Screen sharing is a powerful new feature that lets you share what’s on your computer screen with a website, so you can co-browse with a friend, or allow a technician remotely diagnose a problem on your computer.

What are the risks of sharing with sites I don't trust?

Firefox will warn you not to share when a browser window is visible on your screen unless you trust that website. Here are the reasons:

• When sharing a window, a web site may passively record what you’re doing, including things you didn’t intend to share.

• Websites can control browser windows, popping up private information from other websites you never intended to share. It can do this quickly and discreetly. If a malicious website happens to be loaded when you share your screen, that website now has the ability to browse as you, using any login information you have entered to steal your private data.

What causes these risks?

Websites and ads have always been able to pop up browser windows. But websites normally can’t read the pixels that make up the content on other sites. For more technical information, see same-origin policy. It’s an important web security mechanism that exists in all browsers.

Once you share a browser window with a site, you’re allowing that site to see the results of other sites it summons. You no longer have that important web security mechanism in place.

Example: A user who doesn't log out of her banking site before closing the tab, and shares her screen with a malicious site afterwards. That site can now capture personal account information, usually when a user is not looking or steps away (based on inactivity or looking at the web camera, if shared).