Why is this kind of functionality even exposed at all except opt-in?! (Obvious answer: Google wants it for adtech fingerprinting.)
Conversation
If sites want to rasterize shit themselves in my browser, they can ship a rasterizer in portable js that runs in the sandbox like everything else.
1
Replying to
Font handling is also a large attack surface since font rendering is extremely complex and browsers expose it to untrusted input by supporting fonts provided by the site. CSS is super complex by itself and keeps getting more features that need to interact with all the others.
2
2
And of course they support all kinds of different image, video and audio codecs. They also keep expanding the feature set with things like access to MIDI devices, Bluetooth and USB but at least those prompt the user to allow it. Have you seen issues like github.com/mozilla/standa?
2
1
There's literally a browser API which supports updating firmware on devices which mostly have no signature verification for the updates. The manufacturers consider that an important feature, even including the fact that there's no signature verification.
1
1
2
They don't want to deal with supporting updates and modding securely, so they expose firmware updates via an API exposed through web browsers and leave out verifying the updates. A user allowing access ends up letting a site implant it with persistent malware without any exploit.
1
Replying to
Firmware update should never be possible except via special physical interface solely for firmware update.
1
This Tweet was deleted by the Tweet author. Learn more
You have to explicitly grant MIDI access, similar to Bluetooth and USB.
1
Replying to
Does the prompt explain to the user that it essentially gives the site root on their MIDI device?
1