User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0

Steps to reproduce:

I have media playing in one of my tabs in one of my Firefox windows. It could be YouTube or any other of a multitude of other media sites.
I pause the media.
The computer locks.

Actual results:

When I touch the keyboard or the mouse, the lock screen lights up, showing the media playing (but paused) as indicated above. This information is accessible to anyone, without logging in.

Expected results:

I never opted in to let Firefox share information on media that is playing with the OS, and I have no option to disable it.

This is a clear and severe privacy issue. Anybody else waking my computer and seeing the lock screen could see what media I was watching or listening to.

What should have happened / be the case:
Firefox should not allow this to be the default.
Firefox should have a clear setting for this, explaining the consequences.

The Bugbug bot thinks this bug should belong to the 'Core::Audio/Video: Playback' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Hi Martin,

The lock-screen media controls can be disabled by setting media.hardwaremediakeys.enabled to false in about:config

Please let me know if this worked for you,

Thanks!

Hi Peter,
As I tried to make clear, my stance is that it shouldn't matter if this works or not, as it is not the issue.
The issue is:

• This is a about a piece of functionality with a high, negative privacy impact, not just a personal preference
• It should therefore at the very least never be the default the browser ships with
• An on/off option should be available in normal user settings, not just in about:config, and most certainly not behind a config named in a way that does not in any way reflect the function

The severity field is not set for this bug.
:jimm, could you have a look please?

For more information, please visit auto_nag documentation.

This is the design of the Windows SMTC API, and I believe any application using SMTC would behave the same on this issue. If you don't want to show the sensitive information on the lock screen, then you should use the private browsing window. On private browsing mode, Firefox would only shows Firefox is playing media.

So it seems to me a reasonable usage. For example, when using the lockscreen on mobile, your lockscreen would still show what music you were playing by any music service application, but that doesn't mean they ignores your privacy.

An on/off option should be available in normal user settings, not just in about:config

We do have that. In about:preferences, there is an option Control media via keyboard, headset, or virtual interface.

The argumentation based on which this bug was closed is invalid:

• "An on/off option should be available in normal user settings, not just in about:config / We do have that. In about:preferences, there is an option Control media via keyboard, headset, or virtual interface." You seem to have missed the facts that this is not an option in /normal user settings/, plus it's "named in a way that does not in any way reflect the function"
• If the cause is the choice by Mozilla to use this "Windows SMTC API", then it is Mozilla choosing for a breach of privacy, /and/ hiding it.

The solution, and one is necessary and possible, is simple:

• Do not use this "Windows SMTC API" which apparently provides "Control media via keyboard, headset, or virtual interface" by default
• Provide an option in normal users settings to enable "Control media via keyboard, headset, or virtual interface" and annotate it with a very clear warning that this will show whatever you are playing on your lock screen (and possibly leaking your information in other ways)

It seems reasonable to expect from a browser that has privacy as its main left over selling point.

Removing from triage list.