Your battery status is being used to track you online

posted 2 months ago

Battery status indicators are being used to track devices, say researchers from Princeton University – meaning warnings of privacy exposure have come to pass

A little-known web standard that lets site owners tell how much battery life a mobile device has left has been found to enable tracking online, a year after privacy researchers warned that it had the potential to do just that.

The battery status API was introduced in HTML5, the fifth version of the code used to lay out the majority of the web, and had already shipped in Firefox, Opera and Chrome by August 2015. It allows site owners to see the percentage of battery life left in a device, as well as the time it will take to discharge or the time it will take to charge, if connected to a power source.

Intended to allow site owners to serve low-power versions of sites and web apps to users with little battery capacity left, soon after it was introduced, privacy researchers pointed out that it could also be used to spy on users. The combination of battery life as a percentage and battery life in seconds provides offers 14m combinations, providing a pseudo-unique identifier for each device.

Suppose a user loaded their church website in their version of Firefox, and then opened up the website for a satanic cult using a Chrome browser in private browsing mode piped through a secure VPN. Ordinarily, the two connections should be very difficult to associate with one another, but an advert that was loaded on both pages at once would be able to tell that the two devices were almost certainly the same, with the certainty increasing the longer they stayed connected.

Now, two security researchers from Princeton University have shown that the battery status indicator really is being used in the wild to track users. By running a specially modified browser, Steve Engelhard and Arvind Narayanan found two tracking scripts that used the API to “fingerprint” a specific device, allowing them to continuously identify it across multiple contexts.

The research was highlighted by Lukasz Olejnik, one of the four researchers who first called attention to the potential issues with the battery status API in 2015. Although Olejnik achieved some success following his warning, with the body in charge of the web’s standards thanking his group for the privacy analysis, the API still has the potential for misuse. And while it is only tracking scripts using it now, Olejnik warns that unscrupulous actors could do more.

“Some companies may be analysing the possibility of monetising the access to battery levels,” he writes. “When battery is running low, people might be prone to some – otherwise different – decisions. In such circumstances, users will agree to pay more for a service.”

Source: The Guardian

Your battery status is being used to track you online

STAY UP TO DATE WITH THE LATEST TECH NEWS

We like to read the latest tech news, so we post it here for you to read!

LATEST NEWS

Your battery status is being used to track you online

posted 2 months ago

Battery status indicators are being used to track devices, say researchers from Princeton University – meaning warnings of privacy exposure have come to pass A little-known web standard that lets site owners tell how much battery life a mobile device has left has been found to enable tracking online, a year after privacy researchers warned that it had the potential to do just that. The ba Read More

Top-ranked programming Web tutorials introduce vulnerabilities into software

posted 2 months ago

Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been introduced through the use of code from popular but insufficiently reviewed tutorials. The process The researchers identified popular tutorials by inputing search terms such as “mysql tutorial”, “php search fo Read More

Google reportedly planning built-in ad-blocking feature for Chrome

posted 2 months ago

On both its mobile and desktop browsers Google plans to introduce an ad-blocking setting in both the mobile and desktop versions of its Chrome browser, according to The Wall Street Journal. The option would be opt-in, and it would remove any and all “unacceptable” ads as defined by Coalition for Better Ads industry group. Those types of ads include pop-up ads, autoplay videos, and wha Read More

10 Reasons Why Your Domains and WordPress Should Be Kept Separate

posted 2 months ago

There are several popular providers that offer both domains and hosting for WordPress. For over a decade, the standard advice has suggested you should forgo convenience and keep your domains and hosting separate. It makes sense to house your site in the same place where you got your domain, especially since many providers offer seamless user interfaces for managing them both and some also offer Read More

OLDER NEWS

Children as young as 13 attending 'smartphone rehab' as concerns grow over screen time

posted 2 months ago

Children refusing to put down their phones is a common flashpoint in many homes, with a third of British children aged 12 to 15 admitting they do not have a good balance between screen time and other activities. But in the US, the problem has become so severe for some families that children as young as 13 are being treated for digital technology addiction. One ‘smartphone rehab’ cen Read More

AI wins $290,000 in Chinese poker competition

posted 2 months ago

An artificial intelligence program has beaten a team of six poker players at a series of exhibition matches in China. The AI system, called Lengpudashi, won a landslide victory and $290,000 (£230,000) in the five-day competition. It is the second time this year that an AI program has beaten competitive poker players. An earlier version of the program, known as Libratus, beat four of the w Read More

Ten Ways Evolving Technology Affects Cybersecurity

posted 2 months ago

The ever-evolving digital age affects cybersecurity more than most people realize. The rate of cybercrimes has grown exponentially and is consistent with the growth of technology. As technology expands and develops, so do the cybercrimes that are committed. Fortunately, as technology has advanced, so has the ability to seek out cybercrimes before they happen and protect people when they Read More

Investigation finds inmates built computers and hid them in prison ceiling

posted 2 months ago

COLUMBUS, Ohio. The discovery of two working computers hidden in a ceiling at the Marion Correctional Institution prompted an investigation by the state into how inmates got access. In late July, 2015 staff at the prison discovered the computers hidden on a plywood board in the ceiling above a training room closet. The computers were also connected to the Ohio Department of Rehabilitation and Co Read More

Two Lines Of Code Are About To Upend A $20 Billion Industry

posted 2 months ago

Imagine you’re on a business trip and killing time at the airport before your next flight. You’re excited to get home because you just put in a bid on the perfect house. The market is competitive and your biggest fear is losing out because of a paperwork glitch. Suddenly, the phone rings. On the other end is the escrow agent. Sure enough, the paperwork is incomplete. For the next 25 m Read More

JOIN US ON FACEBOOK