- From: Seth Brown <learc83@gmail.com>
- Date: Tue, 28 Dec 2010 19:44:09 -0500
First I'd like to point out that accessing hardware is already possible through ActiveX, and I think I've heard of some people doing it with XUL. I would like to standardize these hardware interactions. I don't think it should be done without strict security measures, but the ones mentioned in Roger H?gensen's reply would be sufficient to make this doable. Further security could be implemented by requiring the user to change a setting in the preferences pane, and then specifying a whitelist of devices and sites. Also it should be possible to allow an administrator to set policies to block the browser from accessing usb/RS232. Any software that you install has the ability to jump in and take control of RS232 devices. I see no more vulnerability if a user is required to explicitly grant permission to access a device than if a site prompts a user to install software that does the same thing. Either way the action wouldn't be taken until the user consents. At some point it is going to be necessary for the web apps to interact with hardware. The whole point of the chrome OS is portability. If it relies on installed apps for functionality then it isn't really portable. One of the main advantages of a system like that is that, for example, I can log into any supported device and now I'm logged into MY computer -- everything is the same as it was with the computer at my house, and I can start working without downloading who knows how many apps. I hate the concept of platform specific apps and I think that once HTML5 if fully implemented apps will start to disappear. The only real hurdle left is hardware interaction, but it will happen at some point. Why don't we make sure it gets done right? I'm going to start working on a concrete proposal. I've never written one before, so any advice would be appreciated -- should I just look through other completed specs and format it accordingly? -Seth
Received on Tuesday, 28 December 2010 16:44:09 UTC