A new report has claimed that smartphone batteries are broadcasting information that could be used to identify and track their user online – even if they follow strict security procedures – when using browsers including Firefox, Chrome and Opera.
This is due to a flaw in HTML5, the programming language used to create many of the most popular mobile apps around today and in particular the API used to display a battery’s status.
The websites are sent both the estimated time in seconds that the battery will take to fully discharge, as well the remaining battery capacity expressed as a percentage, which could be combined into any one of around 14 million combinations, meaning that they operate as a potential ID number.
The report warns that anyone wanting to track a certain device would simply have to set up a monitoring station to wait for these numbers to appear on a website. Their viewing history could then be tracked as the move around websites.
The authors of the report, Lukasz Olejnik, Gunes Acar, Claude Castelluccia and Claudia Diaz, have called for new regulations that would allow users to make sites ask permission before they see the battery information, as well as suggesting that more information should be given to users about how the battery status software is used.
“The analysis of Web standards, APIs and their implementations can reveal unexpected Web privacy problems by studying the information exposed to Web pages,” the authors concluded.
“The complex and sizable nature of the new Web APIs and their deeper integration with devices make it hard to defend against such threats. Privacy researchers and engineers can help addressing the risks imposed by these APIs by analysing the standards and their implementations for their effect on Web privacy and tracking. This may not only provide an actionable feedback to API designers and browser manufacturers, but can also improve the transparency around these new technologies.”
Are you a security pro? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…