|
Post by woodyz on Feb 11, 2016 15:42:29 GMT -7
The Invisible Way Cybercriminals Track You Through Your Smartphone’s Battery www.offthegridnews.com/privacy/the-invisible-way-cybercriminals-track-you-through-your-smartphones-battery/A new report says websites can monitor the battery life on your table and smartphone, an action that leaves a trail and allows business and cybercriminals to track you, Panda Security reported. This is all due to HTML5, a computer language in which webpages are written. It contains a function that is supposed to adapt websites to battery usage. According to Panda Security, pages written in HTML5 can actually detect how much juice is in your battery and adjust the webpage accordingly. For example, a simpler version of the page can be loaded if your battery is low, extending its life. The battery data is collected every 30 seconds and leaves a digital trail, a group of French and Belgian researchers discovered. It impacts Chrome, Opera and Firefox browsers. Researchers found that after several visits, “you can find the maximum capacity of the battery and eventually identify the user each time you visit a particular website, creating a kind of digital trail.” To make matters worse, there is no way users can stop it because no permission is required to gather the information. If you visit a website, it automatically collects the information. “It also doesn’t make much difference if you surf incognito,” Panda Security reported. “In fact, neither the firewall of a computer or using a VPN are enough to escape this monitoring by HTML5. As if that were not enough, everything happens without the user being aware, since the website does not have to ask permission to gather all this information.”
|
|
|
Post by Cwi555 on Feb 11, 2016 16:25:15 GMT -7
External battery backups thwart that.
|
|
|
Post by sirderrin on Feb 11, 2016 18:17:58 GMT -7
External battery backups thwart that. In reading what it says it would require randomly using back up battery to thwart the process.... and even then it might be questionable depending on the exact code it uses....
|
|
|
Post by Cwi555 on Feb 11, 2016 20:42:06 GMT -7
External battery backups thwart that. In reading what it says it would require randomly using back up battery to thwart the process.... and even then it might be questionable depending on the exact code it uses.... It wouldn't take as much to thwart it as you may believe. There are several conditions in that statement. First of which being repeatedly visiting the same site under the same conditions and times. Any data it could gather would be worthless without it. The next required element is being able to identify your specific data stream/Metadata against a field of others. It's all well and good to detect a random battery level, but there is more information than that required to get anything useful out of it. First they have to identify the phone. Something most are unaware gets embedded in calls and Web use. GSM networks like AT&T and T-Mobile use IMEI numbers. CDMA networks such as Sprint, Verizon, and US Cellular use MEID numbers. All of which make for the unique identifier for your unit. With that unique identifier, your specific data stream can also be identified. After that it becomes a game of statistics. Every phone has specific batteries it can use. With enough hits at specific charge levels, a general idea of how you use your phone can be identified. Using those same stats, it then begins to paint a picture of your general geographic location when that charge level, cell tower, time of day, etc are plugged in. Statistically, the majority of users start the day with a full charge. They may keep it on charge at certain times of the day, on certain days, and for all intensive purposes, create a pattern that when tied to the previous data from towers, unid, and patterns of usage, box you in. Variation of the unid is very difficult and illegal in most cases. That is out. Varying other datum points, not so much. Varying charge levels and times is probably the easiest to do. Rolling full charge times instead of starting every day that way being particularly easy with the mobile chargers and backups. Using proxies for surfing is a bit more complicated, but doable. Varying times etc also doable. Anything that can break up a pattern is useful. Which is exactly what your doing when you vary x. The further you can push your information towards either side of that curve, the less useful it becomes for tracking you, profiling you, or otherwise potentially harming you. Ever wonder why manufacturers for cell phones have been moving away from user changeable batteries? Food for thought.
|
|