-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make platform a low-entropy hint #213
Comments
That doesn’t seem like the right reasoning for exposing more details by default. Even if there are APIs that expose that information, they can be taken into account as part of the Privacy Budget, while exposing that information by default results in passive exposure. However, that information is already leaked passively, through the OS’ network layer (e.g. through sequence numbers). Due to the above leak, it seems reasonable to enable more direct access to that information, that doesn’t require developers to wait a task, go through the awful hacks you mentioned above, or sniff TCP packets. After all, the use-cases that platform information enables are significant, and impact user experience, accessibility as well as spam avoidance, to name a few. At the same time, it would be good to quantify that leak in terms of entropy bits, so that we’d know what we’re letting go here. Theoretically, IP level obfuscation could eliminate some platform-level leaks in some potential future. Exposing that information by default lets go of that option, and we need to know what we lose in that trade-off. |
@yoavweiss thanks for the feedback. I wrote up a small (public) document (and stole some of your words...) at https://docs.google.com/document/d/122TG71j9LC_Ne_-vzoNBRFUwi_irIuyi_xYFE1o4iKU/edit#. PTAL, and if you agree, hop on over to the corresponding PR. :) |
Thanks for that doc, and for the entropy quantification. |
It's already possible to infer platform (OS) through various web platform APIs, without looking at the
User-Agent
header ornavigator.userAgent
, so I think we should move "platform" from high entropy to low. Platform version should remain high entropy.Some examples:
In terms of what this would mean, we would stick
Sec-CH-UA-Platform
into the low-entropy table, and update relevant bits here: https://wicg.github.io/ua-client-hints/#interfaceThe text was updated successfully, but these errors were encountered: