WebAPI/Security/Wifi

From MozillaWiki

< WebAPI‎ | Security

Revision as of 22:07, 30 July 2012 by Ladamski (talk | contribs) (Had the wrong page in here (bluetooth))

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Name of API: Wifi API Reference: http://groups.google.com/group/mozilla.dev.webapi/browse_thread/thread/ed980c42261c5f4a?pli=1

Brief purpose of API: Read wifi network information (read-only). All network changes should go through settings API. General Use Cases: None

Inherent threats: Privacy(identify user, geolocation, based on wifi characteristics)

Threat severity: Moderate

Regular web content (unauthenticated)

Use cases for unauthenticated code:None
Authorization model for normal content:
Authorization model for installed content:
Potential mitigations:

Trusted (authenticated by publisher)

Use cases for authenticated code:
- Wifi sniffer app
Use cases for trusted code: Explicit
Potential mitigations:

Certified (vouched for by trusted 3rd party)

Use cases for certified code: Wifi Manager
Authorization model: Implicit
Potential mitigations:

Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/Security/Wifi&oldid=456238"