Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Martin Abegglen/Flickr

Can your phone's battery really be used to spy on you?

In the short-term, it can.

WHEN YOU THINK about your smartphone battery, your biggest concern is usually ‘how long will it last’, but you may have another problem to take into consideration.

A team of security researchers have found that phone batteries can be used to identify its owners and track them across the internet, regardless of the privacy measures taken.

The issue comes from a piece of software on HTML5, the technology used to structure and present sites on the web, which tells websites how much battery is left in a user’s phone. The original intention is to allow websites to know if a phone’s battery is running low, and help preserve it.

However, websites (or the scripts running them) don’t need to ask a user permission to check how much charge is left. Instead, phones automatically tell them how much charge is left and how long it’d take to return to a full charge.

The same information can be used to identify users and track them as they visit different sites. By noting these details and seeing if a phone with similar details appears on other pages, it could work out what pages that user visited, even if they’re using private browsing or a VPN (virtual private network).

This would apply more to short-term visits as the researchers note the risk of long-term tracking with this information “may be negligible”. If a user visits a site normally, but returns a moment later using a browser’s private mode, then the likelihood of someone identifying the two visits as the same is higher.

The paper, called ‘The leaking battery: A privacy analysis of the HTML5 battery status API‘, recommends that sites should ask permission to access the battery information instead of doing it automatically.

The researchers also suggest that users should be provided with more information about how their battery information is actually used, and to reduce the precision of battery level readouts, rounding off the numbers instead of giving exact figures.

Read: This tiny robot can jump from water without making a splash >

Read: Not content with just smartphones, Apple wants to launch its own mobile network >

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Author
Quinton O'Reilly
View 22 comments
Close
22 Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.
    JournalTv
    News in 60 seconds