W3C home > Mailing lists > Public > whatwg@whatwg.org > January 2011

[whatwg] Device Element

From: Aryeh Gregor <Simetrical+w3c@gmail.com>
Date: Mon, 3 Jan 2011 17:38:54 -0500
Message-ID: <AANLkTimUybVtdW1uP_ohaje7cbAd+sQpgCEUkQLF8w6W@mail.gmail.com>
On Mon, Jan 3, 2011 at 4:45 PM, Diego Perini <diego.perini at gmail.com> wrote:
> So next question is why allow Adobe Flash and plug-ins in general to
> do that wildly and not allow others to have the same capability and be
> so paranoid about security when that is already broken by other means
> at higher levels ?

If something is available in HTML, any website can run it.  Websites
can't just install plugins.  The only way for them to install plugins
is by getting the user to run an executable, which browsers put lots
of scary "be careful" signs around just like for any other downloaded
executable.  If the website can get the user to install a plugin, it
can get them to run any program, so there's no security at all from
that point forward.

Yes, HTML features can require user confirmation, like geolocation
usually does.  But the kind of mild confirmation needed for
geolocation is not suitable for allowing arbitrary file read/write
access.  The latter would require much scarier-looking permission, in
fact about as much as installing a program, since it would be trivial
to escalate to arbitrary code execution.  We don't want to encourage
websites to pop up warnings like that all the time, because 1) many
users won't give permission, which makes the feature much less useful
to authors; and 2) it desensitizes users so they click yes all the
time.

So this is really apples and oranges.  Part of the point of the web is
it's relatively safe.  You can't compare web platform features to
arbitrary code like plugins.  This sort of feature will probably come
in time, driven by Chrome OS if nothing else, but it will have to be
thought out carefully to balance security against usability.
Received on Monday, 3 January 2011 14:38:54 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:29 UTC