{"id":11973,"date":"2015-08-16T13:11:11","date_gmt":"2015-08-16T17:11:11","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=11973"},"modified":"2016-11-08T15:35:24","modified_gmt":"2016-11-08T20:35:24","slug":"how-your-phones-battery-life-can-be-used-to-invade-your-privacy","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2015\/08\/16\/how-your-phones-battery-life-can-be-used-to-invade-your-privacy\/","title":{"rendered":"How Your Phone’s Battery Life Can Be Used to Invade Your Privacy"},"content":{"rendered":"

Alex Hern<\/a>:<\/p>\r\n

\r\n

The battery status API is currently supported in the Firefox, Opera and Chrome browsers, and was introduced by the World Wide Web Consortium (W3C, the organisation that oversees the development of the web’s standards) in 2012, with the aim of helping websites conserve users’ energy. Ideally, a website or web-app can notice when the visitor has little battery power left, and switch to a low-power mode by disabling extraneous features to eke out the most usage.<\/p>\r\n

[…]<\/p>\r\n

The researchers point out that the information a website receives is surprisingly specific, containing the estimated time in seconds that the battery will take to fully discharge, as well the remaining battery capacity expressed as a percentage. Those two numbers, taken together, can be in any one of around 14 million combinations, meaning that they operate as a potential ID number. What’s more, those values only update around every 30 seconds, however, meaning that for half a minute, the battery status API can be used to identify users across websites.<\/p>\r\n<\/blockquote>\r\n

Update (2016-11-05): Catalin Cimpanu<\/a> (via Hacker News<\/a>):<\/p>\r\n

In an unexpected move, Mozilla has announced last week it was removing support for the Battery Status API, a feature that allows websites to detect the status of the user’s battery level, and use this information to save critical website data to disk before the device shuts down.<\/p>

Unfortunately, web developers haven’t used the API as Mozilla had hoped. In fact, the most ardent users of the API are advertisers, who used it to track users across websites based on their battery levels and unique device identifiers.<\/p><\/blockquote>\r\n

Update (2016-11-07): Lukasz Olejnik<\/a>:<\/p>\r\n

It’s also interesting to note that Apple is considering to remove support for Battery Status API<\/a> from WebKit’s (the engine powering Safari browser) source code. Although so far Apple has not enabled Battery Status API, it is implemented in Safari’s engine. At this point, I don’t believe Apple will ever ship this feature.<\/p><\/blockquote>\r\n

Update (2016-11-08): Bruce Schneier<\/a>:<\/p>\r\n

\r\n

W3C is updating<\/a> the spec. Here's<\/a> a battery tracker found in the wild.<\/p>\r\n<\/blockquote>","protected":false},"excerpt":{"rendered":"

Alex Hern: The battery status API is currently supported in the Firefox, Opera and Chrome browsers, and was introduced by the World Wide Web Consortium (W3C, the organisation that oversees the development of the web’s standards) in 2012, with the aim of helping websites conserve users’ energy. Ideally, a website or web-app can notice when […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[28,279,456,81,31,327,355,96,328],"class_list":["post-11973","post","type-post","status-publish","format-standard","hentry","category-technology","tag-batterylife","tag-firefox","tag-googlechrome","tag-html5","tag-ios","tag-opera","tag-privacy","tag-web","tag-webkit"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11973","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=11973"}],"version-history":[{"count":4,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11973\/revisions"}],"predecessor-version":[{"id":16304,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11973\/revisions\/16304"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=11973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=11973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=11973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}