Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
WebAPI Security Discussion: Keyboard API
12 views
Skip to first unread message
Lucas Adamski
May 9, 2012, 2:17:54 PM5/9/12
to dev-w...@lists.mozilla.org, dev-w...@lists.mozilla.org, dev-se...@lists.mozilla.org, dev-b2g
Please reply-to dev-w...@lists.mozilla.org
Name of API: Keyboard API
Reference:
See: https://groups.google.com/d/topic/mozilla.dev.webapi/Vs3-HGv9NNw/discussion
Brief purpose of API: Allow virtual keyboard to be implemented as a Web App
General Use Cases:
*Replace the installed keyboard with a different one
*Choose what keyboard is shown (numeric, alphanumeric, symbols, first letter capiltaized etc)
Inherent threats: Access to user keystrokes (steal passwords, bank account details, etc), send trusted key events
Threat severity: high
== Regular web content (unauthenticated) ==
Use cases for unauthenticated code: Request which keyboard [type?] is displayed
Authorization model for uninstalled web content: implicit for focused top-level content
Authorization model for installed web content: implicit
Potential mitigations: Request keyboard [type] only.
== Trusted (authenticated by publisher) ==
Use cases for authenticated code: Implement new keyboard.
Authorization model: Implicit
Potential mitigations:
== Certified (vouched for by trusted 3rd party) ==
Use cases for certified code: Implement new keyboard
Authorization model: Implicit
Potential mitigations: None
Notes: Obtain user confirmation at install time (i.e. "Install this keyboard?"). Keyboard apps have unique store review requirement.
Name of API: Keyboard API
Reference:
See: https://groups.google.com/d/topic/mozilla.dev.webapi/Vs3-HGv9NNw/discussion
Brief purpose of API: Allow virtual keyboard to be implemented as a Web App
General Use Cases:
*Replace the installed keyboard with a different one
*Choose what keyboard is shown (numeric, alphanumeric, symbols, first letter capiltaized etc)
Inherent threats: Access to user keystrokes (steal passwords, bank account details, etc), send trusted key events
Threat severity: high
== Regular web content (unauthenticated) ==
Use cases for unauthenticated code: Request which keyboard [type?] is displayed
Authorization model for uninstalled web content: implicit for focused top-level content
Authorization model for installed web content: implicit
Potential mitigations: Request keyboard [type] only.
== Trusted (authenticated by publisher) ==
Use cases for authenticated code: Implement new keyboard.
Authorization model: Implicit
Potential mitigations:
== Certified (vouched for by trusted 3rd party) ==
Use cases for certified code: Implement new keyboard
Authorization model: Implicit
Potential mitigations: None
Notes: Obtain user confirmation at install time (i.e. "Install this keyboard?"). Keyboard apps have unique store review requirement.
Adrienne Porter Felt
May 9, 2012, 3:32:16 PM5/9/12
to dev-w...@lists.mozilla.org
IME apps almost always need access to the dictionary in addition to actual
keyboard inputs. Perhaps read/write access to the user dictionary should
be bundled along with the keyboard API?
> _______________________________________________
> dev-security mailing list
> dev-se...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security
>
keyboard inputs. Perhaps read/write access to the user dictionary should
be bundled along with the keyboard API?
> dev-security mailing list
> dev-se...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security
>
Mounir Lamouri
May 9, 2012, 3:40:40 PM5/9/12
to dev-w...@lists.mozilla.org
On 05/09/2012 12:32 PM, Adrienne Porter Felt wrote:
> IME apps almost always need access to the dictionary in addition to actual
> keyboard inputs. Perhaps read/write access to the user dictionary should
> be bundled along with the keyboard API?
We should have another API for accessing the dictionary.
> IME apps almost always need access to the dictionary in addition to actual
> keyboard inputs. Perhaps read/write access to the user dictionary should
> be bundled along with the keyboard API?
--
Mounir
0 new messages