Developers from Google offered a consortium of WWW draft WebUSB - protocol for USB devices with web pages

Two Google developers, Reilly Grant and Ken Rokot, presented to the international consortium WWW (World Wide Web) a draft of the WebUSB project - a protocol for USB devices on the Internet, which describes the interaction of USB compatible devices and web pages.

The WebUSB project was published on March 21st and describes the API that will provide a secure connection between USB devices and web services. This protocol will not affect the operation of USB-drives, but according to the authors' idea, it regulates interaction with the network of all other USB peripherals, such as mice, keyboards, cameras, etc.


“In WebUSB, we did not strive to create a universal mechanism for the interaction of equipment and a web page. Its role is to simplify this process, ”explain the developers.

The guys from Google are hoping that browser vendors will “pick up” their development and, over time, implement native support for WebUSB, which will ensure the interaction of devices and web pages right out of the box.
')
On the other hand, questions arise in terms of information security and privacy. The problem is that there was no such level of “paranoia” as in the network, in the relationship between the user and his PC: the computer automatically trusts any equipment connected to it by humans.

This opens a loophole for attackers who can create software that scans user PCs for web-enabled peripherals. Thus, spammers and other cybercriminals can get information about visited sites, personal data, correspondence and other private information.

To avoid such situations, the developers have plans to create a CORS-like system for the WebUSB API, which will restrict direct access to peripheral devices from the network.

You can view the project on GitHub , and a draft version of the API documentation is available here .

Via softpedia