Skip to main content

Your smartphone or laptop battery could be used to track you, researchers say

battery status api tracks phone laptop samsung from galaxy note 4
Digital Trends / Robert Nazarian
European researchers published a paper revealing that your privacy could be compromised from the battery in your smartphone or laptop. Most people are probably unaware of something called the battery status API. The World Wide Web Consortium (W3C) introduced it in 2012, and the Firefox, Opera, and Chrome browsers support it.

Battery status API explained

It is a HTML5 specification that’s supposed to help websites conserve energy for those users that have minimal battery life remaining. Basically, the website can read the battery state of any device, such as how much life remains in terms of both minutes and percentage. Based on these results, the website can automatically disable power hungry features on webpages to conserve energy.

How is your privacy compromised?

So far so good right? Unfortunately the main problem with the API is that websites can gather this information without permission from visitors. The researchers concluded that websites can piece together the information from multiple visits through a third-party script, thus creating a fingerprint for each user. This could theoretically happen across different sites and even affect users who constantly delete cookies or are behind a VPN or corporate firewall.

battery tech
Image used with permission by copyright holder

The potential issue was raised back in 2012 and referred to in the W3C specification of the API. The “Security and privacy considerations” section has the following statement: “The information disclosed has minimal impact on privacy or fingerprinting, and therefore is exposed without permission grants.”

Are you at risk?

The study seems to be stirring up some technopanic in the tech world, but the potential danger appears to be very limited. The study was only conducted with the Firefox browser in Linux using the UPower tool. The researchers concluded the information gathered from Firefox in Windows, Mac OS X, and Android was too significant to create a fingerprint.

Furthermore, the researchers filed a bug report for the exploit with Firefox in Linux, and it was fixed in June 2015. The study never demonstrates a similar exploit in either the Chrome or Opera browsers, or even a mobile device.

The report demonstrates an issue that was already fixed, but its intent is to “draw attention to this privacy issue by demonstrating the ways to abuse the API for fingerprinting and tracking.” In other words … create buzz among tech sites, which leads to more technopanic.

No exploit should be taken lightly, but further evidence needs to be demonstrated before we start panicking on this one. And even if this evidence does surface, the API can be updated to include user permissions or whatever is necessary to thwart any potential privacy issues.

Editors' Recommendations

Robert Nazarian
Former Digital Trends Contributor
Robert Nazarian became a technology enthusiast when his parents bought him a Radio Shack TRS-80 Color. Now his biggest…
Smartphone battery capacity could be increased using nanochain material
nanochain battery capacity coin cell 1

A new method could allow better materials to make up battery electrodes by converting them into a nanochain structure, the black material on this copper electrode of a coin cell. Purdue University image/Kayla Wiles

If you're frustrated by the fact that electronic gadgets continue to get more sophisticated but your smartphone battery still can't seem to last a full day, then new research from Purdue University could offer some relief. Chemists there have developed a new method for designing lithium-ion batteries which could make them last longer and charge faster.

Read more
Here’s one thing you need to do before giving your child a smartphone or tablet
Qustodio

In today’s high-tech world, it’s hard enough as adults to fully monitor our own internet consumption — juggling multiple social media accounts, dodging scams and threats to our personal information, and so on can quickly become a digital headache. But all that pales in comparison to the need to keep tabs on your kids' daily internet activities and online habits. That's a different battle altogether, and the ubiquity of internet-connected Android and iOS smartphones doesn’t make it any easier.

Yet with each new problem that rears its head, there’s a new solution that arises to tackle it, and the ready availability of great parental control software like Qustodio gives parents a much-needed leg up. With free options as well as premium monthly plans starting at just $3.75 a month or $45 per year, Qustodio is an excellent option for any security-conscious parent raising kids in the digital age.

Read more
You can now use an Android phone to log in to Google on an iOS device
google android phone physical security key account

Google is making it a little easier to sign into your Google apps and services on an iOS device. The company is taking advantage of the new security key feature in Android to allow people to use their Android phone to log in to Google services on iOS.

The new feature works through Google's Smart Lock app, which you need to have installed on your iPad or iPhone to make the Android security key feature work. You also need two-step verification enabled, and if both of those criteria are met, you will be able to hold down the volume key on your phone to sign in to your services.

Read more