W3C home > Mailing lists > Public > public-webrtc@w3.org > November 2013

Re: Why does screen sharing require a browser extension?

From: Steve Kann <stevek@stevek.com>
Date: Tue, 26 Nov 2013 11:22:24 -0500
To: Justin Uberti <juberti@google.com>, cowwoc <cowwoc@bbs.darktech.org>
CC: Martin Thomson <martin.thomson@gmail.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>
Message-ID: <CEBA140A.4A75B%stevek@stevek.com>

Justin Uberti wrote:
> Others have already made the points I was going to, but I'll summarize:
> - Screensharing is more dangerous than webcam access, because the attacker can
> record the screen, AND control what is displayed on it.
> - It only takes one frame to capture sensitive information - far less than
> would be noticeable by a user.
> - Requiring unambiguous opt-in for sharing, and being able to remotely disable
> bad actors, are therefore the best hope of security.

Išm following you and agree up until this point.

> - To opt in, the user will need to install an app or extension, and when
> actually sharing, select the window/desktop to be shared from a consent box.
> - Installing through an app store is an explicit grant of trust by the user to
> the application (similar to installing a desktop app). Visiting a web page is
> not.

What youšre saying here is that because of the wide scope of rights that may
be granted here (one could argue that they are potentially as broad as those
of installing a native application or bypassing sandbox rules entirely), we
want to have strong, informed user consent, and the ability for curation
(I.e. vendor-managed whitelisting or blacklisting).

But doesnšt your proposed mechanism ultimately take these consent mechanisms
outside of the scope of WebRTC, and force developers to develop, submit, and
manage things through many proprietary mechanisms (chrome app store, Apple
Developer program, Microsoft Store, etc etc)?    Wouldnšt it be better to
standardize this as well, so that developers can build a standards-compliant
WebRTC application, which supports this capability ‹ safely?

It feels like wešre punting here, and saying that anything having to do with
screen-savings canšt be webrtc, it needs to be proprietary.

Received on Wednesday, 27 November 2013 07:09:05 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:36 UTC