[rtcweb] Security and browser/screen access
Randell Jesup <randell-ietf@jesup.org> Sun, 25 September 2011 21:49 UTC
Return-Path: <randell-ietf@jesup.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B3F121F8B2E for <rtcweb@ietfa.amsl.com>; Sun, 25 Sep 2011 14:49:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.31
X-Spam-Level:
X-Spam-Status: No, score=-1.31 tagged_above=-999 required=5 tests=[AWL=-1.311, BAYES_50=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 60QfWSsl1iFW for <rtcweb@ietfa.amsl.com>; Sun, 25 Sep 2011 14:49:16 -0700 (PDT)
Received: from r2-chicago.webserversystems.com (r2-chicago.webserversystems.com [173.236.101.58]) by ietfa.amsl.com (Postfix) with ESMTP id B4FCD21F8B29 for <rtcweb@ietf.org>; Sun, 25 Sep 2011 14:49:16 -0700 (PDT)
Received: from pool-173-49-141-165.phlapa.fios.verizon.net ([173.49.141.165] helo=[192.168.1.12]) by r2-chicago.webserversystems.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <randell-ietf@jesup.org>) id 1R7wc9-0000Ul-6b for rtcweb@ietf.org; Sun, 25 Sep 2011 16:51:57 -0500
Message-ID: <4E7FA1A3.60908@jesup.org>
Date: Sun, 25 Sep 2011 17:48:19 -0400
From: Randell Jesup <randell-ietf@jesup.org>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0.1) Gecko/20110830 Thunderbird/6.0.1
MIME-Version: 1.0
To: "rtcweb@ietf.org" <rtcweb@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r2-chicago.webserversystems.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jesup.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: [rtcweb] Security and browser/screen access
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Sep 2011 21:49:17 -0000
This is an issue that impacts at a usecase we've been discussing: access to the browser or screen bitmap is inherently very risky, security-wise. See Robert O'Callahan's blog post triggered by discussions of these usecases at our recent Mozilla All-Hands: http://robert.ocallahan.org/2011/08/securing-full-screen.html This directly affects use-cases like WebEx (of course), remote assistance, etc. We've glossed the security side of those so far. Note that these use-cases replace desktop or plugin installs which implicitly gave the provider access to far more than just the screen, so from that perspective screen access is actually a reduction in exposure. However, there's a definitive decision (whether well-informed or not) to install these apps, and most of them (not all!) don't auto-update without asking; and you can un-install them. This once again as I've mentioned in some other cases wanders into the same territory as WebApp installation, which we also talked about looking at for handling "ongoing permissions" for camera/mic for services similar to Skype - tie it to a user "install". Whether that's good enough, and how that actually works are good questions. -- Randell Jesup randell-ietf@jesup.org
- [rtcweb] Security and browser/screen access Randell Jesup
- Re: [rtcweb] Security and browser/screen access Harald Alvestrand