Can someone explain how they can keep the passthrough video private? Sounds like they're saying the data is processed on a separate worker that can't access the network, but that worker obviously needs to pass data back to the main thread so that UI/content can be rendered in response to the video.
Perhaps they don't allow "custom" processing by the dev? E.g. can only use FB's face/pose/etc detector? That would be quite limiting though.
Maybe they only allow passing back a small amount of information per frame? That'd still make it possible to leak information over several frames (if GAN latents are anything to go by, there aren't that many bits of information in a human face, for example).
Like much in this announcement, the details are still to be revealed; but this is from the Developer blog :
Apps that use Passthrough API cannot access, view, or store images or videos of your physical environment from the Oculus Quest 2 sensors. This means raw images from device sensors are processed on-device.
Perhaps they don't allow "custom" processing by the dev? E.g. can only use FB's face/pose/etc detector? That would be quite limiting though.
Maybe they only allow passing back a small amount of information per frame? That'd still make it possible to leak information over several frames (if GAN latents are anything to go by, there aren't that many bits of information in a human face, for example).