> > Jonas, I would be really interested in your thoughts. Try as we might (in the > WebSerial API docs, at least), noone could actually think of a use case where > providing access to a physical (RS232), or Virtual (VirtualUSB or > VirtualBluetooth) serial port could be a privacy and/or security issue.
Hello, I can think of at least one security issue... A machine used to program a PLC (http://en.wikipedia.org/wiki/Programmable_logic_controller) might have its ports scanned by a malicious site for a PLC interface. Such malicious intent could be used to cripple a manufacturing facility or worse, cause physical harm to people working in such a place. PLC’s and automation hardware are high-value targets which have already been attacked in the past (see Stuxnet - http://en.wikipedia.org/wiki/Stuxnet) IMHO, Just because serial ports are slow, doesn’t mean that their use should be less controlled than USB. That being said, I would love to use a web app to program an Arduino, when I explicitly give it the appropriate level of trust. - Kip _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
