issues
search
w3cping
/
privacy-threat-model
A target privacy threat model for the Web
https://w3cping.github.io/privacy-threat-model
Apache License 2.0
23
stars
7
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
supercookies
#45
npdoty
opened
1 year ago
1
header enrichment
#44
npdoty
opened
1 year ago
1
privacy -threat-model
#43
yanshin1499
closed
2 years ago
0
Define a granularity at which location data is not sensitive
#42
jyasskin
opened
3 years ago
2
Address diversity of privacy definitions and add missing threats
#41
TheMaskMaker
opened
3 years ago
5
Address cross-device correlation
#40
jyasskin
opened
4 years ago
1
Consider how companies can pledge not to circumvent the threat model
#39
jyasskin
opened
4 years ago
0
Add more states to threat model for goals we haven't blocked yet
#38
jyasskin
opened
4 years ago
1
Discussion of high level threats should include clearer normative statements
#37
jyasskin
opened
4 years ago
1
Describe the threat of sites infringing on people's autonomy.
#36
jyasskin
opened
4 years ago
0
Add a section to discuss techniques to quantify privacy
#35
bslassey
opened
4 years ago
1
Sensitive information disclosure and vulnerable communities
#34
hober
opened
4 years ago
1
Describe navigation as a capability, not a goal.
#33
jyasskin
opened
4 years ago
1
Add a script to check that cells are under the right headers.
#32
jyasskin
opened
4 years ago
2
Fix #29: improve the definition of a threat model.
#31
jyasskin
closed
4 years ago
3
Rotate threat model headers 45 degrees instead of 90.
#30
jyasskin
closed
4 years ago
2
Confusing intro sentence
#29
samuelweiler
closed
4 years ago
0
Discuss exposing the GPU model and driver
#28
jyasskin
opened
4 years ago
2
Sensitive-information: Add inferred restricted sensitive information
#27
JoGSal
opened
4 years ago
1
Update bikeshed to use Python 3
#26
jyasskin
closed
4 years ago
0
belonging to a minority ethnicity: change to belonging to an ethnic minority
#25
JoGSal
closed
4 years ago
2
Unwanted same-site recognition: should beacons be listed here too?
#24
JoGSal
closed
4 years ago
2
Surveillance: distinguish between positive and negative connotations
#23
JoGSal
opened
4 years ago
3
Describe assistive tech as sensitive, not benign.
#22
jyasskin
closed
4 years ago
2
Review privacy literature for high-level threats
#21
npdoty
opened
4 years ago
0
Add "harassment and abuse" to high-level threats
#20
npdoty
opened
4 years ago
2
Sensitive info: describe local attackers, confused users, and mitigations
#19
jyasskin
opened
4 years ago
0
Add "manipulation" to the high-level threats
#18
jyasskin
opened
4 years ago
1
Feedback from WoT Security TF
#17
mmccool
opened
4 years ago
0
Define benign vs. sensitive information disclosure more formally
#16
tobie
opened
4 years ago
5
Any reason why user ID is defined as a integer and global identifier as a string?
#15
tobie
opened
4 years ago
1
Attacker Capabilities: Read/Write storage
#14
jumde
opened
4 years ago
0
Add user correlation based on common input across sites.
#13
jyasskin
closed
4 years ago
2
Add a sensitive information threat model
#12
jyasskin
closed
4 years ago
2
Add simultaneous event firing as a cross-site tracking vector
#11
jyasskin
closed
4 years ago
1
Add "profile building" to the high-level threats
#10
jyasskin
opened
4 years ago
2
Discuss the privacy of monitoring
#9
jyasskin
opened
4 years ago
15
Improve the acknowledgements section.
#8
jyasskin
closed
4 years ago
0
Fix #2: delegate to Fetch for the definition of "site".
#7
jyasskin
closed
4 years ago
2
Elaborate the high-level threats section.
#6
jyasskin
closed
4 years ago
2
Mark the spec as a PING Editors' Draft.
#5
jyasskin
closed
4 years ago
0
Add Tom Lowenthal as an editor.
#4
jyasskin
closed
4 years ago
0
PING adoption
#3
wseltzer
closed
4 years ago
0
Definition of site doesn't include the scheme
#2
davidben
closed
4 years ago
0
Correlate a visit from the same user over time
#1
martinthomson
opened
5 years ago
1