- From: Harald Alvestrand <harald@alvestrand.no>
- Date: Tue, 26 Nov 2013 09:42:29 +0100
- To: public-webrtc@w3.org
- Message-ID: <52945EF5.5060905@alvestrand.no>
On 11/26/2013 09:09 AM, cowwoc wrote: > Hi Justin, > > On 25/11/2013 6:58 PM, Justin Uberti wrote: >> Others have already made the points I was going to, but I'll summarize: >> - Screensharing is more dangerous than webcam access, because the >> attacker can record the screen, AND control what is displayed on it. > > Agreed but only if you interpret screen-sharing as co-browsing. It is > possible to limit screen-sharing to read-only screen recording, > without the ability to control what is being displayed on it, in which > case none of these security concerns exist. Gili, it's a JAVASCRIPT APPLICATION. What Javascript applications do in general is to control what the browser shows on the screen. Unless you want to limit screencasting to 'casting everything EXCEPT for the browser (a very marginal use case, and totally inconsistent with everything people are currently deploying screencasting for), the Javascript will be able to control whatever Javascript is usually able to control. Please think this through.
Received on Tuesday, 26 November 2013 08:42:58 UTC