Your Battery Status Is Being Used To Track You Online

A paper published last year revealed that the battery on a laptop or phone can be used to track one's online activities. The vulnerability resided in a built-in HTML 5 specification, which could be tricked into identifying people and tracking their online activities. One year later, we are now learning that the vulnerability is being exploited in the wild. The Guardian reports: [...] Two security researchers from Princeton University have shown that the battery status indicator really is being used in the wild to track users. By running a specially modified browser, Steve Engelhard and Arvind Narayanan found two tracking scripts that used the API to "fingerprint" a specific device, allowing them to continuously identify it across multiple contexts. The research was highlighted by Lukasz Olejnik, one of the four researchers who first called attention to the potential issues with the battery status API in 2015. Although Olejnik achieved some success following his warning, with the body in charge of the web's standards thanking his group for the privacy analysis, the API still has the potential for misuse. And while it is only tracking scripts using it now, Olejnik warns that unscrupulous actors could do more. "Some companies may be analysing the possibility of monetising the access to battery levels," he writes. "When battery is running low, people might be prone to some -- otherwise different -- decisions. In such circumstances, users will agree to pay more for a service."

Old news

[LichtSpektren]

In Firefox, you should go to about:config and toggle dom.battery.enabled to false. I've read this exact advice on many privacy-related websites for over a year, so this really isn't news.

Re:Old news

[arth1]

In Palemoon, the default is (of course) disabled.

Re: Old news

[kaiser423]

Is there a Chrome (Vivaldi also) or FF build with this crap disabled by default? Honestly just sick and tired of seeing how much information my browser gives out by default.

Re:Old news

The purported news is that this has been seen in the wild now.

Re: Old news

[LichtSpektren]

It doesn't seem like you can disable it in Chrome, don't know about Opera or Vivaldi though. There's a Chromium fork called Iridium in the works that's hardened for privacy and security features, but I don't know enough about the company behind it to recommend it.

For Firefox, there's a great extension called Privacy Settings that will automatically optimize your settings for security and privacy (N.B. I would select "Full Privacy" but turn on dom.storage.enabled so websites like GOG's and Protonmail's will work, and turn off security.ssl.require_safe_negotiation since too many websites don't have good security yet).

Re:Old news

[arth1]

In Firefox, you should go to about:config and toggle dom.battery.enabled to false.

There's also "dom.vibrator.enabled". I'm not sure whether it was created for cell phones or haptic sex, but still, it doesn't seem like something remote sites should be able to read or set without explicit permissions.

Re:Old news

And by disabling it you are in minority and information can be used in your browser fingerprint. How about random value?

Re:Old news

Or you could just keep it at 100% all the time [or remove it altogether for laptops] as I do.

Re:Old news

[sexconker]

It's true or false.
By setting it to false, they presumably can't get access to your battery level.
There is absolutely zero reason a browser should ever send that info out without the user explicitly telling it to, but here we are.

Re: Old news

You use Chrome yet you bitch about privacy?? Pick one ot the other man...

Re: Old news

[FunkSoulBrother]

Step One: stop using a browser made by an advertising company.

Re: Old news

[I4ko]

Well, uBlock origin can stop it. And to the ghost lurking around here - no, this is one of the things hosts have no chance to stop ever. I've been contemplating for a while to privoxy my traffic and return random values for battery, canvas, fonts and other fingerprints just for kicks.

Re:Old news

Ironically, by tampering with the default settings, you're actually making yourself just as fingerprintable, because not too many people disable such features (or use a niche browser). In fact, you could be making yourself more fingerprintable if you're not careful or the miscreants improve their trackers. Besides, this is just one of many HTML5 features that make people more fingerprintable, even uniquely so. The only way to fix this is for browser vendors to get together and make everyone's profile as similar as possible, ensure that user permissions are required to access any potentially-unique data, and deliver poisoned data to sites that are disallowed. But how many people are willing to configure such permissions? Not many, hence this is a problem that can't be easily solved until everyone (not just a few privacy-enthusiasts) realize the scope and seriousness of this issue.

Re: Old news

[Dagger2]

I took a brief glance at that extension's source. From https://addons.mozilla.org/en-...:

exports.main = function (options) {
            if (options.loadReason === 'install' || options.loadReason === 'startup') {
                var version = sp.prefs.version;
                if (self.version !== version) {
                    if (sp.prefs.welcome) {
                        timers.setTimeout(function () {
                            tabs.open(
                                'http://firefox.add0n.com/privacy-settings.html?v=' + self.version +
                                (version ? '&p=' + version + '&type=upgrade' : '&type=install')
                            );
                        }, 3000);
                    }
                    sp.prefs.version = self.version;
                }
            }
        };

Because phoning home on every update is good for your privacy, right?

Why on Earth?

[xororand]

Why on Earth are browsers revealing my battery status to random websites?
Does Google dictate these changes in exchange for funding?

Re:Why on Earth?

[Lennie]

This is what the specification has in the introduction:

"The Battery Status API can be used to defer or scale back work when the device is not charging in or is low on battery. An archetype of an advanced web application, a web-based email client, may check the server for new email every few seconds if the device is charging, but do so less frequently if the device is not charging or is low on battery. Another example is a web-based word processor which could monitor the battery level and save changes before the battery runs out to prevent data loss. "

https://www.w3.org/TR/2016/CR-...

Re:Why on Earth?

[EvilSS]

Why on Earth are browsers revealing my battery status to random websites? Does Google dictate these changes in exchange for funding?

It was added to the HTML5 spec to allow sites to supply "low power" versions of their site to devices when their battery is low. Or so they say.

Re:Why on Earth?

[dj245]

Why on Earth are browsers revealing my battery status to random websites? Does Google dictate these changes in exchange for funding?

I think it might be a case of "we could do it, so we did". The battery HTML API can indicate whether a device is plugged in and charging, or not. In theory, you could write code that was more computationally-intensive if the device was plugged in, or very lean if the device was on battery. That seems like a legitimate use to me. It may not have occurred to anyone that this would be used for nefarious purposes.

Re:Why on Earth?

I know right. There is no reason for websites to have access to that type of data.

Re:Why on Earth?

[jellomizer]

I am guessing the purpose was for a few things.
1. Remote Desktop Help to help identify problems with your system.
2. Websites that may have rules to Save/Commit your session before your battery dies.
3. Websites to lower the amount of JS processing based on your battery usage

Re:Why on Earth?

[jeffb+(2.718)]

If you're building a "web-based word processor" that can lose work because a client goes away, You're Doing It Wrong, so much so that responding to a low-battery signal is pointless. What if a router goes down? What if the user moves out of range of an access point, or cellular data?

If Web developers (or the companies issuing their marching orders) wanted to respect my battery, they could start by ditching all the gratuitous animated ads, transitions, and whatnot. For bonus points, they could do it before my battery gets low, so that my battery doesn't get low in the first place.

My five-year-old laptop still gets up to six or seven hours off a charge -- as long as I'm not visiting typical Web sites. If I start browsing, especially without blocking Flash or ads, I'm lucky to get an hour and a half.

Re:Why on Earth?

[rock_climbing_guy]

I wonder why they didn't just program browsers to prompt the user to allow the server to see their battery status similarly to how they did it with location services. I deny location services to web sites all the time that have no need to know my location.

If I log onto a web site that uses geolocation to help me find something, of course I will share my location. If I log onto a web site to read news and it wants to know my location, I deny that every time. Why shouldn't it be the same with the battery API?

Re:Why on Earth?

[Actually,+I+do+RTFA]

Does Google dictate these changes in exchange for funding?

No, no, no. Nothing so crass. Google is a member of the W3C. Therefore it has the right to propose and vote for standards. Okay, Google is a Gold sponsor, so they have a bit more weight. Okay, the Gold sponsor.

But they can only propose regulations. There are 421 voting members of the W3C. You too can join. That is, for a sum of between $3k (if a

See, Google doesn't dictate changes for funding. All above board.

Re:Why on Earth?

[wonkey_monkey]

2. Websites that may have rules to Save/Commit your session before your battery dies.

Websites should have rules like that anyway, if required. An internet connection, particularly a mobile one, should probably be considered less reliable than a device's battery.

Re:Why on Earth?

[Actually,+I+do+RTFA]

Oops, stupidly left an unescaped <. That second line should read "... for a sum between $3k (if < 10 employees) up to over $75k, you too can purchase a vote"

Re:Why on Earth?

I have the same question, though 99.73% of the time my laptop is plugged in.

Re:Why on Earth?

[jellomizer]

However the variables will stay in memory of the Browser and device even if the network connection is off then can send it over when it returns. However typically if the battery dies. Then your local memory will go too.

Re:Why on Earth?

[NatasRevol]

But the ad companies will ignore it, rendering it mostly useless.

Re:Why on Earth?

[JohnFen]

This sort of thing is one of the main reasons why I consider HTML 5 to be a terrible specification. It allows far too much data leakage to websites. Combine that with the underlying attitude behind HTML 5 that users shouldn't have control over their machines makes is a bridge too far.

Re:Why on Earth?

[JohnFen]

That seems like a legitimate use to me.

Not to me. We already have far too much horribleness resulting from web sites deciding to alter their functionality according to web browser and machine characteristics as it is.

Re:Why on Earth?

Would you be able to reduce the granularity to 5%, 10% or something like that, so that there are only 12 possible states: (0, 5, ... 100, plugged in)?

Or better yet: plugged in, high battery, low battery

Re:Why on Earth?

[ShaunC]

The ad companies will be the first ones using it, just not for the intended purpose. They won't tone down the ads if your battery is low but they'll definitely build a cross-site fingerprint of you. From the study,

The second script, http://js.ad-score.com/score.m..., queries all properties of the BatteryManager interface, retrieving the current charging status, the charge level, and the time remaining to discharge or recharge. As with the previous script, these features are combined with other identifying features used to fingerprint a device.

Re:Why on Earth?

[Lennie]

I'm sorry, but HTML5 no control over their machines ? What are you talking about ?

OS and devices manufactures like Apple, Microsoft and Google are very busy trying to take control of your machines and your data this seems like a much worse situation.

Re:Why on Earth?

[EvilSS]

I kind of question if this wasn't the intended purpose all along. The reason is that it's not necessary for a site to see exact battery level and recharge time to know if they should present a low power site or now. Knowing battery life in bands of x% (0-10%, 11-20%, etc), or even just a preset level (in the HTML5 spec) that would trigger a battery low flag and maybe another that would show on AC power (so the site would know it could possibly ignore the low battery) would be enough. I can't believe the people involved in creating this spec didn't realize what it could be used for when they were writing it.

a way for schools to charge more?

[Joe_Dragon]

Edna Krabappel: Now, whose calculator can tell what seven times eight is?

Milhouse Van Houten: Oh! Oh! Low Battery?

Edna Krabappel: [sighs] Whatever.

Re:a way for schools to charge more?

[bluefoxlucid]

56. You should have that memorized. If you don't, the square of 8 is 64, and subtracting 8 gets you 56--because (8,2) gives 5[4+2] = 56, one straight look-up operation with a decrementing carry built-in so you don't have to count on your fingers.

Of course, having both the rote-memorized multiplication table (36 entries, including 8 perfect squares) and the two addition tables memorized (7 entries, including one reflexive (5,5) entry) means you can rapidly-multiply large numbers with arbitrary decimal places using an accumulating algorithm.

36.5 * 192 = ? 3xxx, 27xx, 6x, 6xx, 54x, 12, 5x, 45, 1 => 7008, I think?

Algebra is hard enough without having to deal with the arithmetic involved. Even using a calculator turns into a major exercise in keeping track of what digits you've computed; best to make arithmetic a native function.

Re:a way for schools to charge more?

[sexconker]

You're trying too hard to look clever.

No one with a brain would multiply 36.5 * 192 the way you did. Someone with a brain would use 36.5*200 and then subtract 8*36.5 (or 4*73 since they've already doubled 36.5 and have that result in their head).

And no floating point processor would handle it as you did either.

Re:a way for schools to charge more?

[bluefoxlucid]

My brain isn't a floating-point processor and has different hardware.

As for how anyone with a brain would do it... the method I displayed is exactly the method used by mental mathematics world champions, was the method used by high-rated accountants in Japan for thousands of years, and is the method taught in schools in several Asian countries (Japan and some parts of Korea).

Your method requires pre-analysis to form a strategy, then a subtraction (1), three accumulating multiplications (3), and then three more accumulating multiplications (3), for a total of 7 operations after consideration of a plan. With the doubling variant, it requires a subtraction (1), three accumulating multiplications (3), three more accumulating multiplications to double 36.5 (3), a division (1), and two more accumulating multiplications (2), totaling 10 operations.

The method I showed requires applying isometric operations in repetition, like counting or walking. Overlearning these techniques allows for rapid results: some individuals have been capable of repeat-division of sets of 5 5 digit numbers (e.g. n = 103.29; n = n / 20.171; n = n / 0.73864; n = n / 104.11; n = n / 17.002; n = n / 13.176; return n) at rates of under 2 seconds per set. In general, people are barely fast enough to outperform a human operating a calculator (the calculator is faster; data entry takes more time than mental computation).

Further, the method I described itself represents an isometric strategy. Your brain overlearns this strategy, and is thus better-capable of storing intermediate values accurately during computation. Varying your strategy uses additional mental effort, causing short-term memory loss (you lose track of numbers) leading to slowdowns and errors in computation.

Imagine if you just said, "A person with a brain would consciously focus on his hip, shifting it toward the leg he's taking a step onto, thus distributing his weight onto it to hold his balance." Such a person would concentrate *extremely* hard on walking, versus someone who casually strolls along without really thinking about it. You described that sort of thinking, but with math.

Re:a way for schools to charge more?

[BancBoy]

I think we have a winner.

Re:a way for schools to charge more?

[I4ko]

Hmm, really is that the easiest method? The way I was though at school. It is basically the same in reverse order of magnitude. Far less additions

36.5 x 192 = 7008.0
73*0*
328*5*|0
365|00
-----------
70080, rewind decimal point by one place The star indicates carryover to the left, and the pipe indicates zeros added for alignment.

Re:a way for schools to charge more?

Man, you really missed the joke.

Re:a way for schools to charge more?

[bluefoxlucid]

I don't know why left-to-right is the standard for mental mathematics, to be honest. The more vs less argument is significant, but less-so than the procedural argument; it just happens to be easier to digest (most people aren't well-convinced that doing something millions of times means doing that thing 5 times is easier than doing some other thing once--even when they answer a text message while exiting their car and IMMEDIATELY LOCK THEIR KEYS INSIDE).

If you like paper methods, you could look into lattice multiplication as well. Not everyone can hold large-digit numbers in their heads, and most mental mathematics exhibitions use 3-5 digit numbers; to multiply wide numbers, you need to chunk and store a lot of intermediate values, which is even stressful on a PAO system or other prepared numeric mnemonic (PAO can store 6-digit chunks as complex images). Even then, exceeding your 7-9 item short-term memory limit slows your working memory (you have to store quickly into long-term memory with few associations--some people call this "mid-term memory"); and, eventually, you're juggling so many digits (which have to be stored as chunks--a 14-digit number isn't ONE short-term memory slot) that you can only do it by deliberately storing multiple chunks in long-term memory. It gets *slow*.

Lattice multiplication just writes out the two multiplicands on paper; multiplies every single-digit pair together; then sums results on diagonals and accumulates all of those results in a final output. It takes a while, but it's less-error-prone and much faster for multiplying many-figure numbers than doing it in your head. At a point, those functions in your head are basically eight megs and constantly swapping.

Re:JUST SEE this thread. nuff said.

Actually don't. The previous story has absolutely nothing to do with this story and nothing in the comments relates to it.

The person who posted this is a retard.

Uber

Uber is already doing this to gouge customers.

http://www.forbes.com/sites/amitchowdhry/2016/05/25/uber-low-battery/#70628b966f1d

Re:Uber

please don't post links to Forbes.

Uber is doing it

[scorp1us]

Uber is doing it

But as for tracking, why not just report battery level by 10% increment, or some other increment where you can hide in a gaussian distribution? Really they only need to know Full, low, and not full or low.

Re:Uber is doing it

Uber is doing it

Uber's head of economic research, Keith Chen, told NPR's Shankar Vedantam during an episode of The Hidden Brain podcast that users of the service are willing to accept surge pricing increases of as much as 9.9 times if their smartphone's battery is close to flat.

The logic is that if your battery is almost dead, then you feel at risk of being stranded, and that means that rides are much more valuable to you than they would be if your battery had sufficient charge.

Oh, but don't worry, Chen promises that the company doesn't use this information to set fares.

Wow, Uber is such a classy business.

Re:Uber is doing it

[Actually,+I+do+RTFA]

Why even in 10% increments. You just need to know, at most, three levels: Normal, Low, Shutdown Eminent.

Re:Uber is doing it

They don't need to know anything. I assume complete privacy unless I choose what things to reveal.

Re:Uber is doing it

How about a binary flag, with a user configurable threshold? Not like anybody's going to use that as intended either, but at least that only leaks one bit of information.

Re:Uber is doing it

[NatasRevol]

Imminent. Eminent is ... something else.

Re:Uber is doing it

[The-Ixian]

But it has to do with domains....

Re:Uber is doing it

[NatasRevol]

Eminent domain may negatively impact my imminent domain.

Re:Uber is doing it

[JohnFen]

Really they only need to know Full, low, and not full or low.

They don't even need to know that.

Tired of this whole security/privacy mess!

[grumpy-cowboy]

WHY ON EARTH a browser need to expose the status of my laptop battery!! Why?!?! Can we have a browser that JUST display text, images and basic please! Can we go back to HTML 3.2 and flush everything made after this!

Rational actors

[bluefoxlucid]

To call profit-maximizing strategies "unscrupulous", we'd have to claim everyone who makes above bare subsistence income is an unscrupulous actor. Women complaining they don't get paid as much as men would be unscrupulous, trying to get more pay without doing more work.

You need a bit more of an ethical quandry than that before you can start claiming bad ethics.

Re:Rational actors

[Opportunist]

Abusing people who are in a desperate position is despicable. Good enough?

Re: Rational actors

Matt Damon, Leonardo DiCaprio AND Natalie Portman?

Re:Rational actors

[JustNiz]

Abusing people at all is despicable.

Re:Rational actors

[bluefoxlucid]

Every position is desperate. People with low battery are often plenty comfortable with their near-term access to a charging port; and, at the same time, cognizant of the low battery state. That applies stress, in the same way that being hungry applies stress (omg you might starve! ... there's a 0% chance of that happening). That changes the way the brain makes decisions; it's not that you might go tapping on e-purchases in a desperate attempt to outrun impending battery failure, but rather that you've got a different mix of hormones and are now willing to pay $1.73 more for Tide laundry detergent that you're going to need in 2-3 weeks.

Is charging the extra $1.73 at that point unscrupulous? What about just setting your base price at a point where people avoid the purchase 90% of the time, but eventually come in and stock up as their supplies run low?

What about *lowering* the price? Peanut butter on sale, 50 cents off if you buy three big-ass bottles! People rush to buy peanut butter they wouldn't normally purchase. With the extra food in the house, a large proportion of this population is more comfortable eating more, and so they eat peanut butter faster, and end up having to buy more, and you profit.

Your high salary means your employer will go out of business unless they charge prices high enough to pay your salary. You make 15 hamburgers an hour and get paid $10/hr? That's going to be 67 cents per hamburger factored in. If you make $15/hr, that's $1 per hamburger factored in. People looking to eat have to fork over that extra cash; that means they have less to pay for the next service (and when you get your paycheck, it cycles around the same way: you have 50% more--taken from others--but it only goes 45% farther), and somebody gets bumped out so you can live better. Maybe we fix this by adding tools along the line so you can make 30 hamburgers an hour, and now you get $15/hr and that's 50 cents per hamburger factored in; and if we're not selling twice as many hamburgers, somebody else is redundant, and gets laid off.

Sounds like you're abusing people by not working 14-hour days for minimum wage, doesn't it?

I'm sure you can justify *yourself*, somehow. You need every little luxury more than someone else needs to eat. Maybe you'll make an incorrect statement about how more money coming to you means you get to spend it and create a multiplying effect, somehow, even though more total spending doesn't actually occur in a given time frame. Maybe you just *know* you've *earned* it, even if it hurts someone else.

Maybe you just have to concede the point and accept that, yes, you need a bit more of an ethical quandary than that before you can start claiming bad ethics.

Re:Rational actors

Women complaining they don't get paid as much as men would be unscrupulous, trying to get more pay without doing more work.

Victim-blaming is unscrupulous and lazy thinking.

Re:Rational actors

[Opportunist]

I fail to see the problem with some contemporary pests. They are technically people, but ... well, abusing them isn't really a disservice to humanity.

Web app overload.

When a web site can get something as private as a battery status, you know that the web app bubble has gone too far. I hope the web app bubble burst along with millenials having to get off their phones and having to use real computers with CRT monitors and Internet Explorer 6.

pretty low for a sale.

[nimbius]

this sort of manipulative and underhanded approach is also known as "aggressive marketing." its been essentially the only means advertisers use to sell since the 70s when we stopped marketing products and switched to marketing brands and lifestyles.

im guessing in another 20 years most advertising is just going to be a thin man with a dark cape standing next to me attempting to exploit random fears until i buy some deodorant.

Listen up, you fuckers!

This is exactly why you're losing your most adamant users, if not entirely then at least as peer to peer marketers on your side. There is absolutely no way any sane web developer is going to use that feature in the intended way. That is a feature made to be abused. By adding it, you have leaked credibility like water through a sieve. I can not recommend a browser to people who don't even know that about:config exists, and who will be exposed if they don't change dozens of settings that don't even have a user interface. Without my recommendation, these people all choose Chrome. I am the reason they still know that Firefox exists, because they see me use it, but when they ask my why, I say it's a matter of preference, not that it's the better browser, because I will not lie for you.

Undo moderation

Accidentally modded wrong comment.

HTML5: the stealth OS specification

HTML5 knows too much for web pages. It seems to have a lot of APIs which simply should not exist at all.

I think the problems all came from the idea that programmers want to run full applications in the web browser; that it needs to be an OS in itself. Back in the 1990s the "thin client" sounded like good idea, simply because a majority of the marketplace was saddled with an extremely bad legacy OS (MS Windows) which no one wanted to work with, but everyone had to.

Now Windows is gone (or at least you rarely see it outside of large offices) but to kill it, we had to make the "Javascript OS" full-featured, and the "thin" in "thin client" was totally forgotten. Now your browser is the most complicated thing on your computer, an entire OS within an application on your OS.

So it's true: a web page will never need to know your battery status, so having the API is an obvious bit of fuckwittery. But we aren't talking about web pages; we're talking about applications which just happen to use something called a "web page" as their screen or window.

It wouldn't have necessarily been a stupid idea, except that this OS is made to download and execute applications from whatever network source that it's told to. You say your information is being sent to random web sites, but I say you are downloading and running networked applications from random websites. Why are you doing that?

Sorry, didn't mean to put you on the defensive. You're doing that because your web browser does it. You didn't want to run some random application, but you did, at some point, load a web page which contained a script tag that shouldn't have been there. You say "but it's just a web browser!" and I'm explaining, "No, it's an Operating System." Eww.

Re:HTML5: the stealth OS specification

[xororand]

Sorry, didn't mean to put you on the defensive. You're doing that because your web browser does it. You didn't want to run some random application, but you did, at some point, load a web page which contained a script tag that shouldn't have been there. You say "but it's just a web browser!" and I'm explaining, "No, it's an Operating System." Eww.

You have a very good point and the user really is responsible for what they run in the end.
I should use Tor Browser more often, which is less chatty. Someone ought to make a fork of Tor Browser without Tor. It really is superior to any other browser in that regard.

Fuck off with the clickbait headlines, please

[wonkey_monkey]

Your Battery Status Is Being Used To Track You Online

Oh, do fuck off with the tiresome clickbait headlines. My battery status isn't being used to track me online, but even if it was, you could write the headline without having to personally address it to me.

Re:Fuck off with the clickbait headlines, please

[sexconker]

He was correct. The plural "your" is still directed AT YOU.

Re:Fuck off with the clickbait headlines, please

Unfortunately, your kind of willful stupidity is not at all special or uncommon. Go back to 2nd grade grammar textbook. Learn something. Start with "first person" vs. "second person" pronouns.

Re:Fuck off with the clickbait headlines, please

Your Battery Status Is Being Used To Track You Online

Oh, do fuck off with the tiresome clickbait headlines. My battery status isn't being used to track me online, but even if it was, you could write the headline without having to personally address it to me.

But he really was writing this article just for you so how else should he have written it?

...By running a specially modified browser

[JustNiz]

If it was easy for someone to plant a modified binary on your phone they could also do just about anything they wanted.

Re:...By running a specially modified browser

The specially modified browser was used to detect the usage of the API calls. It was not required in order to perform the tracking. Read the summary slower since you're likely to skip the article anyway.

sounds familiar

[bobmajdakjr]

"In such circumstances, users will agree to pay more for a service." -- cough *Uber*

bATTERY STATUS?

[rossdee]

I/m always plugged in when I go online

Good gawd

[JustAnotherOldGuy]

Is there anything that can't be used to suck up your personal information, location, spending habits, etc etc?

"Some companies may be analysing the possibility of monetising the access to battery levels"

Holy shit, kill me now. But first let me throw a few marketers into the wood chipper.

"When battery is running low, people might be prone to some -- otherwise different -- decisions. In such circumstances, users will agree to pay more for a service."

Okay, now I really mean it, just kill me. And make sure to plaster advertisements all over my headstone, okay?

My Compuer should not be sending ANY of that info

[gurps_npc]

Not only is there no reason for the computer to send my battery, but there is NO reason to send ANY information beyond what I expressly tell it to.

Someone wants to know what my browser or what addons I am using, I should have to expressely tell them. Otherwise it should send a default value.

No, it actually isn't

This exploit requires an attacker place a custom-precracked browser on your PC. Without it, the exploit does not exist.

This is the same kind of hyperbolic bullshit as when they say your car can be hacked remotely, when in reality one must have physical access to your car's ECU to install a wireless serial transceiver on the CANBUS first.

FUD and scare tactics. Laughable, man!

what a useless feature

[wardrich86]

Should be DISABLED by default... who would even want a "low powered" version of a website? This was a bad idea from the beginning

Re:Tracked by who? USA Government. Thanks Ed Snowd

MINUS 1? Moderator bias detected. Must be a Microsoft house here.