Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Apple, Mozilla kill API to deplete W3C battery-snitching standard

Idea for low-powered HTML adjustments abandoned after security implications explored

Apple and Mozilla are leading the charge away from a W3C standard, because it's too much of a privacy risk.

The Register reported the battery-snitching capability in August 2015.

The W3C's idea was that if HTML included properties to look at the state of user's batteries, it could de-cruft the Web pages it served if your phone was on the last 20 per cent of charge.

However, the 2015 paper (PDF) published at the International Association for Cryptologic Research (IACR) highlighted the privacy implications of battery-snitching. The paper pointed out that the Battery Status API provided an effective way to fingerprint users.

A paper (PDF) presented at late October's Association of Computing Machinery's Conference on Computer and Communications Security conference bore that out, with the authors demonstrating that simple scripts can exploit the API.

One of the authors of the 2015 IACR paper, Lukasz Olejnik (whose work includes highlighting the serious privacy risks posed by the Bluetooth Web API) has now blogged that the Battery Status API is being pulled from Firefox.

The change will be effective as of Firefox 52.

It might not stop there. As Olejnik also notes, it looks like it will be removed from WebKit as well – even before it was fully-implemented in Safari. ®

 

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like