In bug 853356, there is some discussion around the permission granting mechanism to allow content to ask for microphone access via getUserMedia. The current plan is to use a prompt & permission combination similar to the way geolocation is handled. To me this API is much more sensitive than geolocation, and needs stronger mitigation.
Some thoughts for discussion: 1. Current FirefoxOS prompts can not be ignored Prompts on b2g are modal and can not be ignored - the user must choose one way or another. Compare this to the door hanger approach for getUserMedia on desktop: if the user simply ignores the prompt it goes away. I would like to see "safe if ignored" style of permission request on FirefoxOS for this use case if possible to prevent the user accidentally making the wrong choice. 2. Current permission indicators are not strong, or always present For untrusted content, there needs to be some trusted indicator that the camera/microphone is enabled. At the moment we have small icons in the taskbar for some permissions but in this case I think we need something more obvious like a red bar or something that is present for the duration of recording. (something similar to the call background indicator perhaps) 3. The user needs a way to turn off video/audio The user needs a trusted way to know that video/audio is disabled. The permission is revoked when the window (app) is closed, but how does the user know which app is using the camera/mic? Obvious idea would be that tapping the recording indicator takes you to the app which is using the permission, so you can turn it off in the app, or close the app. However I also worry that the UI to close an app isnt very discoverable (long press on home, swipe up on app thumbnail). So maybe we need something more explicit here (perhaps combined with the notification from 2.) Finally, I imagine that we might provide less intrusive UI for privileged or certified apps, but exactly what depends on the UI for web content, and the privileged/certified use cases. Thoughts/comments/suggestions etc?
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
