Slashdot Mirror
Privacy Alert: Your Laptop Or Phone Battery Could Track You Online
Mark Wilson writes: Is the battery in your smartphone being used to track your online activities? It might seem unlikely, but it's not quite as farfetched as you might first think. This is not a case of malware or hacking, but a built-in component of the HTML5 specification. Originally designed to help reduce power consumption, the Battery Status API makes it possible for websites and apps to monitor the battery level of laptops, tablets, and phones. A paper published by a team of security researchers suggests that this represents a huge privacy risk. Using little more than the amount of power remaining in your battery, it is possible for people to be identified and tracked online. As reported by The Guardian, a paper entitled The Leaking Battery by Belgian and French privacy and security experts say that the API can be used in device fingerprinting.
If the OS randomizes the LSBs of the value every time it is asked that would reduce the use for tracking but still provide the function that might be useful to a user.
The EFF Coalition has just proposed a new Do Not Track standard.
So it could stream lower quality video / audio that would take less battery to play is one thing that springs to mind. If a site monitored battery usage while streaming HD to your phone it could calculate if you had enough to juice left to finish watching.
"Wait. Something's happening. It's opening up! My God, it's full of apricots!"
If anyone sees a laptop battery that jumps to 55% after a few minutes of 100%, that'd be me.
Sounds like the ideal sort of thing to be able to disable (or provide a random response to) in the browser.
Everything your browser does that is different than other browsers can be used to fingerprint you, so sending a random response would be an identifiable trait to narrow the group they think you are in. Better to send nothing, assuming most people's browsers don't send anything, or whatever the response a desktop sends when asked for its battery level.
Is story about that:
dom.battery.enabled false
It seems like this really is not useful for tracking you long-term.
But it could be useful for tracking a user in the short term if the API can give you charge/discharge rates along with capacity.
Still... I would think you are giving more away with simple meta information (headers, etc).
My eyes reflect the stars and a smile lights up my face.
We shouldn't resort to hacks like that.
Seriously, get rid of this shitty functionality. It does not belong in a web browser.
After getting rid of this battery shit, get rid of the goddamn video and audio capabilities that have been added recently. If a website wants me to watch some audio or video, it can serve up a file that VLC or some other external player can play, after I've been promoted to allow this to happen.
Since they audio and video shit would be gone, the motherfucking DRM that has been added lately can be totally removed, too.
Get rid of JavaScript, too. It's a total piece of shit, and it hasn't gotten any better after 20 frigging years! If a browser needs to be scriptable, at least use a real language, like Lua or Python.
We shouldn't hack around this idiotic functionality that's been added to web browsers lately. We should remove it completely.
So they can show you ads for new batteries when they figure out it's wearing out?
Why would a website need to know how much battery I have left (maybe so it can send more and more-obnoxious ads to me if my battery will stand it.)
Or maybe the inverse... Maybe show a simpler page (no videos?) if the battery level is in a discharge / low state.
My eyes reflect the stars and a smile lights up my face.
And why, why, why is the DOM trusted to know this?
That's a determination that the device and/or user should make, not some website that doesn't know all the facts. This is the same type of thinking that led to some Youtube changes that piss me off. "We've detected that your connection is sub optimal so instead of buffering the video we've made the video entirely unwatchable."
Oh please. We can't even get web sites to offer two versions of the same video for web browsers with different codec support.
There needs to be a HTML/A specification similar to PDF/A: A limited, non-interactive subset of functionality. But with or without that, the battery API needs to be eliminated, not fixed, amended or corrected.
I'd rather have the ability to know the speed of the connection with a setting that the user could set himself to override this web-readable value.
The user is on a slow connection? Send regular DPI photos which are highly compressed, bandwidth is more important than quality.
The user is on a fast connection and I detect a HiDPI display? Send HiDPI photos that are compressed but preserved quality.
Want to preserve your monthly quota and/or load pages faster? Override this setting and tell websites you're on a slow connection.
Get free satoshi (Bitcoin) and Dogecoins
Unless they detect an iPhone or iPad. Or almost any other device from the last few years.
The ability to replace batteries are gone, because thin devices.
Get free satoshi (Bitcoin) and Dogecoins
| the estimated time in seconds that the battery will take to
| fully discharge, as well the remaining battery capacity
| expressed as a percentage. Those two numbers, taken together,
| can be in any one of around 14 million combinations, meaning
| that they operate as a potential ID number
okay — so why not decrease the provided resolution of the values?
i.e. time til battery discharges expressed in minutes instead of seconds,
and remaining battery capacity expressed to the nearest 5% -- this will
provide substantially less unique combinations to ID your battery, while
still being sufficiently useful enough for what the feature was intended.
2cents
jp
Probably the best fix for these shenanigans is a VM. Since the VM has no clue what battery status it is running on, nor CPU (especially if you use CPU masking), there is a lot less an advertiser can go on, especially if the VM is rolled back to a clean snapshot after each browsing session.
However, this does nothing against browser fingerprinting (actually nothing really does help here.)
This kind of shit makes me yearn for the days of what I'll call Old Mozilla. I'm talking about Mozilla like it was back in the early days of Phoenix/Firebird/Firefox, when providing a damn good browser was the most important thing. They wouldn't have stood for dumb functionality like this ending up in the browser. It's totally unnecessary, and totally out of place. In the days of Old Mozilla, that would have been apparent, and this functionality would never have gotten implemented in the first place. We wouldn't have to fuck around with the dom.battery.enabled config option.
But Modern Mozilla? They've shown us time and time again that they apparently don't give a flying fuck about providing a good browser experience. Firefox 4 and every release after it have been a massive clusterfuck or disaster of one sort or another. The usability of Firefox's UI is like shit in a urinal today. We've seen almost no visible improvement to Firefox's memory usage and performance under real-world usage as well (so fuck off with the useless, totally unrealistic "Are We Fast Yet?" pseudobenchmarks that don't tell the real story!). Then there has been all of the shit about ads and Pocket lately. And we can't forget about Firefox OS, one of the biggest and most wasteful software development failures we've seen in ages.
Each and every day I wish that Old Mozilla came back, or something close to it formed. Sorry, Pale Moon doesn't cut it. Vivaldi is showing some potential, but it has its own problems.
Is it really too much to ask for Mozilla to go back to doing the right thing with Firefox? Is it really too much to ask for them to make Firefox about the users first and foremost? Is it really too much to ask for them to throw out stupid functionality, or just to avoid implementing it in the first place?
Why would a website need to know how much battery I have left (maybe so it can send more and more-obnoxious ads to me if my battery will stand it.)
Or maybe the inverse... Maybe show a simpler page (no videos?) if the battery level is in a discharge / low state.
That's not the inverse. It is the equivalent.
Now batteries can fucking track you? I don't need websites to know how much battery power I have. Who the hell thought this was a good idea, and fuck them all to hell in advance.
And they're getting some exercise & fresh air.
In the event that an actual certified & credentialled pediophiddlerist runs out from behind the nearest tree and tries to abduct them they might be sufficiently fleet to evade capture.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
We used to have applications run locally. They used to have a lot more freedom - any and all apps could know exactly who you are and what your computer's UUID was, not only how your battery's doing. Today most of what you use - the obvious examples being your mail and to a lesser extent office suite - is at least sandboxed inside your browser.
This is not to say there hasn't been a rise in tracking, but the story just got me thinking that maybe it's a good thing it's being done in a browser.
(And you should be whitelisting the use of cookies and javascript - and blocking unnecessary trackers).
Set this to false in about:config.
Give the "worst-case" time left rounded to the nearest 15 minutes, with some maximum ("more than 2 hours, but I won't tell you how much more").
By "worst case" I mean the amount of time if the device goes into "maximum power use" mode and stays there until it shuts off.
Oh, and to further prevent profiling, as the battery drains or charges have the "switch over point" to the next "reported" value be slightly off of "real." For example, if it's got 38 minutes left, it will report "30 minutes." But change it to "15 minutes" at some random point between 25 and 35 minutes and, if the device starts charging, change it to "45 minutes" at some random point between 40 and 50 minutes.
Oh, and as for the percentage left, there's no reason for a web site to have that information.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I was starting to think the API was the most stupid thing ever, but I realize how to turn it to my advantage. The API is present so that websites can know to dial down the dumb crap when the user's device has low battery. All I'll need to do is hack the browser so that it permenantly reports the battery level as 10% of a full charge. If I'm lucky, that will make the sites revert to being useful.
so why not set a sequence of battery states rather than actual %. "excellent" "ok" "poor" "critical" with 'excellent' being defined as ok to use as much resources as the application would like, 'ok' would be a request to minimize unnecessary utilization 'poor' being an enforced power restriction mode and 'critical' being an explicit warning that failure is imminent and data being handled may be lost instead of saved. The thresholds themselves will vary based on device and user settings. for example my blackberry cuts off radio signal below about 7% battery and so should export 'critical' around 10% shortly before it ceases communication and it refuses to turn on the camera light below around 17% (exact % point varies i think the actual decision is based on current battery voltage data not exposed to the user) so around there should trigger poor. there should be a setting of when to request lower intensity web pages on the power or browser settings that would tweak the excellent/ok point, and of course on a charger would put the device into excellent.
Snowden and Manning are heroes.
I've noticed your iPhone battery is running flat, could I interest you in a battery case?
Oh sure, let's make the phone even bigger and heavier...
Get free satoshi (Bitcoin) and Dogecoins
I dont agree with this.
What we need is a browser that has this capability but does _NOT_ under any circumstances allow it to autoplay. Flashblock used to perform this functionality admirably, but since we all moved to HTML5 and all its magical wonder we've gone back to the point where browsers automatically play anything.
And I warned all of you years ago you'd rue the day you blindly adopted HTML5 as the browser Jesus.
Calling someone a "hater" only means you can not rationally rebut their argument.
There's already plenty of info that websitse can use to identify you - https://panopticlick.eff.org/
Firefox: go to "about:config" in the address bar. Search for "dom.battery.enabled" and double-click to set it to false.
Just a PSA, TOR browser defaults to false.
Ever since marca came up with that inline image shit everything has been downhill.
"marca digs goto"; shoulda known how this would turn out...
for html5 apps it's not that bad of a feature.
like, for firefox OS they need such a feature anyways so might just as well put it on the browser.
however, then they implemented it without rounding without thinking about it one bit.
world was created 5 seconds before this post as it is.
The API is present so that websites can know to dial down the dumb crap when the user's device has low battery.
I think you will find that its primary purpose is to display full screen ads screaming "LOW BATTERY!!! CLICK HERE TO BUY MEGA-ULTRA-BATTERY OVER 9000mAh TOP QUALITY IPHONE LAPTOP ANDROID WINDOWS 10 GENUINE" with the volume at 109%.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
You had me until Python. Any language where whitespace has meaning... I still can't believe such a thing actually caught on.
Any language where whitespace has meaning... I still can't believe such a thing actually caught on.
I don't know how English caught on with things like "experts exchange" vs. "expert sex change" or "mole station nursery" vs. "molestation nursery" or "who represents" vs. "whore presents" or "pen island" vs., you know...
If a website wants me to watch some audio or video, it can serve up a file that VLC or some other external player can play, after I've been promoted to allow this to happen.
If you happen not to have a compatible video player installed on the machine that you are presently using, what message or prompt should the system display? Offer a chance to install a "codec pack"? That's what we had before Flash, and malware developers learned that it was effective to to disguise an installer as a codec pack or Flash Player update. And if a web application wants to play several audio streams at a time, such as a game that wants to play both music and sound effects, how would it "serve up a file" for each in an efficient manner?
Yes, we need to stop doing apps in the web browser, and start doing apps in actual applications.
Applications for which platform? Good luck running a native application on Windows if it has not been ported to Windows, or on a Mac if it has not been ported to OS X.
A word processor can simply call an OS API to open a file, then get permission to access that file when you choose to open it.
Repetitive "Cancel or Allow?" dialogs for elevation to administrator is something for which Apple's Mac commercials used to satirize Microsoft. And now you're proposing to show one every time a word processor opens a file. Heaven help you if you're running a compiler toolchain that may open hundreds of files when rebuilding a complex project.
Phones get bigger every year, it would be kind of like an upgrade!
I understand what you're talking about and have mentioned it in the past, using OLPC Bitfrost as an example. It's just that before such a system is put into place, policies need to be designed carefully so as not to break common productive scenarios in favor of over-optimizing for a non-technical home user who uses a device only view works created by others, not to create his own works.
The file open dialogue is the "allow" operation.
Would the permission through a file open dialog persist across closing and reopening an application? If not, the "Recent Files" list isn't going to work.
I think I'd kind of like it if the OS popped up a "cancel or allow" window when my word processor decides it needs to access the internet.
Once for the program, once for each time you open the program, or once for each socket? It could get tiring when you have to reallow an application's built-in document synchronization service every time it tries to reconnect to Dropbox, Google Drive, Microsoft OneDrive, some SFTP or rsync server, or whatever else. Also imagine 100 different "Allow $browser to connect to the DNS server?" and "Allow $browser to connect to this hostname?" every time you navigate to a different page in a web browser.
As for a compiler toolchain, would it be so terrible if you were required to use the OS's file manager to first move the files you want to compile into a directory to which you've given the compiler access?
Yes. Having to remember to manually copy each changed source code file from the version-controlled directory to the compiler's home directory using the graphical file manager every time I edit one source code file is problematic, as forgetting to copy a file would cause my repository not to match what is being compiled. The other way I can think of would involve allowing the user to give an application persistent full read-write access to a directory, such as the directory containing the source code files on which I am working. The latter would just encourage the user to shortcut all security by giving all applications access to the user's entire home directory. And even then, because the executable's hash has changed after having recompiled and relinked it, the operating system is likely to ask the user to reauthorize everything when the newly compiled version of the application runs. This can become tedious if an application depends on over a dozen resources, such as a game's asset files or its connection to Internet services.
If you want to talk about stupid, let's talk about prompting people for passwords every time they do simple things like change the system time. Allowing users to change the system time is not a security concern when it is their computer.
Say a public library owns a computer open to the public. Would the library's IT department want random patrons, who do not own the computer, to change the system time? Distinguishing between a computer's owner and its other users is why changing system time requires elevation.
[Lack of portability of native apps] is a problem that can be solved. For example, most people writing Minecraft mods don't give a fuck about Linux, yet I can still use the software they write, because they wrote it in Java. Now Java is an awful language
What language is cross-platform and not "awful"? If none, then anybody proposing it will face an uphill battle after the debacles of Java, Flash, Silverlight, and (in your opinion) JavaScript. And then the user would just get double-spammed with authorization requests, when the operating system asks "Allow Java to access $file?" and then Java asks "Allow $program to access $file?".
Even applications written by trustworthy people are hacked by untrustworthy people, and so we need security against all software no matter what the source.
[devil's advocate] Then allow only executables signed