Short Bytes: Two Google developers, Reilly Grant and Ken Rockot, have uploaded a draft document to the World Wide Web Consortium’s Web Incubator Community Group (W3C WICG), describing a new way to directly connect USB devices to the web. This is being called WebUSB and it’ll make the process of connecting a device to a web page simpler.
Dubbed WebUSB API, a new API calls itself as a “way to safely expose USB device services to the Web”. Developed by two Googlers, it aims to take “plug and play” to the next level for connecting devices by harnessing the power of web technologies.
This API covers all types of devices that are connected to your PC via USB ports — keyboards, IoT equipment, mice, etc.
Let’s tell you about WebUSB API in detail:
What is WebUSB API?
WebUSB wants to make the process of connecting a device to a web page simple. However, Googlers don’t try to label it as a universal method. “WebUSB does not attempt to provide a general mechanism for any web page to connect to any USB device,” they explain.
They hope that API hardware manufacturers will get the ability to build cross-platform JavaScript SDKs for their devices. This could be possible if the browser vendors adopt the technology inside their products and give the hardware makers a base to build devices with out-of-the-box WebUSB capabilities.
How to use WebUSB API — a simple example
Let’s take an example of a 3D printer. These days you can’t go to Thingiverse and hit Ctrl+P to print design out of your 3D printer. This is so because user agents and operating systems do not have 3D printer support.
With the WebUSB API already implemented inside the browsers, JavaScript code from iframe will prompt the user for 3D printer access. A website can ask the user to approve the access and ask for commands just like the permissions on an Android device.
The security and privacy concern with WebUSB API
The developers call security and privacy issue their biggest concern. As a computer automatically trusts a USB device and vice versa, developers are looking to make a type of Cross-Origin Resource Sharing (CORS). This will prevent web pages from requesting data from anything other than the page you’re visiting.
This will restrict a webpage to use the USB device to access your computer or any files in the USB device.
Source:https://fossbytes.com/
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.