[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Public WebGL] about the VENDOR, RENDERER, and VERSION strings



I agree with Steve.

Especially when you consider that really nefarious folks are going to figure out a way around it anyway. I'll bet if you carefully constructed a set of shaders, geometry, and other operations, you could create a test that times each operation and builds a fingerprint that is >80% accurate to identifying the graphics card within a couple of seconds.

The only way you're really going to keep people from figuring out what the graphics card is is by not using the graphics card at all. Render the entire web page into a pixmap using CPU only and hand that pixmap off to the OS to render to the screen. You will cripple the performance of your browser and lose even the concept of supporting WebGL, but you can tell your users that it's in the name of privacy.

-Brian

On Tue, Nov 30, 2010 at 11:54 AM, <steve@sjbaker.org> wrote:
> ----- Original Message -----
>> If we have to do something - I'd prefer a simple check-box in
>> Preferences/Privacy saying:
>>
>> [ ] Hide graphics card/driver details from online applications.
>> (WARNING: May significantly degrade graphics performance)
>
> I would essentially be OK with this, provided that the default is to hide.

I was going to say the opposite.  After all, aren't Cookies and _javascript_
both enabled by default...this is a similar problem.

> I would turn this into a more general option like "Allow Web pages to
> obtain information about my computer system", unchecked by default, and I
> wouldn't print a performance warning there.

No!!  I **STRONGLY** disagree!  That wording implies to the end user that
these web pages can read files off their disk - inventory their porn
collection and steal their credit card numbers.

This is nothing like as serious as that.  All we're doing is allowing the
web site to find out what kind of graphics card you have...something they
could very likely figure out themselves if they were bad guys.

My wording is all that's required.

Also, the performance warning is most certainly required - how else will
the end user know that there is a downside to checking the box?  We need
to be clear and honest about what this is.  They are exchanging some
nebulous (and probably non-existant) modicum of privacy for a basically
shitty online gaming experience.  The minimum settings implied by the
conditions I suggested will reduce the nicest computer on the planet to
the quality level of the nastiest cell-phone.  It's unfair to hide that
kind of thing from people - and we have nothing whatever to lose by
explaining what the checkbox does.

> Yes, content would be able to tell if it's checked by checking the
> RENDERER value --- "Mozilla" would mean we're not allowing content to get
> system information. We could even agree on a browser-agnostic string like
> an empty string.

Yep.

> I will probably take this to a firefox mailing list since this is no
> longer WebGL discussion.

So long as the message that we NEED to be able to expose these strings is
clearly expressed to the folk on that mailing list.  They won't understand
the issues otherwise.

 -- Steve



-----------------------------------------------------------
You are currently subscribed to public_webgl@khronos.org.
To unsubscribe, send an email to majordomo@khronos.org with
the following command in the body of your email: