AND control what is displayed on it. - It only takes one frame to capture sensitive information - far less than would be noticeable by a user. - Requiring unambiguous opt-in for sharing, and being able to remotely disable bad actors, are therefore the best hope of security. - To opt in, the user will need to install an app or extension, and when actually sharing, select the window/desktop to be shared from a consent box. - Installing through an app store is an explicit grant of trust by the user to the application (similar to installing a desktop app). Visiting a web page is not. On Mon, Nov 25, 2013 at 12:23 PM, cowwoc <cowwoc@bbs.darktech.org> wrote: > On 25/11/2013 3:20 PM, Martin Thomson wrote: > >> On 25 November 2013 12:13, cowwoc <cowwoc@bbs.darktech.org> wrote: >> >>> Pick colors which no one is color-blind to. >>> Your friend *saw* the border, he just didn't know what it meant. I am >>> willing to bet that if it pulsed, he'd definitely see it. >>> If you add the alert icon with the tooltip as Java did, there would be no >>> confusion as to the meaning of the border. I've used this feature live >>> and I >>> can tell you it was very easy to understand. >>> >> I'm fairly certain that doesn't work either. The problem, of which I >> provided a specific example, is something that I will call "chrome >> blindness". Users don't notice this stuff. Despite 15+ years of >> training, the lock icon still doesn't work as advertised. >> > > But the border is flashing! :) Anyway, I'd argue an extension is even > worse. You install it once and forget what it is actively recording. It > might not be malicious but you could still mistakenly share some pretty > embarrassing stuff. > > > How does requiring each app to publish a separate extension on Chrome >>> Store >>> scale any better? >>> >> Justin's example might scale, depending on how app stores are managed. >> > > I don't get it then. What did you mean by "it doesn't scale" with respect > to having the AppStore approve/ban SSL certificates associated with apps? > After all, the way apps are approved in the first place is by signing them > and approving the certificate. So how is this any different? This is just > an AppStore where the user does not need to explicitly install an app. All > other steps remains identical. > > Gili > >
Received on Monday, 25 November 2013 23:59:15 UTC