Your battery status is being used to track you online | Technology | The Guardian

https://www.theguardian.com/technology/2016/aug/02/battery-status-indicators-tracking-online

New web APIs give new unexpected ways to track users…

2 Comments

  1. Tomi Engdahl says:

    How your smartphone’s battery life can be used to invade your privacy
    https://www.theguardian.com/technology/2015/aug/03/privacy-smartphones-battery-life

    A group of researchers have demonstrated how to track users with nothing more than their remaining battery power, which could compromise privacy

    Reply
  2. Tomi Engdahl says:

    Battery Status readout as a privacy risk
    https://blog.lukaszolejnik.com/battery-status-readout-as-a-privacy-risk/

    W3C Battery Status API. The mechanism allows a web site to read the battery level of a device (smartphone, laptop, etc.). One of the positive use cases may be, for example, stopping the execution of intensive operations if the battery is running low.

    Battery readouts provide the following information:

    the current level of battery (format: 0.00-1.0, for empty and full, respectively)
    time to a full discharge of battery (in seconds)
    time to a full charge of battery, if connected to a charger (in seconds)

    Those values are updated whenever a new value is supplied by the operating system

    Frequency of changes in the reported readouts from Battery Status API potentially allowed the monitoring of users’ computer use habits; for example, potentially enabled analyzing of how frequently the user’s device is under heavy use. This could lead to behavioral analysis.
    Additionally, identical installations of computer deployments in standard environments (e.g. at schools, work offices, etc.) are often are behind a NAT.

    The information provided by the Battery Status API is not always changing fast. In other words, they are static for a period of time; it may give rise to a short-lived identifier.

    This was surprising! It turned out that in some circumstances it was possible to approximate (recover) the actual battery capacity in raw format; in particular on Firefox under Linux system.

    he study achieved an impact.

    a W3C standard is updated to reflect the privacy analysis
    Firefox browser shipped a fix
    the work received some recognition .

    Trackers use of battery information

    Expected or not, battery readout is actually being used by tracking scripts, as reported in a recent study. Some tracking/analysis scripts (example here) are accessing and recovering this information.

    Battery Status API
    W3C Candidate Recommendation 07 July 2016
    https://www.w3.org/TR/battery-status/

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*