You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A video of an element provides more information to a fingerprinter than canvas snapshots. In addition to the usual font and graphic handling variations, the video will capture animation quirks.
This needs to be at least acknowledged. Browsers that restrict canvas read-back might want to apply similar protections here also, but it would be very much harder.
The text was updated successfully, but these errors were encountered:
To gain access to the Element Capture API, an application must first gain "video-access" to the entire tab. By then, any font-based fingerprinting attack is trivial and unstoppable. (Please correct me if I'm wrong.)
It might be worth acknowledging this in the spec, but in that case, it's probably to be acknowledged in getDisplayMedia's and getViewportMedia's own specs, and not in downstream specs such as this one.
A video of an element provides more information to a fingerprinter than canvas snapshots. In addition to the usual font and graphic handling variations, the video will capture animation quirks.
This needs to be at least acknowledged. Browsers that restrict canvas read-back might want to apply similar protections here also, but it would be very much harder.
The text was updated successfully, but these errors were encountered: