Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox Disables Loophole that Allows Sites To Track Users Via Battery Status (theguardian.com)

Posted by msmash on Tuesday November 1, 2016 @08:00AM from the fixing-things dept.

New submitter xogg writes: Battery Status API allows web sites to read the battery level of user's system. The API was found to bring privacy risks and abuse potential and a number of implementation bugs. Now with apparent no legitimate use cases, Mozilla is taking the unprecedented decision to vaporize a browser API due to privacy concerns. And apparently, WebKit, powering Apple's Safari follows. Is that the first time a browser reduces functionality following research reports warning of privacy risks?

3 of 104 comments (clear)

Min score:

Reason:

Sort:

Better solution by presidenteloco · 2016-11-01 08:32 · Score: 4, Interesting

Just replace the battery percentage value, if that's what the API was returning with an BatteryIsLow() boolean, which could be set at something arbitrary, like 30%.
This way, the valid use cases, like control of video serving or "intensity", could still work, but the privacy concern would be gone. You can't effectively track someone in general just by knowing the times when they transition around 30%. That would be too rare to be a useful tracking data point.

--

Where are we going and why are we in a handbasket?
1. Re:Better solution by wonkey_monkey · 2016-11-01 08:59 · Score: 4, Interesting
  
  How about just "on battery power" or "plugged in"?
  
  --
  systemd is Roko's Basilisk.
Re:Reducing Functionality? by bondsbw · 2016-11-01 08:58 · Score: 3, Interesting

This API never needed to provide battery level as a double value. An enumeration such as { Full | Sufficient | Low | Critical } would have solved the privacy issue while providing useful information.

--
All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.