limit precision to mitigate sensor calibration fingerprinting #86
Conversation
… meters per second squared updated examples to keep precision limits updated privacy considerations to note sensor calibration as threat added reference to sensorid paper draft attempt to address w3c#85 h/t @JensenPaul for https://github.com/JensenPaul/sensor-fingerprint-mitigation
There was a problem hiding this comment.
Chromium has already implemented these changes. Tracked in issue 1018180.
Do we have implementation commitments from Mozilla and Apple? @marcoscaceres @cdumez
index.bs
Outdated
| @@ -416,11 +416,11 @@ The static {{DeviceMotionEvent/requestPermission()}} operation, when invoked, mu | |||
|
|
|||
| In the {{DeviceMotionEvent}} events fired by the user agent, the following requirements must apply: | |||
|
|
|||
| The {{DeviceMotionEvent/acceleration}} attribute must be initialized with the acceleration of the hosting device relative to the Earth frame, expressed in the body frame, as defined in [[#deviceorientation|deviceorientation Event]] section. The acceleration must be expressed in meters per second squared (m/s2). | |||
| The {{DeviceMotionEvent/acceleration}} attribute must be initialized with the acceleration of the hosting device relative to the Earth frame, expressed in the body frame, as defined in [[#deviceorientation|deviceorientation Event]] section. The acceleration must be expressed in meters per second squared (m/s2) and must not be more precise than 0.1 m/s2. | |||
There was a problem hiding this comment.
Thanks for the catch.
HTML can represent superscript and this is in prose rather than code, so I've updated to use <sup>2</sup> in all the relevant places, I believe.
|
Filed Gecko bug https://bugzilla.mozilla.org/show_bug.cgi?id=1642862 |
|
While I'm here, is there something in the spec about capping the sampling frequency? https://bugzilla.mozilla.org/show_bug.cgi?id=1292751 |
|
@marcoscaceres looks to me like the previous versions of the spec in the Geolocation WG suggested a 60hz frequency, but that language was subsequently removed. I'm not sure why, unless the threat and mitigation are discussed in a different Sensor spec. https://www.w3.org/TR/2016/CR-orientation-event-20160818/#security-and-privacy |
|
No idea... Maybe someone can do so git archeology and figure out when/why it got removed? The Gecko bug seems to suggest 25hz is ok... and maybe cap at 60hz? We can do this separately tho. |
See #59 and https://www.w3.org/2018/10/23-dap-minutes.html#x18
This update aligned the normative spec language with reality i.e. what was implemented in Chrome, Firefox, Safari, and Edge (the EdgeHTML based) as of 2018. |
|
Let's move discussion about the sensor update frequency to another issue. |
|
@reillyeon filed #87 |
require no more precise than 0.1 degrees, 0.1 degrees per second, 0.1 meters per second squared
updated examples to keep precision limits
updated privacy considerations to note sensor calibration as threat
added reference to sensorid paper
draft attempt to address #85
Feel free to comment or edit to match WG style etc. May also need updates to web platform tests to confirm that sensors do not return more precise values.
h/t @JensenPaul for https://github.com/JensenPaul/sensor-fingerprint-mitigation
Preview | Diff