HTML5 aims to make the Web more secure, in part, by eliminating the need for browser plug-ins. This is a great start. Two of the most commonly installed browser plug-ins, Java and Flash, are also the two biggest security holes in any Web browser.
Simply by being installed, plug-ins make the browser less secure. Not only that, but plug-ins are generally written for multiple operating systems; a vulnerability in a plug-in such as Java or Flash is a vulnerability in Windows, MacOS and Linux. Another wrinkle is that a large percentage of installed plug-ins don't have the latest security patches. Overall, plug-ins represent a major problem.
Many of HTML5's new features-built-in video and audio playback, vector and bitmap animation, device access and Web storage, for example-are designed to eliminate the need for plug-ins. By bringing what was once considered "extra" functionality under the roof of the browser-and, more importantly, under the roof of approved standards-security and privacy can be integrated in a much more coherent, careful way.
HTML5 device access APIs and privacy preferences
The broad category of device access APIs present another potential HTML5 privacy issue. It seems only natural to many of us that the continuing expansion of the Web and the webification of all sorts of computing devices will create many innovative products and services. Just as desktop Web applications are taking over many tasks that used to be the sole domain of packaged software, mobile computing is also increasingly shifting towards the Web.
The biggest missing piece for today's mobile Web apps is the limited device access capabilities of mobile browsers when compared to the capabilities of native mobile apps. Mobile Web apps can't, for example, cause your phone to vibrate, read the current state of the battery or measure ambient light. Most new mobile Web browsers can, however, access your current location and your camera. As these new capabilities are baked into browsers, privacy is a major concern.
In native apps, device access privacy preferences are typically managed through the installation process. When you install an Android app, for example, you receive notification of the types of access that the app requests. At that point, you can choose to allow or disallow the requested access. After you install the app, the permissions are set, and that app can access your camera, contacts or whatever you approved.
Mobile Web app privacy and security is tricky, since a Web app may change at any time and upgrades don't require your active involvement. Most of the time, this is a big benefit of Web apps; you get constant upgrades without the annoying upgrade process that native apps require. The downside is that any change may cause a previously secure and trustworthy app to become less so, even harmful.
To understand how browsers deal with this potential problem, we need to first define some terms: