- From: cowwoc <cowwoc@bbs.darktech.org>
- Date: Wed, 27 Nov 2013 15:34:37 -0500
- To: Martin Thomson <martin.thomson@gmail.com>, Steve Kann <stevek@stevek.com>
- CC: Justin Uberti <juberti@google.com>, Lorenzo Miniero <lorenzo@meetecho.com>, Silvia Pfeiffer <silviapfeiffer1@gmail.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>
On 27/11/2013 2:41 PM, Martin Thomson wrote: > On 27 November 2013 10:38, Steve Kann <stevek@stevek.com> wrote: >> After reading through some more of this thread, allowing remote keyboard >> mouse events doesn’t actually seem that much more dangerous than allowing an >> app which can view the screen to also be able to operate the browser (the >> case of navigating to the bank, and capturing the display). > If you believe that, I don't really know what I can say to convince > you otherwise. I don't know how I can prevent an app with remote > control privileges from - for example - deleting all my files. Or > looking at them, or modifying them. (That includes my SSH private > key, my tax files, my password safe, you name it). I think that I can > prevent an app from accessing sudo-protected administration functions. > Maybe. But that's not much consolation. > > I won't say categorically that I won't be supportive of remote control > functions, but until someone presents a MUCH stronger set of > safeguards, I do not believe that user consent is sufficient > protection. You are going to need to do a lot better than entreaties > to "think of the poor application designer". I think we want to support "remote control by user" versus "remote control by remote application". It's a lot harder to pull off malicious behavior when it's done manually by a user (e.g. the problem with hidden iframes disappears). The problem is I can't of a way to differentiate between the two :) Gili
Received on Wednesday, 27 November 2013 20:35:52 UTC