ISSUE-64: "Generic" sensors may permit discovering sensitive information
hidingIsHard
"Generic" sensors may permit discovering sensitive information
- State:
- CLOSED
- Product:
- System Information and Events API
- Raised by:
- Thomas Roessler
- Opened on:
- 2010-01-06
- Description:
- Generic sensors, e.g., discovery of nearby wireless networks, MAC addresses of access points, etc may permit localizing the device (and its user). Access control policies for such sensors need to be aligned with access to the more sensitive information that can be inferred.
I suspect that a piece of this issue is really a question for the policy work; as far as the system info API is concerned, this issue feeds into security considerations and is another reason why the network information API should be removed from the specification. - Related Actions Items:
ACTION-115 on Thomas Roessler to Add warning to sysinfo re fingerprinting privacy risk - due 2010-03-23, closedACTION-173 on Dzung Tran to Implement privacy changes noted by alissa, see http://lists.w3.org/Archives/Public/public-device-apis/2010May/0072.html - due 2010-05-26, closedACTION-174 on Alissa Cooper to Will provide an initial analysis of privacy-sensitive properties of Network interface in Sysinfo - due 2010-05-26, closedACTION-175 on Max Froumentin to Implement the maxAddress/SSID resolution - due 2010-06-02, closedACTION-330 on John Morris to Review SysInfo privacy considerations section, and ISSUE-64 on "generic" - due 2011-01-26, closed- Related emails:
- Close ACTION-251 and ACTION-330? (from Frederick.Hirsch@nokia.com on 2011-04-06)
- RE: Agenda - Distributed Meeting 2011-04-06 (from niklas.widell@ericsson.com on 2011-04-06)
- RE: Agenda - Distributed Meeting 2011-04-06 (from cecile.marc@orange-ftgroup.com on 2011-04-06)
- Regrets: Agenda - Distributed Meeting 2011-04-06 (from jmorris@cdt.org on 2011-04-05)
- Agenda - Distributed Meeting 2011-04-06 (from Frederick.Hirsch@nokia.com on 2011-04-05)
- RE: Regrets (was RE: Agenda - Distributed Meeting 2011-02-02) (from laszlo.1.gombos@nokia.com on 2011-02-02)
- Regrets (was RE: Agenda - Distributed Meeting 2011-02-02) (from schitturi@rim.com on 2011-02-01)
- Agenda - Distributed Meeting 2011-02-02 (from Frederick.Hirsch@nokia.com on 2011-02-01)
- ISSUE-64 - propose to close (from Frederick.Hirsch@nokia.com on 2011-01-24)
- Proposed SysInfo updates and notes for actions/issues (from blsaws@gmail.com on 2011-01-19)
- Privacy related issues - next steps (from Frederick.Hirsch@nokia.com on 2011-01-19)
- R: Agenda - Distributed Meeting 2010-12-01 (from marco.marengo@telecomitalia.it on 2010-12-01)
- RE: Agenda - Distributed Meeting 2010-12-01 (from jmorris@cdt.org on 2010-12-01)
- RE: Agenda - Distributed Meeting 2010-12-01 (from niklas.widell@ericsson.com on 2010-12-01)
- Agenda - Distributed Meeting 2010-12-01 (from Frederick.Hirsch@nokia.com on 2010-11-30)
- Draft Minutes F2F Day 2, 2010-03-17 (from frederick.hirsch@nokia.com on 2010-03-18)
- ISSUE-64 (hidingIsHard): 'Generic' sensors may permit discovering sensitive information [System Information and Events API] (from sysbot+tracker@w3.org on 2010-01-06)
Related notes:
closed, per http://lists.w3.org/Archives/Public/public-device-apis/2011Jan/0098.html
Frederick Hirsch, 7 Feb 2011, 20:19:00Display change log