Comment Re:HTML/A like PDF/A (Score 1) 149
You might be interesting in the work of the W3C Private User Agent Community Group that is exploring solutions to prevent such leaks. One option for limiting the capability to leak the mouse positions is to limiting the back channels available to leak the state out to the web. A web browser that resists such leaks can still support rich client side Javascript content. Not surprisingly, early results demonstrate that much web advertising is caught by such protections - for example Google search ads still work but most content network ads violate security and are blocked. Other options are being explored such as declarative web actions to offload interactive tasks to trusted apps, and a curated database of trusted scripts that implement widely used features such as slide shows etc. There is a lot of resistance from shills wanting to entangle our computing use with web services and even offload web browser security to the cloud, and they are currently winning, so if people are interested in such solutions then please consider supporting this group, see: http://www.w3.org/community/pua/