- From: David Barrett-Kahn <dbk@google.com>
- Date: Fri, 16 Nov 2012 15:26:02 -0800
- To: Ian Hickson <ian@hixie.ch>
- Cc: whatwg@lists.whatwg.org
Thanks Ian. So here's what confuses me, why is the bar so much higher for traditional webapps than it is for browser extensions, chrome apps, native apps, mobile apps or nearly anything else? Extensions, chrome apps, and mobile apps have a consent experience, but it's hard to argue that users are making an informed decision there and that the consent experience really protects them. Native apps have no consent experience at all. I guess I'm hoping you can point me to some guidelines you've developed or which you agree with on where the limits of the web sandbox should be. I'd rather not force you to re-have a discussion I'm sure you've had far too many times :-) Regards, -Dave On Fri, Nov 16, 2012 at 10:06 AM, Ian Hickson <ian@hixie.ch> wrote: > On Thu, 15 Nov 2012, David Barrett-Kahn wrote: > > > > Ian, I'd be interested in what you had in mind when you said 'a lot of > > user opt-in'. > > I don't know, exactly. It has to be something where we're confident that > the user understands that he is about to send sensitive information to a > stranger. > > The concern isn't when this is used by a company like Apple or Facebook; > the worst such companies are going to do with sensitive data is target ads > better or make their products more streamlined. The concern is when some > attacker wants to get information about your company's intranet's > topology, or wants to know what potentially vulnerable plugins or > extensions you have installed, or wants to know what software you are > running, so that they can more precisely target you. Such an attacker can > trivially provide you with a game to play, and then have the game crash, > misleading you into thinking they're a perfectly honest game developer and > causing you to eagerly send them all the sensitive information they want. > > These are not hypothetical concerns. Over the last few years, targetted > attacks of this nature have become much more common and are a real threat. > > -- > Ian Hickson U+1047E )\._.,--....,'``. fL > http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. > Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.' > -- -Dave
Received on Friday, 16 November 2012 23:37:08 UTC