- From: Philipp Hancke <fippo@goodadvice.pages.de>
- Date: Wed, 27 Feb 2019 08:36:59 +0100
- To: public-webrtc@w3.org
Am 07.02.19 um 19:05 schrieb youenn fablet: > As shown by https://www.chromestatus.com/metrics/feature/timeline/popularity/1119 <https://www.chromestatus.com/metrics/feature/timeline/popularity/1119>, enumerateDevices is probably used for fingerprinting purposes. > A thread started on GitHub (https://github.com/w3c/mediacapture-main/issues/559 <https://github.com/w3c/mediacapture-main/issues/559>) to tackle this issue. I took a look at some of the less... suspicious urls in the httparchive list. landrover.it includes https://static.vee24.com/v24/veedesk/v24Embedded.js which has a function getCapabilities. This is a "live customer engagement" vendor which suggests the classic "live chat with an agent about the questions you have" use-case. This use-case has been pitched as one of the things WebRTC enables since the early days (https://vimeo.com/47682405 shows it at 2:40, the slide is even older). Typically the option to have a video chat would only be shown if the user has a camera and microphone which is the reason for using enumerateDevices. Whether this use-case justifies gathering that data from *all* website visitors is probably a question for data protection agencies. I couldn't think of anything edgy with dodocase.com so... its a shop for ipad covers and includes https://cdn.justuno.com/mwgt_4.1.js?v=1.96 which seems to be some conversion rate optimization tool. It uses enumerateDevices to generate fingerprinting information. The enumerateDevices bit is fairly simple and concatenates deviceIds and kind. \_(ʘ_ʘ)_/
Received on Wednesday, 27 February 2019 07:37:29 UTC