Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
HTML5: Access Battery status through javascript (smartjava.org)
41 points by josdirksen on June 8, 2012 | hide | past | favorite | 12 comments


I haven't tested it, but the post claims that this works on iOS, and I've never seen a preference option to disable this.

Someone clever could use this misfeature (what amounts to a data leak) to perform a sort of traffic analysis attack and infer data about your sleeping/working/browsing schedule, and then potentially interpolate travel patterns, business associations, and maybe even correlate to a precise (historical) physical location.

The security implications here are vast (and not immediately obvious), and there is a vanishingly small practical use case for this.

Why does this exist?

"can" != "should", for fuck's sake.


Why would a user leave the web page open through their sleeping working browsing schedule? Why would a dev use battery status to interpolate travel patterns instead of, say, the location API or your geo IP?

Given the other things available to a dev wanting to know about a user's behavior, battery status is a strange one to rant about.

> The security implications are vast.

No they're not. Battery status has been available to every app on your laptop for years without a problem. Web pages are ad hoc apps. If you're concerned, don't install the app, and use NoScript with a whitelist for browsing.


The problem with web apps though is that they aren't really local to your computer. We have all kinds of sandboxes to prevent, say, a web page from opening up a connection to talk to your PCI cards.

I wouldn't say that this is the same as giving battery status to every app on your laptop. A closer example might be smart phones. But there's a presumption that if software is running on your laptop or smartphone you have at least some idea of what it is and what it can do. In practice not so much and such apps could misuse this data along with others.


Sometimes I charge my phone at night, sometimes I don't. Sometimes I charge it at work, sometimes I don't. You couldn't even infer my timezone from that data, let alone my location. And even if I did have a reliable schedule, so what? All you would conclude is that I am on GMT+1, and work 9 to 6. Shocker.


It looks like the work that Mozilla are putting in to allow all the functionality needed for applications to be accessible through the browser is going well.

Worked perfectly on my laptop, in Firefox 13.


And at least one more bit for browser tracking...


Now I finally know what the four icons in jQuery UI that shows battery levels can be used for. :-)


Not working for me on iPad. Cool hack though as some people are having luck.


Using Firefox 16.0a1 (2012-06-07) on OS X it's telling me my battery is at 100% and charging, while it's at 95% and not charging.


From the article "And it doesn't work yet on Mac (does work on iOS, Android and windows)."


Didn't work for me on Android 4.0.3 in either Chrome or the Android browser


I suspect it might only be in the Firefox beta stream? (In which case, I'm surprised to see the OP mention iOS).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: