-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
getCapabilities
seems to leak hardware capabilities w/o a permission
#22
Comments
WebRTC-SVC extends the existing RTCRtpCodecCapability dictionary from WebRTC to provide additional information relating to supported SVC scalability modes. Since Within the VP8, VP9 and AV1 codecs (the only WebRTC codecs that support SVC), a compliant decoder is required to decode anything than an encoder can send. So |
This API does does indeed not tell you whether a codec is HW or SW. It would be very beneficial if it (or another API) did, but that is not the case today.
Conceivably, could there not be a codec or profile that was only implemented in hardware, and as such the existence of a particular codec/profile would indirectly tell you that? |
WebRTC's getStats() currently leaks encoderImplementation and decoderImplementation strings though, which in some cases could tell you whether an encoder or decoder is HW or SW (depending on the UA) after-the-fact. |
@henbos Indirect inference is not easy. All the codecs currently implemented within WebRTC can be supported in both hardware and software, so |
@aboba @henbos thanks for following up! I'm a little lost from the above notes though. Is it the case that the responses from Apologies for the possibly redundant questions, but the above comments seem to point in opposite directions, as best as I can understand |
@snyderp |
@aboba Apologies, but I think I didn't do a good job asking the question. I'm trying to figure out whether |
@snyderp I don't believe that At a given time, it is possible that the browsers will support different codecs. For example, at one point Chrome supported VP8, H.264 and VP9 and Edge only supported H.264. However, there are easier ways to tell browsers apart than by using |
Understood! As long as the requires that the interface only describe capabilities shipped by the browser, and it doesn't reveal anything about the underlying hardware (hardware supported codecs, hardware vs software rendering, etc.) then my concern is addressed. Put differently, if the answer to "can I use this API to learn anything other than |
The capabilities does not say anything about if a supported codec is implemented in HW or SW, only if it is supported. So if we're only looking at the return value then the answer is "no". A codec in the returned list could be implemented in HW or SW - you have no idea from this API alone. In practice, a caller of this API may have more information than what this API proves you on a particular device. Such as, what does this API return on other devices? For example, if you know that a particular browser version has SW support for codecs X and Y (which you would know if you used this API on a device that doesn't have HW codecs) and on a different device getCapabilities() gives you "X, Y and Z" then Z would have to be an additional codec that is only available in HW and thus tell you something about the device. At least that's my understanding. And if I look at what codecs are negotiated on my macOS device which has HW H.264 support with my Linux desktop which doesn't have HW H.264 support I see a difference: On my macOS device there are 6 different H264 profiles, on my Linux device there are 4 different H264 profiles. |
Apologies but I'm really having a difficult time understanding this; it seems like there are two different answers being given (or im even more lost than I though). I understand @aboba to be saying that I understand @henbos to be saying that If the former is correct, then i dont see a privacy risk. If the latter is correct, then this API seems to leak hardware capabilities and becomes a fingerprinting vector, and so needs to some form of access control / permissioning / etc. |
@snyderp I don't believe there is a contradiction.
That said, Henrik is correct that As an example, a device might advertise the capability to decode AV1 (via RTCRtpReceiver.getCapabilities()) but not to encode it (via RTCRtpSender.getCapabilities()) because the CPU could not achieve sufficient AV1 encoder performance (e.g. 720p at 30fps). A more capable device with hardware support for AV1 encoding might be able to advertise support for AV1 encoding via RTCRtpSender.getCapabilities(). |
So even though this API does not say anything about if something is implemented in HW or SW, because the API may return different things on different devices, the API can in fact be used for fingerprinting, though the information is indirect and probably pretty weak compared to other fingerprinting methods. |
Since this discussion relates to the |
@aboba please do not do that. if this feature will push additional fingerprintable information through an existing API, that is a distinct problem that needs to be sorted out here. Is there any permission related to calling |
Since SVC is not supported in hardware this specification doesn't add to the fingerprinting surface. |
Again, I do not consider this issue resolved. The broader feature in WebRTC-PC needs to be addressed, but that does not change that webrtc-svc I really cannot follow the above conversation, @aboba and you @henbos, you seem to be saying opposite things. Specifically, how to reconcile:
and @aboba
|
Basically in theory this could be used for a faint fingerprinting signal but in practice there will be no signal since all current implementations will return the same results. I do tend to agree that this issue is larger than SVC support, there are other places where codec capabilities could end up exposed to the application, e.g., a=imageattr in SDP. |
For capabilities defined by webrtc-pc, the issue I described is not just theoretical, different devices do return different things; the H264 profile results I quoted earlier have to do with non-SVC codec capabilities and is not new with this spec. For additional capabilities defined here in webrtc-svc, the same issue could exist in theory, but at least for now, SVC-related capabilities are always the same on all devices. If we solve the webrtc-pc privacy issue we would most likely solve any webrtc-svc privacy issues for free, since these are just extensions of what already exist in webrtc-pc. If not, we would have to re-open this issue when we know what to do with webrtc-pc. |
IMO this issue should be re-opened - from the discussion here and in https:/w3c/webrtc-pc/issues/2460, it does seem like there is a (weak, for now) fingerprinting signal that is added by this spec as it adds more (potential) info to a known fingerprinting vector. If we decide to put a permission gate on I'm happy to open up a new issue but would rather not muddy up the discussion, so it would be best if we could re-open this one. |
I second what @ShivanKaul says above and am reopening the issue. Whether or not a permission gate is the right solution here, there needs to be some solution to the fingerprinting surface the feature exposes. Point taken that current implementations may not expose FP bits presently, but the more useful the API is (e.g. the more difference there is between platforms / implementations / devices) the more privacy-harming this FP surface will be. So, its important to get a solution in place before the horse is out of the barn :) |
Related issue: https:/w3c/webrtc-pc/issues/2539 Note: the above issue asserts that getCapabilities() cannot be used to obtain hardware capabilities. |
Our security reviewer (thank you Artur!) pointed this out, also, saying "The main issue, already called out in the Privacy and Security considerations section, is the potential for this extension to reveal system-dependent codecs, which may vary between different users/platforms;" |
Apologies if I'm misreading the spec, but if I'm reading it correctly it looks like a site can learn about the visitors underlying hardware capabilities w/o a permission prompt or some other positive, affirmative action by the visitor.
Is my reading of the spec correct then, there is a FP vector exposed by the current text that would need to be mitigated (e.g. sites couldn't access it by default).
Otherwise, if this is addressed elsewhere, could you kindly point me to where, so I dont make the same mistake twice? :) Thanks!
The text was updated successfully, but these errors were encountered: