- From: Roman Shpount <roman@telurix.com>
- Date: Thu, 9 Jan 2014 10:01:48 -0500
- To: Eric Rescorla <ekr@rtfm.com>
- Cc: Alex Gouaillard <alex.gouaillard@temasys.com.sg>, cowwoc <cowwoc@bbs.darktech.org>, "public-webrtc@w3.org" <public-webrtc@w3.org>
- Message-ID: <CAD5OKxvbaEGDnV0E9q2oOi=_E2B=Q=gMXdZ_sC9BH2pRuKAsLg@mail.gmail.com>
On Thu, Jan 9, 2014 at 12:49 AM, Eric Rescorla <ekr@rtfm.com> wrote: > I'm not sure what you're arguing here. Nobody says it's not > a useful feature, but that doesn't make the security problems > vanish. Similarly, nobody is saying that the browsers won't > support this feature but I don't believe we're ready to offer > it with the same low level of informed consent that is used > for camera and microphone. Perhaps Justin will correct me > if Chrome has different plans.../ > I also do believe that screen sharing which does not require plugin install is required for real applications. As far as security is concerned, I always thought that the best you can do with screen sharing in the browser is to make the user explicitly pick what is shared every time screen sharing is started and show some sort of indication around the window when screen sharing is running. To start with I would even be fine with one window at a time sharing (ie no desktop or monitor level sharing). The problem I always had with plugins was, on one hand, that in enterprise environment users will never install them unless they get approval from the IT department, which practically means never for users in large companies and products from smaller companies. On the other hand, if application provided via a plugin is allowed to share screen without user consent, and if this application provides any sort of API to integrate with other sites, attacker site can use this API to look at user screen via a third party app. In other words, if Big Screen Sharing Company has a plugin installed in a lot of user computers, and if Big Screen Sharing Company provides an API for their conferencing client to be embedded in other sites via iframe, attacker can embed the screen sharing client and start spying on the user unless there is a clear confirmation screen is presented to the user each time screen sharing is started. _____________ Roman Shpount
Received on Thursday, 9 January 2014 15:02:18 UTC