Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
?
EE Times-Asia > Power/Alternative Energy
?
?
Power/Alternative Energy??

Phone batteries expose owner's location

Posted: 05 Aug 2015 ?? ?Print Version ?Bookmark and Share

Keywords:API? phone battery? privacy? internet?

If you have a laptop or a smartphone, then you are practically surrendering your privacy.

This has been the finding of a European team of security researchers who identified a potential privacy invasion 'black hole' that could use batteries of electronic devices to locate owners using the internet.

The security issue centres around a feature of the HTML5 specification that allows websites to find out how much battery power a visitor has left on their laptop or smartphone. The security researchers, Lukasz Olejnik and Claude Castelluccia from INRIA Privatics with Gunes Acar and Claudia Diaz of KU Leuven, ESAT/COSIC and iMinds warn in their paper entitled 'The leaking battery: A privacy analysis of the HTML5 Battery Status API' that the information can be used to track browsers online.

The battery status API is currently supported in the Firefox, Opera and Chrome browsers, and was introduced by the World Wide Web Consortium (W3C) in 2012 to help websites conserve users' energy.

The energy saving feature enables a website or web-app to check when the phone user has little battery power left to allow the phone to switch to a low-power mode by disabling extraneous features to eke out the battery's energy. The same information can be used to identify phones as they move around the internet, allowing people to be tracked.

Websites and the scripts that run on them do not have to ask users' permission to see how much charge is left. Phones set up to respond to the request to say how much charge they have and how long it will take them to power back up. The information can then be used as a way of identifying the phones themselves, without their users' knowledge.

A website could put those two numbers together and watch for a phone with an identical or similar profile appearing on other pages, for instance. Malicious people could then put those two events together and work out that the same phone had accessed both websites, which can usually be hidden.

Technology such as VPNs (which routes internet traffic through another place, to anonymise it) and private browsing (which stops websites from reading tracking cookies that have previously been saved) are designed to keep people from following a user around the internet. However, the security features identified by the research team show that a phone's software could be used to sidestep the precautions.


1???2?Next Page?Last Page



Article Comments - Phone batteries expose owner's locat...
Comments:??
*? You can enter [0] more charecters.
*Verify code:
?
?
Webinars

Seminars

Visit Asia Webinars to learn about the latest in technology and get practical design tips.

?
?
Back to Top