- From: Fred Andrews <fredandw@live.com>
- Date: Sat, 22 Sep 2012 08:27:34 +0000
- To: "whatwg@lists.whatwg.org" <whatwg@lists.whatwg.org>
engineer solutions to reduce covert sharing of user agent state. One more sponsor is currently needed to get this group started, so if this issue if of interest to you then please see: http://www.w3.org/community/groups/proposed/#pua The goals of the group are largely technical and the motivation is actually outside the scope of the work but some reasons to be interested in this work are to reduce the fingerprint surface and to draw a line between the open web and the privacy of our personal computer. Currently JS can access a lot of information that identifies our online presence and can leak this out through a range of back channels, and there are other sources of leaks. This information is being used to track our inline presence and solutions such as DNT are only effective if respected. This information could also include a snapshot of your web page complete with the effects of any local customizations or extensions - you webpage is hardly private. With the web becoming a platform to deliver applications this leaky design becomes an even great threat to our privacy. Further new web standards are being built on this leaky standard and have no motivation for considering the covert sharing of UA state and are just adding to it. The technology to preserve our privacy is even being patented which could have rediculious effects. The burden on sponsors should be relatively low as the matters are largely engineering and much of the work is expected to take place in a public mailing list. Developing the designs in public under the W3C Patent Policy may help protect against patents on such technology and help bring better awareness of the issues and solutions to other groups. Help sponsoring this group would be appreciated. The new group will not be addressing privacy policy matters or mechanisms for users to declare tracking or privacy preferences to servers or content providers. The group will focus on engineering solutions to reduce the covert sharing of the UA state and it is expected that proposals will be largely testable against their effectiveness at achieving this while preserving functionality and convenience for users. It would appear that these goals can not be achieved without some restrictions which will inevitable cause some loss of functionality. The development of designs and extensions to mitigate such loss is proposed to be within the scope of the group. Some examples of the approach I advocate as a starting point may help you decide if they wish to be involved: * Javascript has access to a wide range of information about the UA and has access to communication channels to leak this information. Limiting access to such information and/or limiting the back channels will be explored. For example, development could proceed by limiting JS from access to any back channels. This would result in a lot of loss of functionality, but from this staring point we could develop designs and extensions to mitigate some of the loss of functionality. For example, exploring if any access can be reopened on account of users having explicitly knowledge of the transmission of the information. An example extension might be a declared schedule of resources to load that could replace JS that is currently used to load images for sideshows or used to load resources for animated or revolving advertising. Such a restricted user agent could still support general browsing and content consumption, online shopping and payment, online banking, blogs, and a range of JS powered web apps. It would certainly be more functional than a UA with JS disabled. Web apps that depend on JS pulling in resources, such as AJAX designs, would not be supported with such restrictions, however the group could explore extensions to replace common patterns of lost functionality. * CSS media queries can expose private UA information by selectively loading resources. This could be solved by loading all resources before media queries are applied and developing alternatives to media queries. For example, dependence on a media query for the selection of high contrast or black and white images might be reduced by a CSS extension to declare image color and contrast transforms that would suit such devices. There are obviously lots of other areas to address and scrutinize for leaks, but this should gives some idea of the general approach. If you can help in some manner your participation would be welcomed. cheers Fred
Received on Saturday, 22 September 2012 08:28:01 UTC