Slashdot Mirror
Privacy Alert: Your Laptop Or Phone Battery Could Track You Online
Mark Wilson writes: Is the battery in your smartphone being used to track your online activities? It might seem unlikely, but it's not quite as farfetched as you might first think. This is not a case of malware or hacking, but a built-in component of the HTML5 specification. Originally designed to help reduce power consumption, the Battery Status API makes it possible for websites and apps to monitor the battery level of laptops, tablets, and phones. A paper published by a team of security researchers suggests that this represents a huge privacy risk. Using little more than the amount of power remaining in your battery, it is possible for people to be identified and tracked online. As reported by The Guardian, a paper entitled The Leaking Battery by Belgian and French privacy and security experts say that the API can be used in device fingerprinting.
If the OS randomizes the LSBs of the value every time it is asked that would reduce the use for tracking but still provide the function that might be useful to a user.
The EFF Coalition has just proposed a new Do Not Track standard.
At this point, parents should probably just encourage their children to walk around downtown talking to strangers as much as possible. At least if they're out talking to strangers, it will actually slow down the speed at which all their intimate personal details are being disseminated who knows where by every single electronic device in the house.
Who thought this was a good idea for HTML5? Why would a website need to know how much battery I have left (maybe so it can send more and more-obnoxious ads to me if my battery will stand it.)
Sounds like the ideal sort of thing to be able to disable (or provide a random response to) in the browser.
If anyone sees a laptop battery that jumps to 55% after a few minutes of 100%, that'd be me.
Is story about that:
dom.battery.enabled false
It seems like this really is not useful for tracking you long-term.
But it could be useful for tracking a user in the short term if the API can give you charge/discharge rates along with capacity.
Still... I would think you are giving more away with simple meta information (headers, etc).
My eyes reflect the stars and a smile lights up my face.
We shouldn't resort to hacks like that.
Seriously, get rid of this shitty functionality. It does not belong in a web browser.
After getting rid of this battery shit, get rid of the goddamn video and audio capabilities that have been added recently. If a website wants me to watch some audio or video, it can serve up a file that VLC or some other external player can play, after I've been promoted to allow this to happen.
Since they audio and video shit would be gone, the motherfucking DRM that has been added lately can be totally removed, too.
Get rid of JavaScript, too. It's a total piece of shit, and it hasn't gotten any better after 20 frigging years! If a browser needs to be scriptable, at least use a real language, like Lua or Python.
We shouldn't hack around this idiotic functionality that's been added to web browsers lately. We should remove it completely.
And why, why, why is the DOM trusted to know this?
| the estimated time in seconds that the battery will take to
| fully discharge, as well the remaining battery capacity
| expressed as a percentage. Those two numbers, taken together,
| can be in any one of around 14 million combinations, meaning
| that they operate as a potential ID number
okay — so why not decrease the provided resolution of the values?
i.e. time til battery discharges expressed in minutes instead of seconds,
and remaining battery capacity expressed to the nearest 5% -- this will
provide substantially less unique combinations to ID your battery, while
still being sufficiently useful enough for what the feature was intended.
2cents
jp
Probably the best fix for these shenanigans is a VM. Since the VM has no clue what battery status it is running on, nor CPU (especially if you use CPU masking), there is a lot less an advertiser can go on, especially if the VM is rolled back to a clean snapshot after each browsing session.
However, this does nothing against browser fingerprinting (actually nothing really does help here.)
This kind of shit makes me yearn for the days of what I'll call Old Mozilla. I'm talking about Mozilla like it was back in the early days of Phoenix/Firebird/Firefox, when providing a damn good browser was the most important thing. They wouldn't have stood for dumb functionality like this ending up in the browser. It's totally unnecessary, and totally out of place. In the days of Old Mozilla, that would have been apparent, and this functionality would never have gotten implemented in the first place. We wouldn't have to fuck around with the dom.battery.enabled config option.
But Modern Mozilla? They've shown us time and time again that they apparently don't give a flying fuck about providing a good browser experience. Firefox 4 and every release after it have been a massive clusterfuck or disaster of one sort or another. The usability of Firefox's UI is like shit in a urinal today. We've seen almost no visible improvement to Firefox's memory usage and performance under real-world usage as well (so fuck off with the useless, totally unrealistic "Are We Fast Yet?" pseudobenchmarks that don't tell the real story!). Then there has been all of the shit about ads and Pocket lately. And we can't forget about Firefox OS, one of the biggest and most wasteful software development failures we've seen in ages.
Each and every day I wish that Old Mozilla came back, or something close to it formed. Sorry, Pale Moon doesn't cut it. Vivaldi is showing some potential, but it has its own problems.
Is it really too much to ask for Mozilla to go back to doing the right thing with Firefox? Is it really too much to ask for them to make Firefox about the users first and foremost? Is it really too much to ask for them to throw out stupid functionality, or just to avoid implementing it in the first place?
Now batteries can fucking track you? I don't need websites to know how much battery power I have. Who the hell thought this was a good idea, and fuck them all to hell in advance.
Amen. These egghead web developers need to stop now. It's a lousy application platform anyway. It was a fun experiment but get serious now.
We used to have applications run locally. They used to have a lot more freedom - any and all apps could know exactly who you are and what your computer's UUID was, not only how your battery's doing. Today most of what you use - the obvious examples being your mail and to a lesser extent office suite - is at least sandboxed inside your browser.
This is not to say there hasn't been a rise in tracking, but the story just got me thinking that maybe it's a good thing it's being done in a browser.
(And you should be whitelisting the use of cookies and javascript - and blocking unnecessary trackers).
Set this to false in about:config.
Give the "worst-case" time left rounded to the nearest 15 minutes, with some maximum ("more than 2 hours, but I won't tell you how much more").
By "worst case" I mean the amount of time if the device goes into "maximum power use" mode and stays there until it shuts off.
Oh, and to further prevent profiling, as the battery drains or charges have the "switch over point" to the next "reported" value be slightly off of "real." For example, if it's got 38 minutes left, it will report "30 minutes." But change it to "15 minutes" at some random point between 25 and 35 minutes and, if the device starts charging, change it to "45 minutes" at some random point between 40 and 50 minutes.
Oh, and as for the percentage left, there's no reason for a web site to have that information.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I was starting to think the API was the most stupid thing ever, but I realize how to turn it to my advantage. The API is present so that websites can know to dial down the dumb crap when the user's device has low battery. All I'll need to do is hack the browser so that it permenantly reports the battery level as 10% of a full charge. If I'm lucky, that will make the sites revert to being useful.
so why not set a sequence of battery states rather than actual %. "excellent" "ok" "poor" "critical" with 'excellent' being defined as ok to use as much resources as the application would like, 'ok' would be a request to minimize unnecessary utilization 'poor' being an enforced power restriction mode and 'critical' being an explicit warning that failure is imminent and data being handled may be lost instead of saved. The thresholds themselves will vary based on device and user settings. for example my blackberry cuts off radio signal below about 7% battery and so should export 'critical' around 10% shortly before it ceases communication and it refuses to turn on the camera light below around 17% (exact % point varies i think the actual decision is based on current battery voltage data not exposed to the user) so around there should trigger poor. there should be a setting of when to request lower intensity web pages on the power or browser settings that would tweak the excellent/ok point, and of course on a charger would put the device into excellent.
Snowden and Manning are heroes.
What a sad, sad, sad life you must have.
I dont agree with this.
What we need is a browser that has this capability but does _NOT_ under any circumstances allow it to autoplay. Flashblock used to perform this functionality admirably, but since we all moved to HTML5 and all its magical wonder we've gone back to the point where browsers automatically play anything.
And I warned all of you years ago you'd rue the day you blindly adopted HTML5 as the browser Jesus.
Calling someone a "hater" only means you can not rationally rebut their argument.
There's already plenty of info that websitse can use to identify you - https://panopticlick.eff.org/
No, every website will pop-up "It looks like you're battery is getting low, here's 5 ads for a new battery." or "Pay $3.99 for our app version of the site that's more efficient than this browser." or "Pay $0.99 to switch to the low power version of our site. We think you're going to get another notification in the new few minutes! Don't miss them, they might be the most important messages of your life!"
Well, now that I noticed your post is modded Funny I guess this one could be modded redundant.
Firefox: go to "about:config" in the address bar. Search for "dom.battery.enabled" and double-click to set it to false.
Just a PSA, TOR browser defaults to false.
Ever since marca came up with that inline image shit everything has been downhill.
"marca digs goto"; shoulda known how this would turn out...
Why does sexconker keep this up?
HTML video/audio elements and DOM scripting are transparent to the client. It shouldn't be so hard for a browser or browser extension to block media autostart. It is strange that no extension seems to do it reliably. But according to bugzilla, setting media.autoplay.enabled to false in Firefox (v41+) should now prevent all autostarts without user interaction.
GP: what a strawman. Media elements were added to HTML so we can finally get rid of uncontrollable, unsafe binary plugins/programs like Flash or VLC being launched from/embedded in the browser. Before HTML media there was codec hell, and online videos and codecs were a major attack vector. HTML media elements don't require DRM and you can choose to not install DRM in certain browsers.
Whinge, whinge, whinge. You can use lynx or w3m. No built-in video player, no built-in audio, no DRM, no javascript.
There you go, now you can quit your bullshit.
The API is present so that websites can know to dial down the dumb crap when the user's device has low battery.
I think you will find that its primary purpose is to display full screen ads screaming "LOW BATTERY!!! CLICK HERE TO BUY MEGA-ULTRA-BATTERY OVER 9000mAh TOP QUALITY IPHONE LAPTOP ANDROID WINDOWS 10 GENUINE" with the volume at 109%.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
You had me until Python. Any language where whitespace has meaning... I still can't believe such a thing actually caught on.
Any language where whitespace has meaning... I still can't believe such a thing actually caught on.
I don't know how English caught on with things like "experts exchange" vs. "expert sex change" or "mole station nursery" vs. "molestation nursery" or "who represents" vs. "whore presents" or "pen island" vs., you know...
If a website wants me to watch some audio or video, it can serve up a file that VLC or some other external player can play, after I've been promoted to allow this to happen.
If you happen not to have a compatible video player installed on the machine that you are presently using, what message or prompt should the system display? Offer a chance to install a "codec pack"? That's what we had before Flash, and malware developers learned that it was effective to to disguise an installer as a codec pack or Flash Player update. And if a web application wants to play several audio streams at a time, such as a game that wants to play both music and sound effects, how would it "serve up a file" for each in an efficient manner?
Yes, we need to stop doing apps in the web browser, and start doing apps in actual applications.
Applications for which platform? Good luck running a native application on Windows if it has not been ported to Windows, or on a Mac if it has not been ported to OS X.
A word processor can simply call an OS API to open a file, then get permission to access that file when you choose to open it.
Repetitive "Cancel or Allow?" dialogs for elevation to administrator is something for which Apple's Mac commercials used to satirize Microsoft. And now you're proposing to show one every time a word processor opens a file. Heaven help you if you're running a compiler toolchain that may open hundreds of files when rebuilding a complex project.
I understand what you're talking about and have mentioned it in the past, using OLPC Bitfrost as an example. It's just that before such a system is put into place, policies need to be designed carefully so as not to break common productive scenarios in favor of over-optimizing for a non-technical home user who uses a device only view works created by others, not to create his own works.
The file open dialogue is the "allow" operation.
Would the permission through a file open dialog persist across closing and reopening an application? If not, the "Recent Files" list isn't going to work.
I think I'd kind of like it if the OS popped up a "cancel or allow" window when my word processor decides it needs to access the internet.
Once for the program, once for each time you open the program, or once for each socket? It could get tiring when you have to reallow an application's built-in document synchronization service every time it tries to reconnect to Dropbox, Google Drive, Microsoft OneDrive, some SFTP or rsync server, or whatever else. Also imagine 100 different "Allow $browser to connect to the DNS server?" and "Allow $browser to connect to this hostname?" every time you navigate to a different page in a web browser.
As for a compiler toolchain, would it be so terrible if you were required to use the OS's file manager to first move the files you want to compile into a directory to which you've given the compiler access?
Yes. Having to remember to manually copy each changed source code file from the version-controlled directory to the compiler's home directory using the graphical file manager every time I edit one source code file is problematic, as forgetting to copy a file would cause my repository not to match what is being compiled. The other way I can think of would involve allowing the user to give an application persistent full read-write access to a directory, such as the directory containing the source code files on which I am working. The latter would just encourage the user to shortcut all security by giving all applications access to the user's entire home directory. And even then, because the executable's hash has changed after having recompiled and relinked it, the operating system is likely to ask the user to reauthorize everything when the newly compiled version of the application runs. This can become tedious if an application depends on over a dozen resources, such as a game's asset files or its connection to Internet services.
If you want to talk about stupid, let's talk about prompting people for passwords every time they do simple things like change the system time. Allowing users to change the system time is not a security concern when it is their computer.
Say a public library owns a computer open to the public. Would the library's IT department want random patrons, who do not own the computer, to change the system time? Distinguishing between a computer's owner and its other users is why changing system time requires elevation.
[Lack of portability of native apps] is a problem that can be solved. For example, most people writing Minecraft mods don't give a fuck about Linux, yet I can still use the software they write, because they wrote it in Java. Now Java is an awful language
What language is cross-platform and not "awful"? If none, then anybody proposing it will face an uphill battle after the debacles of Java, Flash, Silverlight, and (in your opinion) JavaScript. And then the user would just get double-spammed with authorization requests, when the operating system asks "Allow Java to access $file?" and then Java asks "Allow $program to access $file?".
Even applications written by trustworthy people are hacked by untrustworthy people, and so we need security against all software no matter what the source.
[devil's advocate] Then allow only executables signed
Can ab+ do 16 things hosts do for speed, security, & reliability:
1.) Protect vs. malicious sites/servers (past ads)
2.) Protect vs. fastflux botnets + stop C&C communique
3.) Protect vs. dynamic dns botnets + stop C&C communique
4.) Protect vs. DGA botnets + stop C&C communique
5.) Protect vs. downed DNS (adds reliability)
6.) Protect vs. DNS redirect poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phish
10.) Protect vs. caps
11.) Get you past a dnsbl
12.) Keep you off dns request logs
13.) Speed up surfing by adblocks & hardcoded fav. sites
14.) Work on anything webbound (ie email programs) multiplatform.
15.) Give you easily controlled data
16.) Do all that & block ads better than addons more efficiently in cpu cycles + memory usage
* ANSWER ="NO" to each above on ab+ doing it + hosts = already on every device natively.
APK
P.S.=> Ab+ does less than hosts & less efficiently - hosts do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried):
Ab+'s 128mb memory inefficiency -> http://cdn.ghacks.net/wp-conte... (hosts consume 3-11mb using my program initially).
+
ClarityRay defeats it by dumping addons in use in a browser via native browser methods!
+
Ab+'s paid to not do its job http://finance.yahoo.com/news/...
Ab+ adds complexity from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).
What's best?
APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...
&
It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
In its 32-bit model also https://www.virustotal.com/en/...
... apk
Can ghostery do 16 things hosts do for speed, security, & reliability:
1.) Protect vs. malicious sites (past ads)
2.) Protect vs. fastflux botnets + stop communique to C&C servers
3.) Protect vs. dynamic dns botnets + stop communique to C&C servers
4.) Protect vs. DGA botnets + stop communique to C&C servers
5.) Protect vs. downed DNS (reliability)
6.) Protect vs. DNS redirect poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phishing
10.) Protect vs. bandwidth caps
11.) Get you by a dnsbl
12.) Keep you off dns request logs
13.) Speed up surfing by adblocks & hardcoded fav. sites
14.) Work on anything webbound (e.g. stand-alone email programs) multiplatform.
15.) Give you easily controlled data
16.) Block ads more efficiently in cpu + memory use vs. addons
* ANSWER ="NO" to each on Ghostery doing all that let alone as well as hosts do!
APK
P.S.=> Addons do FAR less than hosts do & FAR less efficiently - hosts by way of comparison, do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried):
Ghostery (Advertiser owned) - "Fox guards henhouse" -> http://en.wikipedia.org/wiki/G...
Addons add complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).
ClarityRay DETECTS browser addons like Ghostery & blocks them (not hosts) via native browser methods.
What's better than ghostery by FAR?
APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...
&
It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
In its 32-bit model also https://www.virustotal.com/en/...
... apk
Can ublock do 16 things hosts do for speed, security, & reliability:
1.) Protect vs. malicious sites (past ads)
2.) Protect vs. fastflux botnets + stop C&C communique
3.) Protect vs. dyndns botnets + stop C&C communique
4.) Protect vs. DGA botnets + stop C&C communique
5.) Protect vs. downed DNS (4 reliability)
6.) Protect vs. redirect poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phishing
10.) Protect vs. caps
11.) Get you by dnsbl
12.) Keep you off dns request logs
13.) Speed up surfing by adblocks & hardcoded favs
14.) Work on anything webbound (ie email programs) multiplatform.
15.) Give you easily controlled data
16.) Do those & block ads better than addons more efficiently in cpu + memory use
* ANSWER ="NO" to each on UBlock doing it as well or @ all!
APK
P.S.=> UBlock does less than hosts & less efficiently - hosts do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried):
Ublock's NOT as efficient:
Hosts @ 3mb-11mb w/ current data vs. threats + ads - test yourself using my program.
UBlock uses 63++ MB -> http://www.ghacks.net/2014/06/...
SCREENSHOT -> http://cdn.ghacks.net/wp-conte...
+
ClarityRay defeats it detecting it by dumping addons in use in a browser via native browser methods to do so!
+
UBlock adds complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).
What's better?
APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...
It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
In its 32-bit model also https://www.virustotal.com/en/...
... apk