Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Bug Privacy

Privacy Alert: Your Laptop Or Phone Battery Could Track You Online 95

Mark Wilson writes: Is the battery in your smartphone being used to track your online activities? It might seem unlikely, but it's not quite as farfetched as you might first think. This is not a case of malware or hacking, but a built-in component of the HTML5 specification. Originally designed to help reduce power consumption, the Battery Status API makes it possible for websites and apps to monitor the battery level of laptops, tablets, and phones. A paper published by a team of security researchers suggests that this represents a huge privacy risk. Using little more than the amount of power remaining in your battery, it is possible for people to be identified and tracked online. As reported by The Guardian, a paper entitled The Leaking Battery by Belgian and French privacy and security experts say that the API can be used in device fingerprinting.
This discussion has been archived. No new comments can be posted.

Privacy Alert: Your Laptop Or Phone Battery Could Track You Online

Comments Filter:
  • We need an OS fix (Score:5, Interesting)

    by Anonymous Coward on Monday August 03, 2015 @03:46PM (#50243439)

    If the OS randomizes the LSBs of the value every time it is asked that would reduce the use for tracking but still provide the function that might be useful to a user.

    • by Anonymous Coward on Monday August 03, 2015 @04:08PM (#50243617)

      We shouldn't resort to hacks like that.

      Seriously, get rid of this shitty functionality. It does not belong in a web browser.

      After getting rid of this battery shit, get rid of the goddamn video and audio capabilities that have been added recently. If a website wants me to watch some audio or video, it can serve up a file that VLC or some other external player can play, after I've been promoted to allow this to happen.

      Since they audio and video shit would be gone, the motherfucking DRM that has been added lately can be totally removed, too.

      Get rid of JavaScript, too. It's a total piece of shit, and it hasn't gotten any better after 20 frigging years! If a browser needs to be scriptable, at least use a real language, like Lua or Python.

      We shouldn't hack around this idiotic functionality that's been added to web browsers lately. We should remove it completely.

      • by Anonymous Coward on Monday August 03, 2015 @05:25PM (#50244183)

        I was starting to think the API was the most stupid thing ever, but I realize how to turn it to my advantage. The API is present so that websites can know to dial down the dumb crap when the user's device has low battery. All I'll need to do is hack the browser so that it permenantly reports the battery level as 10% of a full charge. If I'm lucky, that will make the sites revert to being useful.

        • by AmiMoJo ( 196126 )

          The API is present so that websites can know to dial down the dumb crap when the user's device has low battery.

          I think you will find that its primary purpose is to display full screen ads screaming "LOW BATTERY!!! CLICK HERE TO BUY MEGA-ULTRA-BATTERY OVER 9000mAh TOP QUALITY IPHONE LAPTOP ANDROID WINDOWS 10 GENUINE" with the volume at 109%.

      • by mjwx ( 966435 )

        After getting rid of this battery shit, get rid of the goddamn video and audio capabilities that have been added recently.

        I dont agree with this.

        What we need is a browser that has this capability but does _NOT_ under any circumstances allow it to autoplay. Flashblock used to perform this functionality admirably, but since we all moved to HTML5 and all its magical wonder we've gone back to the point where browsers automatically play anything.

        And I warned all of you years ago you'd rue the day you bli

      • Ever since marca came up with that inline image shit everything has been downhill.

        "marca digs goto"; shoulda known how this would turn out...

      • You had me until Python. Any language where whitespace has meaning... I still can't believe such a thing actually caught on.

        • Any language where whitespace has meaning... I still can't believe such a thing actually caught on.

          I don't know how English caught on with things like "experts exchange" vs. "expert sex change" or "mole station nursery" vs. "molestation nursery" or "who represents" vs. "whore presents" or "pen island" vs., you know... [orain.org]

      • If a website wants me to watch some audio or video, it can serve up a file that VLC or some other external player can play, after I've been promoted to allow this to happen.

        If you happen not to have a compatible video player installed on the machine that you are presently using, what message or prompt should the system display? Offer a chance to install a "codec pack"? That's what we had before Flash, and malware developers learned that it was effective to to disguise an installer as a codec pack or Flash Player update. And if a web application wants to play several audio streams at a time, such as a game that wants to play both music and sound effects, how would it "serve up

    • by Ghostworks ( 991012 ) on Monday August 03, 2015 @04:13PM (#50243659)

      I'm going to propose a more radical fix: we need to stop letting the DOM have reliable access to so damn much information.

      When we started the move away from webpages and toward web applications, we let the DOM have access to pretty much everything, because applications are big and general and data-hungry: The DOM captures keystrokes so each website can have it's own controls and hotkeys (and which unintentionally lets a user be identified by keystroke dynamics). The DOM has access to blocks of offline memory so that applications can be stable offline or when infrequently connected (and which is another vector for super-cookie tracking). It has access to viewports and peripherals for responsive layouts (which is more data for a browser signature that can easily allow user activity to be correlated). CSS needs read access to layout colors if it's going to be changing them dynamically (which means that those colored as recently-visited by the browser are know, which allows for history-based signatures).

      Hell, we still have to live with all the ancient tracking methods and features like HTTP referer [sic], cookies, and user agent strings. And even though the World Wide Web was meant to be extensible, fail gracefully wherever possible, and be tolerant or varying levels of technological support, most modern websites will go out of their way to detect that you are not 100% compliant with their demands, then tell you to play by their rules or get off the net. Usually this is couched in the language of "reasonable compatibility testing" or "consistent experience", but most such sites will work perfectly well once you spoof some parameter, thus proving it wasn't necessary after all (for example, Gmail after spoofing javascript). Some I can only believe are deliberately architectured to fail: static pages which could be served entirely as native HTML, but instead decided to have just enough HTML to call Javascript to do all the real work by manipulating DOM to insert HTML into a mostly-blank structure (looking at you, Board Game Geek).

      The DOM has demanded every piece of data available to the browser in the name of ever more byzantine applications, even though all but an insignificant portion of the web is still consumed in a page-like way. You can use NoScript and set Opera/Firefox/Chrome preferences until your blue in the face, but you will never reduce your tracking cross-section while the standards bodies insist on pushing these very broad, demanding features in the standards themselves.

      • by Anonymous Coward

        Yes, we need to stop doing apps in the web browser, and start doing apps in actual applications. It's like the world has forgotten that the internet is accessible outside of the web browser.

        The main issue preventing that is that OS security sucks. It should be possible to run a random application downloaded from the internet without giving that application access to all of my files and everything else I'm able to do on my computer, but for some reason we're stuck in the stone ages of computer security, wh

        • Yes, we need to stop doing apps in the web browser, and start doing apps in actual applications.

          Applications for which platform? Good luck running a native application on Windows if it has not been ported to Windows, or on a Mac if it has not been ported to OS X.

          A word processor can simply call an OS API to open a file, then get permission to access that file when you choose to open it.

          Repetitive "Cancel or Allow?" dialogs for elevation to administrator is something for which Apple's Mac commercials used to satirize Microsoft [youtube.com]. And now you're proposing to show one every time a word processor opens a file. Heaven help you if you're running a compiler toolchain that may open hundreds of files when rebuilding a complex project.

    • Kill either the percentage or the time part of the spec and it won't be nearly as specific.

      And why the fuck is this shit in a markup language specification in the first place?

      • Re: (Score:1, Funny)

        by Anonymous Coward

        And why the fuck is this shit in a markup language specification in the first place?

        Because someone Need Such Ability. :)

    • Probably the best fix for these shenanigans is a VM. Since the VM has no clue what battery status it is running on, nor CPU (especially if you use CPU masking), there is a lot less an advertiser can go on, especially if the VM is rolled back to a clean snapshot after each browsing session.

      However, this does nothing against browser fingerprinting (actually nothing really does help here.)

    • by Anonymous Coward on Monday August 03, 2015 @04:37PM (#50243871)

      This kind of shit makes me yearn for the days of what I'll call Old Mozilla. I'm talking about Mozilla like it was back in the early days of Phoenix/Firebird/Firefox, when providing a damn good browser was the most important thing. They wouldn't have stood for dumb functionality like this ending up in the browser. It's totally unnecessary, and totally out of place. In the days of Old Mozilla, that would have been apparent, and this functionality would never have gotten implemented in the first place. We wouldn't have to fuck around with the dom.battery.enabled config option.

      But Modern Mozilla? They've shown us time and time again that they apparently don't give a flying fuck about providing a good browser experience. Firefox 4 and every release after it have been a massive clusterfuck or disaster of one sort or another. The usability of Firefox's UI is like shit in a urinal today. We've seen almost no visible improvement to Firefox's memory usage and performance under real-world usage as well (so fuck off with the useless, totally unrealistic "Are We Fast Yet?" pseudobenchmarks that don't tell the real story!). Then there has been all of the shit about ads and Pocket lately. And we can't forget about Firefox OS, one of the biggest and most wasteful software development failures we've seen in ages.

      Each and every day I wish that Old Mozilla came back, or something close to it formed. Sorry, Pale Moon doesn't cut it. Vivaldi [vivaldi.com] is showing some potential, but it has its own problems.

      Is it really too much to ask for Mozilla to go back to doing the right thing with Firefox? Is it really too much to ask for them to make Firefox about the users first and foremost? Is it really too much to ask for them to throw out stupid functionality, or just to avoid implementing it in the first place?

    • If the user can track a battery life remaining then the computer can too. That's one of the fundamental problems in making something that is designed to be tracked by one thing but not another.

    • I don't see how it invades privacy at all. It can only tell you're the same person within the next 5 minutes. What use is that?
  • by QuietLagoon ( 813062 ) on Monday August 03, 2015 @03:49PM (#50243465)
    The EFF Coalition has just proposed a new Do Not Track standard.
  • Me (Score:1, Funny)

    If anyone sees a laptop battery that jumps to 55% after a few minutes of 100%, that'd be me.
  • in firefox (Score:3, Informative)

    by Anonymous Coward on Monday August 03, 2015 @04:05PM (#50243595)

    Is story about that:
    dom.battery.enabled false

  • It seems like this really is not useful for tracking you long-term.

    But it could be useful for tracking a user in the short term if the API can give you charge/discharge rates along with capacity.

    Still... I would think you are giving more away with simple meta information (headers, etc).

    • Nonsense. The whole thing is complete bullshit. There is no fucking way in hell that my battery status can be used to derive a physical location. Period. End of story.
      • by tepples ( 727027 )

        A lot of the things called "track you" aren't as much about tracking your physical location as about associating a particular session with another session as being the same person. This way, sites can correlate these unique identifiers and build a dossier about each user.

  • by Anonymous Coward

    And why, why, why is the DOM trusted to know this?

  • by johnrpenner ( 40054 ) on Monday August 03, 2015 @04:31PM (#50243821) Homepage

    | the estimated time in seconds that the battery will take to
    | fully discharge, as well the remaining battery capacity
    | expressed as a percentage. Those two numbers, taken together,
    | can be in any one of around 14 million combinations, meaning
    | that they operate as a potential ID number

    okay — so why not decrease the provided resolution of the values?

    i.e. time til battery discharges expressed in minutes instead of seconds,
    and remaining battery capacity expressed to the nearest 5% -- this will
    provide substantially less unique combinations to ID your battery, while
    still being sufficiently useful enough for what the feature was intended.

    2cents
    jp

    • Give the "worst-case" time left rounded to the nearest 15 minutes, with some maximum ("more than 2 hours, but I won't tell you how much more").

      By "worst case" I mean the amount of time if the device goes into "maximum power use" mode and stays there until it shuts off.

      Oh, and to further prevent profiling, as the battery drains or charges have the "switch over point" to the next "reported" value be slightly off of "real." For example, if it's got 38 minutes left, it will report "30 minutes." But change it

    • Because it's the tip of the iceberg. If you make something that's designed to allow users to track their usage then it could be used to formulate an ID by a computer as well. Sure the combinations may be higher, but combined with your OS, Browser version, plugin list, screen resolution, language, ... snip ... remaining battery life, you end up with a pretty unique fingerprint without any individual item being very unique to you.

    • Did anyone actually read the actual paper? They were only able to track Firefox browsers on Linux due to the precision of the battery level outputs. Their recommendation was to limit the precision to two significant digits, something a home and Opera were already doing, and something all of them do on every other OS. So this is only applicable to that 2% of PC users running Linux desktops with their tin foil hats. For the vast majority of us, THIS DOESNT WORK!

  • Now batteries can fucking track you? I don't need websites to know how much battery power I have. Who the hell thought this was a good idea, and fuck them all to hell in advance.
    • by guruevi ( 827432 )

      It is useful for HTML5 local applications. The problem with JavaScript is that variables can be transmitted without a whole lot of warning to the user(s). If we had something akin to Perl's Taint Mode - something that prevents you from using or affecting 'outside' data sources without your explicit cleaning/permission in JavaScript, we'd be a whole lot further.

      • Can you expound. I don't understand your suggestion.

        • by guruevi ( 827432 )

          Look up Perl Taint Mode. It basically throws up an error if you have not properly cleaned your variables that are sourced from outside (eg. user input) and in turn affect outside sources (eg. SQL query).

          If we had something similar for JavaScript where an outside variable or personal data objects were 'tainted' and required user permissions and developer cleanup before they went back out. That way the system can't leak data. Something similar to the pop-up box on iOS (or it's lesser/broken version on Android

          • It seems like a difficult system to put together. The odds are there are going to be holes. But, far more importantly, it seems these could be done when the API call is made, no need to track data taint.

            Android apps ask for freaking every permission. That's the real concern. How do we stop asshats from wanting it all?

  • We used to have applications run locally. They used to have a lot more freedom - any and all apps could know exactly who you are and what your computer's UUID was, not only how your battery's doing. Today most of what you use - the obvious examples being your mail and to a lesser extent office suite - is at least sandboxed inside your browser.

    This is not to say there hasn't been a rise in tracking, but the story just got me thinking that maybe it's a good thing it's being done in a browser.
    (And you should b

    • We used to have applications run locally. They used to have a lot more freedom - any and all apps could know exactly who you are and what your computer's UUID was, not only how your battery's doing.

      Except web apps aren't primarily replacing other apps. They are replacing static content. It's like when they allowed people to put code in PDFs. Sure, I suppoe it was somewhat sandboxed and better than a special purpose EXE, but the alternative that is supplanted really was a static PDF with form information.

  • by Anonymous Coward

    Set this to false in about:config.

  • by Lehk228 ( 705449 ) on Monday August 03, 2015 @06:44PM (#50244687) Journal
    so why not set a sequence of battery states rather than actual %. "excellent" "ok" "poor" "critical" with 'excellent' being defined as ok to use as much resources as the application would like, 'ok' would be a request to minimize unnecessary utilization 'poor' being an enforced power restriction mode and 'critical' being an explicit warning that failure is imminent and data being handled may be lost instead of saved. The thresholds themselves will vary based on device and user settings. for example my blackberry cuts off radio signal below about 7% battery and so should export 'critical' around 10% shortly before it ceases communication and it refuses to turn on the camera light below around 17% (exact % point varies i think the actual decision is based on current battery voltage data not exposed to the user) so around there should trigger poor. there should be a setting of when to request lower intensity web pages on the power or browser settings that would tweak the excellent/ok point, and of course on a charger would put the device into excellent.
  • There's already plenty of info that websitse can use to identify you - https://panopticlick.eff.org/ [eff.org]

  • Firefox: go to "about:config" in the address bar. Search for "dom.battery.enabled" and double-click to set it to false.
  • Just a PSA, TOR browser defaults to false.

Avoid strange women and temporary variables.

Working...