Websites can use your phone’s battery status to track you online

Websites can use your phone’s battery status to track you online

Meet World’s First Android Smartphone With Massive 10000 mAh Battery
Dell Introducing New BIOS Security Tool To Make Its Laptops Harder To Hack
Microsoft Reportedly to Launch Its ‘Last Lumia’, the Lumia 650 on February 1

Researchers from Stanford University – Steve Engelhard and Arvind Narayanan,  recently found that your smartphone’s battery status may now provide a way for websites to track you online – “thanks to HTML5”.

With rise of HTML5 web developers can do a lot of things, in that HTML5 Battery Status API – information on your battery life percentage and time to discharge, as well as how long it would take to charge your phone can be used to track you online.

Also Read : Skype Now Hides IP Address By Default In PC And Mobile

HTML5 Battery Status API allows servers to determine when they need to send an energy-efficient version of a website. It lets them see how much charge a laptop, tablet, or smartphone has in terms of time remaining until discharge, and as an overall percentage.

And according to researchers – these two figures can be combined to provide a the unique combinations of the numbers which would give websites a way to match your battery information with your IP with fairly good certainty and there are about 14 million different combinations of battery life as a percentage and remaining time.

And also these figures about battery status updates after almost every half a minute, so these statistics can be used to identify the user on the website within the time frame of 30 seconds. Researchers claim that website can possibly reconstruct your battery’s identity, within that given 30-second timeframe, even if you visit a website using a proxy and then revisit the same website without proxy.

The worst part of this attack is that it’s hard to mitigate against it. You can’t deal with it as easily as you would wipe your browser cookies. VPNs and AdBlockers won’t help either. The only option is to plug the device into the mains. Although it’s unclear whether this sort of thing is being routinely used against users, for some time, many in the security community have held concerns about the Battery Status API.

Right now only Firefox supports Battery status disabling feature. So if you are too much concerned about your privacy switch to Firefox.

Click here to check if Battery Status API is Enabled/Disabled in your browser.

Also Read : Edward Snowden developed a special phone case to keep us safe from spying eyes

COMMENTS

WORDPRESS: 0