Security

A Firefox Loophole Allowed Websites to Track Users

Until recently, Firefox allowed websites to track users through their device’s battery status. This includes smartphones, PCs, laptops, and tablets. The loophole allowed for users’ browser activity to be tracked. Thankfully, the loophole has since been disabled. Read on to find out more about how the feature allowed users to be tracked, and whether or not this feature is exclusive to Firefox.

Battery Status API

Firefox used this feature to allow websites to receive information about a user’s device. This information includes whether or not the item is charging, the battery percentage, and how much time (in seconds) the device has left before it needs to be charged. This feature was intended to provide websites with information on how they could make their sites battery-friendly. They could then adjust a website’s features to suit the battery level of a person’s device.

Read More: Why Would Hewlett Packard Want to Hack Itself?

Last year, the Guardian reported that battery API had the ability to track users. For example, if you opened a website in Firefox, and then a website in Chrome under private browsing mode, the battery API would be able to associate the two pages as being on the same phone due to their battery status. Once the web pages are recognized as being from the same device, a website can then use battery API to identify someone and further enable cookie-tracking of online activities. Even if you clear cookie-tracking, the battery API can help websites to identify the device so that cookie-tracking can be re-enabled.

The Issue with Chrome and Opera

Firefox is not the only browser to use battery status API: Chrome and Opera also use this feature. Before Firefox removed the feature, they allowed users to easily disable it. Unfortunately, that doesn’t seem to be an option with Chrome or Opera. If you’re concerned about your online behavior being tracked through the battery status of your smartphone or PC, it might be best to avoid Chrome and Opera.

Currently, it’s unclear if Chrome or Opera will start allowing users to disable the feature, or if they’ll follow Firefox’s lead and remove it. Although Firefox has disabled this feature, you can still access it as a Firefox add-on. Chrome and Opera could, potentially, follow this move as well. However, considering Facebook and Google’s habit of excessively tracking users, it’s unlikely this will change any time soon.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Does Changing Your Password Every Week Make Your Account Safer? Myth or Fact

You’ve probably heard that changing your password every week is a smart way to keep…

57 years ago

What Happens When You Tap “Allow” on an Android App?

You install a new app, open it for the first time, and the screen pops…

57 years ago

5-Minute Monthly Phone Check: What to Review on Android

You unlock your phone to answer a quick text and, without even noticing it, pass…

57 years ago

What Happens to Your Data After You Close an App?

You open an app to order food, check your bank balance, chat with friends, or…

57 years ago

Going to Watch the World Cup? Your Phone Knows More About You Than You Think

Going to watch the World Cup? Without even noticing it, your phone follows almost every…

57 years ago

Can Tap-to-Pay Cards Be Cloned? Myth or Real Risk?

Can someone clone your card just by standing near your bag? Could you lose money…

57 years ago