Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The Bot That Cried Wolf: Battery tracking poses no real privacy threat

Evan Schuman | Aug. 12, 2015
IT's relationship with privacy is delicate. Corporate IT needs to take privacy fears very seriously, but if IT jumps and shouts at every tiny possible privacy invasion, we'll have the Bot That Cried Wolf. Put another way, the best way to weaken privacy protections is to embrace so many privacy problems that none have any significance.

The privacy nightmare scenario that the authors paint is based on this half-minute-later return visit. Within those limited situations, it could be used to find those who want to be found the least, the authors argue: "Users who try to re-visit a website with a new identity may use browsers' private mode or clear cookies and other client side identifiers. When consecutive visits are made within a short interval, the website can link users' new and old identities by exploiting battery level and charge/discharge times. The website can then reinstate users' cookies and other client side identifiers, a method known as respawning. Note that, although this method of exploiting battery data as a linking identifier would only work for short time intervals, it may be used against power users who can not only clear their cookies but can go to great lengths to clear their evercookies." 

The report also concedes why this works on so few OS/browser combinations: "We emphasize that our method only works for UPower and Firefox on Linux, and during our study we encountered some computers for which we cannot recover the capacity with our method. This can be due to the differences in how processors handle floating point calculations or measurement errors in UPower."

This is the quintessential theoretical hole that simply isn't significant. To have a true privacy threat, it has to be effective enough that people will bother implementing it. Please forgive me, but this tactic isn't nearly powerful enough to worry about.


Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.