Your smartphone and laptop battery life could endanger your privacy

 
Related

Rescued bear, lion and tiger "brothers" refuse to be separated after 15 years together

Puyol Mos
708 points

Human Trials For A Vaccine That Destroys Cancerous Tumors Just Began

Puyol Mos
532 points



Most recent

Tomar fotos haciendo pintura

El diario de Enrique
34 points

Hablamos de COVID-19 y sus variantes: El riesgo de muerte se triplica en los pacientes no vacunados

NOTICIAS-ETF
136 points

Hallan en la Antártida superbacterias capaces de generar nuevas enfermedades

NOTICIAS-ETF
22 points

Colombianos diversifican inversiones, ante escenarios económicos y sociopolíticos adversos

Image Press
40 points

Un virólogo del CSIC vaticina cada cuánto tiempo habrá que vacunarse contra el Covid-19

NOTICIAS-ETF
234 points

Fernando Simón explica por qué se dispararán los contagios de Covid este verano

NOTICIAS-ETF
60 points

Modelos de Cat phones acumulan 49 premios en 10 años

Comms1
32 points

LAS BOTAS ALTAS DE CAUCHO SON EL PEOR ENEMIGO DE LOS CAMPESINOS

Image Press
12 points

Johnson Controls fortalece la seguridad del sector bancario en América Latina

TECH2022
44 points

Simplemente Gracias, la nueva apuesta de LOS TRI-O por la música romántica

TECH2022
26 points
SHARE
TWEET
Think your private browsing session is really private? A new paper shows how your smartphone or laptop's battery can be used to compromise your privacy.

Your smartphone and laptop battery life could endanger your privacy

A HTML5 feature called the Battery Status API lets websites check the status of your device's battery with such precision that it could be used to track you in short time intervals, researchers claim. And that's even if you're using identity-concealing software such as Tor.

This happens because the Battery Status API can pull several pieces of information about your device's battery — level, charging time and discharging time. Combined, this data is nearly unique for each device, meaning it allows potential attackers to create a digital fingerprint of your device and track your activities on the web.

"In short time intervals, Battery Status API can be used to reinstantiate tracking identifiers of users, similar to evercookies. Moreover, battery information can be used in cases where a user can go to great lengths to clear her evercookies. In a corporate setting, where devices share similar characteristics and IP addresses, the battery information can be used to distinguish devices behind a NAT, of traditional tracking mechanisms do not work," the paper claims.

The paper, signed by French and Belgian security researchers Lukasz Olejnik, Gunes Acar, Claude Castelluccia, and Claudia Diaz, and first reported on by The Guardian, claims that, as of June 2015, Firefox, Opera and Chrome support the HTML5 feature.

This sort of tracking would be very hard to escape, since practically all devices are vulnerable. The risk is, however, higher for old or used batteries with reduced capacities.

According to the paper, the potential privacy issues of the Battery Status API have been discussed as early as 2012, but the API was not revised to alleviate them.

The issue is extremely easy to fix, researchers argue: Just make the battery readings less precise. By rounding the values down, none of the functionality would be lost, but it would be nearly impossible to track a user down.

Fuente: mashable.com
SHARE
TWEET
To comment you must log in with your account or sign up!
Featured content