|
|
|
|
|
|
by tehbeard
466 days ago
|
|
|
The fingerprinting risks, to a layman, seem to be a red herring? Have the user consent occur before the point of enumeration. Or lock it behind the user already having installed the pwa and require confirmation (i.e. a browser site gets a flat denied message, a installed PWA gets a permission prompt). Sort of depends on Firefox supporting installing PWAs though.. For webserial this feels like it would make sense... WebUSB does feel like an overreach and too much. |
|
|
That leaks at most one bit unless the user selects a device (i.e. whether Web USB is supported or not, as a delayed error due to the user clicking "deny" would be distinguishable from an immediate one), and usually much less since that bit is very correlated with "is Chrome/Chromium-like".