[css-color-4] split security & privacy as required by new wide review

svgeesus · svgeesus · commit 9d657170dd21 · 2021-10-23T20:25:04.000+03:00
diff --git a/css-color-4/Overview.bs b/css-color-4/Overview.bs
@@ -5820,16 +5820,14 @@ Changes from Colors 3</h3>
 		<li>4 and 8-digit hex colors have been added, to specify transparency.
 	</ol>
 
-Security and Privacy Considerations {#priv-sec}
-===============================================
 
-This specification defines "system" colors,
-which theoretically can expose details of the user's OS settings,
-which is a fingerprinting risk.
+
+Security Considerations {#security}
+===================================
 
 The system colors,
 if they actually correspond to the user's system colors,
-also pose a security risk,
+pose a security risk,
 as they make it easier for a malware site
 to create user interfaces that appear to be from the system.
 However, as several system colors are now defined to be "generic",
@@ -5841,6 +5839,14 @@ These do not contain executable code,
 and thus do not constitute an increased security risk.
 
 
+Privacy Considerations {#privacy}
+===================================
+
+This specification defines "system" colors,
+which theoretically can expose details of the user's OS settings,
+which is a fingerprinting risk.
+
+
 Accessibility Considerations {#a11y-sec}
 ========================================
 
