waiting a minute to see if we get GamePad API reps joining...
<jnovak> WoT outreach?
<weiler> ACTION: Christine will invite WoT people to next call.
<trackbot> Created ACTION-17 - Will invite wot people to next call. [on Christine Runnegar - due 2018-06-14].
<npdoty> action-17: or at least some future followup, if not for the next call
<trackbot> Notes added to action-17 Will invite wot people to next call..
https://www.w3.org/TR/2018/WD-gamepad-20180508/
https://github.com/w3c/gamepad/issues/new/
I'll see what I can do
Issues in github re: privacy
<npdoty> I think all the issues labeled security are relevant: https://github.com/w3c/gamepad/labels/security
#73 id field in gamepad might have a persistent identifier - https://github.com/w3c/gamepad/issues/73
Gives info on product, vendor, name...how much is this needed?
barryleiba: these types of identifiers cause vendor-specific code, but also leak info, and advertise to attackers if a particular vendor's code is vulnerable
christine: justification is unclear for this ID, apart from convenience
barryleiba: often they *want* vendor-specific code but this often causes more problems than it solves
christine: yes, this leads to interop issues
npdoty: another justification is human-readable name. Tell user which device they are supposed to user for, say, XBox controller
(not long string)
barryleiba: passing on user-defined name solves this problem. User gives devices nickname, and can tell them which device to use, which doesn't leak personal info or cause interop issues
npdoty: this does disclose the user-defined device name though
barryleiba: is still preferable to basic vendor info
christine: reduces problem but doesn't remove it
npdoty: we are brainstorming alternatives here in 30 seconds which are potentially an improvement over the basic scenario
christine: volunteer to comment on issue 73 and suggest alternatives?
barryleiba: volunteers!
Thanks Barry.
#72 clarifications for getGamepads (incl. what does “interacted with the user mean”) - https://github.com/w3c/gamepad/issues/72
christine: lack of clarity on "interacted"
npdoty: listed as way to deter fingerprinting; don't want list of all devices available across sites (fingerprinting vector)
christine: mitigation depends on what "interacted" means, e.g., "ever interacted"
jnovak: is this "pressed button" or more detailed info? They need to further specify.
christine: can we help them to clarify boundaries, e.g., "this should not be considered 'interacted with'", exclude these scenarios
npdoty: emphasizing origin concept would be useful. Worst case, cross-origin. If top-level context, pressed button here...not being tracked across origins
christine: this is subject to same-origin policy, yes?
npdoty: problem is GamePad would return same list each time (piece of hardware persists)
christine: volunteer for commenting on Issue 72?
npdoty & jnovak will coordinate and comment
Thanks Nick & Jason!
#71 how do connection/disconnection events interact with “device has been interacted with by the user” - https://github.com/w3c/gamepad/issues/71
christine: sounds like closely-related issue
npdoty: seems that this has been acked in the comments
npdoty (same fix applies)
<jnovak> is it worth also discussing 70: https://github.com/w3c/gamepad/issues/70
<jnovak> "Make getGamepads API asyncronous to support permission request"
christine: suggest we add privacy tags as appropriate
jnovak: maybe necessity of this depends on other mitigations?
christine: if they applied mitigations to the issues identified above, it may not be necessary to have requirement that API sit behind perm request?
<npdoty> I think I was able to add "privacy" labels to the three issues we've discussed so far (I'm not quite sure why I have this capability, but...)
jnovak: yes, and issue 70 is
already asking if this is necessary to begin with
... so we can contribute to the discussion on the related
issues to guide that decision
jnovak will add note to issue 70
Thanks, Jason!
weiler: is navigation stuff time-dependent *now*? The timestamps that are relative to navigation start - is that currently browsing-context dependent?
<npdoty> I think it's not an absolute timestamp, but relative to when the device was first attached?
weiler: there is timestamp for
every gaming event. Are timestamps based on same clock ->
makes hig-res tracking beacon
... if this is context-specific, then mitigates cross-origin
tracking capability of timestamp
npdoty: good point; seems it may depend on implementation as to whether this happens
weiler: anyone know navigation timing spec well? Published in 2012...
npdoty: we could open issue and have them clarify this
weiler: will open issue to get clarification
Thanks, Sam!
(might turn out to not be a risk but we could use the clarification regardless)
jnovak: WWDC news
you can watch the video if you like
there is an additional privacy-specific talk, ITP v2 & storage API, and WebKit blog posting
<npdoty> oh, would love to see links, thanks
on Monday: two big Safari features. Anti-fingerprinting & ITP v2
Anti-fingerprinting: three changes
1. reducing information in User Agent String. Parts are frozen.
freely-available entropy reduced
in Mojave: reducing ability to query for fonts -- system fonts, is same across Macs, so not useful
Can't get user-installed plugins as source of info
ITP v2: v1 domains that are detected as "tracking domains" - have partitioned cookies...after 24 hrs in partitions, then deleted
<wseltzer> machine-learned on device
<scribe> new version: cookies are *immediately* partitioned, change to storage API
[eventually this is going to just have to be link to the technical doc]
[scribe unable to keep up with volume of data]
<npdoty> cookies accessible only on gesture, and now embeds who ask for those cookies get a user-permission prompt before getting access to cookies
https://webkit.org/blog/7675/intelligent-tracking-prevention/
<jnovak> https://webkit.org/blog/8311/intelligent-tracking-prevention-2-0/
christine: lot of press on "Apple is going to block Facebook tracking"
jnovak: really, it's about
ensuring cookies that are used are more about first-party
relationships & current context
... def'n of first party & third party have evolved, so
we've updated accordingly, and ensuring that since we have way
for site to request access to their cookies
Then policy can be enforced accordingly
christine: this sounded like FB-tracking elements, so good to get clarification of the whole story, practice is broader
jnovak: Storage Access API gives ability for 3P imbeds, and can block cookies that previously we could not
npdoty: in past, UA strings for fingerprinting, we said - different versions have different features, so there will be entropy..but some of them seem to have a *lot* of detail.
So: how is Apple deciding how much to freeze? And can we give guidance on this?
jnovak: there *was* a lot of info in UA string before, like OS Build version...may not have any impact on actual Safari version, not useful
npdoty: are there places where standardizing Storage Access API would be useful?
jnovak: it's working through WHATWG
<jnovak> https://github.com/whatwg/html/issues/3338
<jnovak> ^^ Storage Access API proposal for standardization
Thanks, Jason, for details + links
christine: is it possible/useful for have PING call dedicated to Storage Access API, w/broader community invited?
jnovak: would need to consult w/Apple & others
wseltzer: on-device ML for tracking interesting ("what's a tracker?") -- can user access the list of what has been classified as a tracker?
jnovak: will get back to you on this
christine: has put summary in GitHub, will likely circulate in email as well
Expect summaries to continue in future
WoT outreach? will be offline & return to later
July call?
July 12
Thanks, all!
christine: will try to send meeting call w/calendar invite for next meeting
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/GameaPad/GamePad/ Succeeded: s/yeah, I'm having connection issues today// Succeeded: s/I think I've figured it out// Succeeded: s/still an improvement/potentially an improvement/ Succeeded: s/on issue 71/on issue 73/ Succeeded: s/topic: WWDC announcements// Present: wseltzer npdoty jnovak tara weiler Barry_Leiba No ScribeNick specified. Guessing ScribeNick: tara Inferring Scribes: tara WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Found Date: 07 Jun 2018 People with action items: christine invite people will wot WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]