Re: Why does screen sharing require a browser extension?

Justin Uberti wrote:
> Others have already made the points I was going to, but I'll summarize:
> - Screensharing is more dangerous than webcam access, because the attacker can
> record the screen, AND control what is displayed on it.
> - It only takes one frame to capture sensitive information - far less than
> would be noticeable by a user.
> - Requiring unambiguous opt-in for sharing, and being able to remotely disable
> bad actors, are therefore the best hope of security.

I¹m following you and agree up until this point.

> - To opt in, the user will need to install an app or extension, and when
> actually sharing, select the window/desktop to be shared from a consent box.
> - Installing through an app store is an explicit grant of trust by the user to
> the application (similar to installing a desktop app). Visiting a web page is
> not.

What you¹re saying here is that because of the wide scope of rights that may
be granted here (one could argue that they are potentially as broad as those
of installing a native application or bypassing sandbox rules entirely), we
want to have strong, informed user consent, and the ability for curation
(I.e. vendor-managed whitelisting or blacklisting).

But doesn¹t your proposed mechanism ultimately take these consent mechanisms
outside of the scope of WebRTC, and force developers to develop, submit, and
manage things through many proprietary mechanisms (chrome app store, Apple
Developer program, Microsoft Store, etc etc)?    Wouldn¹t it be better to
standardize this as well, so that developers can build a standards-compliant
WebRTC application, which supports this capability ‹ safely?

It feels like we¹re punting here, and saying that anything having to do with
screen-savings can¹t be webrtc, it needs to be proprietary.

-SteveK