Add powerEfficient[En/De]coder (#666) and fingerprint mitigations (#675).

[henbos]

Fixes #666, #675

---

Preview | Diff

[henbos]

@vr000m PTAL, @eshrubs is ready to implement this right now so we can add it to webrtc-stats rather than provisional

[henbos]

Please take another look @youennf, @vr000m and @alvestrand. I've added the sentence from #675 to both powerEfficientEncoder and encoderImplementation (and dec).

[henbos]

FYI @eshrubs

[vr000m]

LGTM, modulo the language around permissions

[henbos]

@youennf Are you happy with the current fingerprinting language?

[youennf]

Please take another look @youennf

The fingerprinting mitigation sounds like an improvement to me.
Since this includes a tentative solution to #550, it would be good to have @pes10k input on this.
I would tend to split the PR in two (one for #550, and one for #666), but this is small enough text that we might be able to tackle both in the same PR.

[henbos]

@pes10k what are your thoughts on this PR? By not exposing unless deep user interaction such as the context capturing (requires user to approve a capture prompt) this limits the ability for a web app to use this for fingerprinting to a context where more sensitive information is already exposed (VC use case).

[henbos]

Please take a look at the this updated PR with a well defined algorithm for determining whether or not to expose the HW information. @pes10k @youennf

[pes10k]

@henbos thank you for this. Just to check my understanding, this would effectively only reveal these endpoints to the page if the user had already given the page permission to access at least one protected device, is that correct?

If so, i think thats a fine mitigation and works well enough to protect users from most realistic passive fingerprinters.

If i've misunderstood though, could you please kindly correct me?

[henbos]

Just to check my understanding, this would effectively only reveal these endpoints to the page if the user had already given the page permission to access at least one protected device, is that correct?

Correct, you would also need to currently be capturing (e.g. microphone or camera). For a page to be granted permissions for capture, the user would need to have accepted a browser permissions prompt.

[youennf]

Do we have examples of such information? Is it to cover the case of small resolutions for instance where some OSes may decide to go with software implementations

[henbos]

It gives implementations some wiggle-room, like if a HW implementation isn't performant we could still report false without violating the spec. I don't know if this is a real problem in practise though.

I also think that it is OK for an implementation to say that SW is power efficient if the resolution is so small that SW would be more performant than HW, but I don't think finding that cutoff point is required of the implementation.

[pes10k]

Thanks @henbos for the explanation, i think this is a great change

[henbos]

👍

[alvestrand]

I am happy with this doc. Suggesting a refinement.