While smartphones and tablets continue to have more features which help make our lives easier, their battery life isn’t usually something which users are happy with.
Now, whilst the manufacturers are working on extending its shelf-life, the batteries are in the spotlight for another reason. This time, the engine of these mobiles is putting user privacy at risk by leaving a trail of all your movements online.
The fact what businesses and cybercriminals are able to find out this information is down to a characteristic of HTML5, the latest version of the language used to create webpages. This function allows webpages to know the status of the battery and adapt what it shows.
So, in the event that our battery hasn’t got a lot of energy left, websites written in HTML5 can be loaded (if the developer allows) with all unnecessary items removed in order to save resources and power.
This isn’t a new characteristic as it was introduced in 2012 and works with Chrome, Opera, and Firefox. Recently, however, a group of French and Belgian investigators have published a study which shows that the information received this way is specific and puts our security at risk.
It is possible to tell the percentage of battery remaining and the estimated life before it completely runs out, but what is really worrying is that this data is collected every 30 seconds (almost in real time).
In addition, researchers have also found that, after several visits, you can find the maximum capacity of the battery and eventually identify the user each time you visit a particular website, creating a kind of digital trail.
It also doesn’t make much difference if you surf incognito. In fact, neither the firewall of a computer or using a VPN are enough to escape this monitoring by HTML5. As if that were not enough, everything happens without the user being aware, since the website does not have to ask permission to gather all this information.
Beyond technical features like this that endanger our privacy – and that will probably be changed soon, following the controversial study – users should remember how to protect their privacy in the digital environment and also protect themselves with the best security tools available – it’s your security that’s at risk.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
