Name of API: Web Telephony
References:
https://wiki.mozilla.org/WebAPI/WebTelephony
*B2G Meta telephony bug
https://bugzilla.mozilla.org/show_bug.cgi?id=699235
*Web Telephony meta bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=674726
Brief purpose of API: Make and receive phone calls
General Use Cases: None
Inherent threats:
* Place calls to high cost numbers,
* Route calls through high cost network,
* Direct calls through MITM network (spying).
* Possibly with audio API, record phone calls, record touch tone signals (account numbers?).
* In addition, there is a high likelihood that this API will need to be controlled for legal reasons.
Threat severity: high to critical, confidential information disclosure and direct financial risk
== Regular web content (unauthenticated) ==
Use cases for unauthenticated code: click on a phone number in an email or browser to dial
Authorization model for uninstalled web content: explicit (OS mediated)
Authorization model for installed web content: explicit (OS mediated)
Potential mitigations: When user clicks on a phone number, the OS pops up a prompt asking the user to confirm before dialing
== Trusted (authenticated by publisher) ==
Use cases for authenticated code:
* Fun dialers (eg. rotary dialer)
Authorization model: explicit
Potential mitigations:
* UI indication (e.g. small blinking phone icon in the top of the screen or status bar) which can not be hidden when a call is active, and user can interact with to manage the call
== Certified (vouched for by trusted 3rd party) ==
Use cases for certified code:
* Replacement dialer
* Voice conference software (e.g. connect Voip with a mobile call)?
* Mediate incoming calls (accept/reject/merge)
* Query transceiver state
Authorization model: implicit
Potential mitigations: none