New research shows that a feature of HTML5 that allows websites to find out how much battery power a visitor has left on their device (smartphone or a laptop) can be used to track their presence online.
If you’re wondering why HTML5 has a feature like that in the first place, it’s because it allows websites to serve you a “low power” version of the website when your battery is low. However, security researchers warned last year that this functionality could also be used to write code to track visitor’s online activity, and that’s exactly what is happening now.
Princeton University researchers found two cases where code used the information about the visitor’s device’s life battery to track them across the site where it was found. So now, even though HTML5 is not sending a unique identifier with the information that’s sending about your battery, unique combinations of the numbers could indeed give websites a way to match your battery information with your IP address.
This information could be used in all sorts of way, none of which are good.
HTML5 developers are aware of this problem and are in contact with security researchers, but it’s not clear if they can actually do anything about it, since it seems that the only way to fix this vulnerability is to remove it completely.
Chanwoo's Weekly Tech 