W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2015

Baterry API and fingerprinting

From: Dominique Hazael-Massieux <dom@w3.org>
Date: Wed, 08 Jul 2015 20:09:59 +0200
Message-ID: <559D6777.3080505@w3.org>
To: public-privacy@w3.org

An interesting paper on how a seemingly innocuous API (battery level 
reading) ends up providing exploitable fingerprinting surface:
   A privacy analysis of the HTML5 Battery Status API

Some of the risks highlighted are specific to an implementation 
(providing arguably too detailed information), some are probably more 
generic to any API that bridges with hardware. It might be interesting 
to look if the self-review questionnaire would have helped mitigating 
these risks at the spec level.

Received on Wednesday, 8 July 2015 18:11:19 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:30 UTC