This standard is being used by ads to track your mobile browsing habits across sites, connections and VPNs.
From the article:
Intended to allow site owners to serve low-power versions of sites and web apps to users with little battery capacity left, soon after it was introduced, privacy researchers pointed out that it could also be used to spy on users. The combination of battery life as a percentage and battery life in seconds provides offers 14m combinations, providing a pseudo-unique identifier for each device.
The standard suggests that false data can be provided by the client to hide the true battery status for testing purposes. It seems to me that there should be a privacy setting to randomize battery status, which privacy mode in browsers should enable by default.
(Score: 3, Insightful) by Anonymous Coward on Tuesday August 02 2016, @06:41PM
Sounds like a great feature. I'll hard-code my desktop to always report low battery so I'll get the more efficient version of every page. Well, that's the theory. In reality it'll probably mean that I'll get lots of ads for batteries and the sites will give me full page pop-ups saying I should recharge in order to experience their site to the fullest and that their site doesn't work on low energy devices.
(Score: 0) by Anonymous Coward on Wednesday August 03 2016, @09:43AM
Not to burst your bubble but you'll have to change your User Agent string.
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @06:46PM
Chrome on Android only supports the charging state and battery level, not much data to go on.
Safari and IE don't support this API at all.
Desktops have no battery to report, or a UPS which is fully charged almost always.
Firefox at least lets you turn this "feature" off.
So this is mostly a problem for people using Chrome on laptops while not fully charged on AC power. Not an insignificant group, but not the end of the world. And it loses track of you whenever you are fully charged.
(Score: 2) by mtrycz on Tuesday August 02 2016, @09:10PM
You probably haven't been yet informed: more than 50% of the time, the web is consumed on mobile devices.
You can now proceed to think about TFA from this new angle.
In capitalist America, ads view YOU!
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @10:31PM
Why the fuck would somebody want this exposed to scripting?
(Score: 5, Insightful) by TheGratefulNet on Tuesday August 02 2016, @06:59PM
on solving actual world problems - instead of trying to out-spy each other and out-MONETIZE each other, we'd all be enjoying a higher standard of life right now. instead, we live in the age of snowden, so to speak, were AD MEN like fb, twitter and google are the 'high tech silicon valley innovators' (gagged a bit on that; brb). their entire business model is to snoop on you and make money from that, directly and indirectly.
just nuke us from orbit, already. times like this make me think we're a failed experiment, down here.
"It is now safe to switch off your computer."
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @07:07PM
instead of trying to out-spy each other and out-MONETIZE each other, we'd all be enjoying a higher standard of life right now
If people were not obsessed with power and/or were patient, we wouldn't have Syria. Global warming, over population, lack of food, environmental distraction, etc. etc. etc. but because people are short-sighted, then we do have problems. out-monetizing on the internet is the least of our problems.
(Score: 2) by bob_super on Tuesday August 02 2016, @07:22PM
> out-monetizing on the internet is the least of our problems.
Kids grow up wanting to be a doctor-to-help, pilot, rocket scientist, builder...
The smartest (most school-capable) go straight into banks, finance, law, medecine-because-cash or spy-on-people-tech companies...
GP and I would prefer if those people used their talents for something that was more beneficial to the human race, like solving the problems you list.
But it doesn't pay as much.
"Et le pouvoir maudit qui corrompt les plus purs
Et amène le sage à cracher sur son frère"
https://www.youtube.com/watch?v=VSpw0C8xaCg [youtube.com] (yep, it's not in English)
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @09:44PM
The smartest (most school-capable) go straight into banks, finance, law, medecine-because-cash or spy-on-people-tech companies...
I wouldn't say that. The goals of society are to reward the "less idealistic" professions, as you would say, not the more altruistic. I'll give you two examples,
1. Doctor shortages? Bullshit. Most teaching institutions have explicit quotas for people to enter medicine. The number of slots is 100% rigged to keep number of doctors at such a rate to guarantee employment, to guarantee money. Any doctor has guaranteed profession, no matter if they are terrible at their job. So where is shortage? It's just another version of protection racket (other professions/trades guilty of same thing)
2. Look at graduate studies for all universities where there is no artificial quotas. Overflowing. Most universities are expanding only ajunct prof. positions and tenures are becoming thing of the past. It's all about who you know and luck of the draw, not what you can contribute that matters whether you get a job.
And public spending is not exactly aimed at funding research. Oh noes, we fund wars instead.
Policy is what needs adjustment, not blaming individuals for trying to make a living. But look at elections today - it's not policy, it's "terrists this and that" and "who makes you feel better". When was the last time people actually voted because of policy?? Heck we have an entire anti-nuclear power movement rooted in ignorance and "feelings", so not much hope here. Hell, we have Trump!
Collectively we are pretty fucking stupid. Individuals can't fix that.
/rant
(Score: 3, Insightful) by mtrycz on Tuesday August 02 2016, @09:11PM
In capitalist America, ads view YOU!
;)
In capitalist America, ads view YOU!
(Score: 2) by julian on Tuesday August 02 2016, @09:34PM
Which is why I consider blocking ads, and as much tracking as possible, to be a moral imperative. If enough people block ads this entire business model will collapse.
(Score: 2) by Gravis on Wednesday August 03 2016, @01:16AM
yes they may but the experiment is far from over. we still have a very good chance of making this world a nice place to be.
(Score: 0) by Anonymous Coward on Wednesday August 03 2016, @02:04PM
*shake* *shake* *shake* "outlook not so good"
(Score: 2) by Yog-Yogguth on Saturday August 06 2016, @01:05AM
I find this world to be an absolutely awesome place to be ...as long as I avoid enough humans :3
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 0) by Anonymous Coward on Wednesday August 03 2016, @09:45AM
on solving actual world problems - instead of trying to out-spy each other and out-MONETIZE each other
Not having enough of your money is an actual problem to advertisers.
(Score: 2, Insightful) by Anonymous Coward on Tuesday August 02 2016, @07:02PM
They do not need an API for this. If the device wants a low-power edition of a web-page, then let the browser choose to signal that it is in "low battery mode" via an http-header. Nobody legitimately needs to know the actual battery levels.
FYI, random agent spoofer [mozilla.org] has an option to disable this API and a bunch of other ones like webgl, gamepad api, dom performance timing, etc.
(Score: 5, Touché) by maxwell demon on Tuesday August 02 2016, @07:24PM
I've got an even better idea: Write web sites that don't waste power no matter what the battery status is.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Touché) by bob_super on Tuesday August 02 2016, @07:31PM
But but ... Cool whitespace and zooming JPEG flash thingy shiny!!!!
(Score: 2) by FatPhil on Wednesday August 03 2016, @12:52PM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by maxwell demon on Thursday August 04 2016, @08:58AM
Yeah, it's a shame that Mozilla no longer supports <blink> so now it has to be emulated with expensive JavaScript. ;-)
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Wednesday August 03 2016, @05:56AM
So hard to keep up... this is just a list of 40ish features to enable/disable, reading through all those standards... I have mouths to feed.
I wish RAS defaulted to most secure. :(
(Score: 4, Insightful) by SomeGuy on Tuesday August 02 2016, @07:33PM
How about just making web pages nice and lightweight in the first fucking place?!
Why do you think your battery got low in the first place? If all web pages were designed like everyone used Lynx or Mosaic 1.0 (proper web design BTW) then you would not be draining your battery, you would not be waiting forever for pages to load, and those stupid enough to pay by the megabyte or whatever would not pay out the yingyang (well the providers would up their prices so perhaps not).
Honestly, I have no idea how people can even browse the "modern" web without a quad core 16GB ram/1TB SSD /dual-nuclear-power-plant computer these days. Oh, right that is what "apps" are for.
(Score: 2) by tibman on Tuesday August 02 2016, @08:11PM
It might not just be about page "weight". It could also be the overall brightness of the standard theme. In theory you could actually deliver the same pages with a different (darker) theme to save power (for some screens). http://stevemould.com/phone-battery-save-black-wallpaper/ [stevemould.com]
But this is the wrong approach, imo. The site could just have a dark theme and let people pick it like they currently do for mobile versions. Instead of mobile.site.org or m.site.org they could do lowpower.site.org. But i feel that time would be better spent making a site readable by the blind, or function without javascript, or something like that.
SN won't survive on lurkers alone. Write comments.
(Score: 1, Informative) by Anonymous Coward on Tuesday August 02 2016, @08:29PM
LCD screens don't save any power on dark pages. Brightness uses power, but pages, fortunately, don't control brightness.
It matters for OLED screens, though. And CRTs.
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @08:55PM
Instead of mobile.site.org or m.site.org they could do lowpower.site.org.
Great idea, maybe also add chargedHalfway.site.org and charged75Percent.site.org and phoneinlandscape.site.org and phoneinportrait.site.org and wastelotsofcycles.site.org and ... you get the point.
They can't even make a website that works for all browsers yet, now you want to throw another permutation on top of it as well? Are you a masochist (if you are, that's cool by me as long as it is targetted towards web^Wfull-stack 'developers')
(Score: 2) by tibman on Tuesday August 02 2016, @11:07PM
You must not have read my entire post. I said that if you had to do it, then there was probably a better approach (that protects privacy). But even then it is a waste of time when you could be doing something that matters more like ADA compliance or non-javascript feature parity.
SN won't survive on lurkers alone. Write comments.
(Score: 3, Interesting) by Azuma Hazuki on Tuesday August 02 2016, @08:15PM
Adblockers really, really help. My ancient Thinkpad T500 (Core 2 Duo T9400) crawls when browsing without one, but things are usually tolerable when it's activated. At this point I run the adblockers not so much not to see ads as because the internet's unusable without one. It looks like downtown Harajuku crossed with Max Headroom out there!
I am "that girl" your mother warned you about...
(Score: 2) by urza9814 on Wednesday August 03 2016, @09:28PM
Interesting...I've been noticing the opposite, ad blockers don't seem to help much anymore. Noscript, privacy badger, adblock plus, and a browser with a builtin adblocker and I was *still* seeing ads all over the place. So I decided to get a bit scorched earth, and now my internet experience is positively beautiful :)
I got a pfsense hardware firewall (not really required, but it's nice...) then I grabbed some blocklists from iBlockList.com -- I think I'm using Level 1, Level 2, Microsoft, and ads. But even with that, occasionally something will get through, so I wrote a little shell script to generate my own list on top of those. Whenever I see anything I don't like -- ad, script, tracker, anything unnecessary -- I grab the domain and drop it in a list, then my script looks up that domain in a few dozen different nameservers, fetches the IP addresses, and adds all those addresses to the firewall. Which is far more than necessary for just ad blocking, as there's a domain-based blocklist too; but obviously that can only block outbound requests, and I run a few servers so I want to block these suckers on both sides. And the multiple nameservers are used to better take down companies with big CDNs, like Google. I'm sure I won't get ALL their systems, but it still makes me feel better... :)
(Score: 2) by TheGratefulNet on Tuesday August 02 2016, @11:41PM
marketing guys' heads will asplode if you tell them they can't have their 'carousels' and moving graphics. and those mouse-overs - the worst thing about 'active' pages. I move my mouse to get away from something and I bump into yet another popover. whoever thought that was good should be shot. and I'm almost serious, too. shoot the stupid morans who do first, before thinking.
I had an argument with a marketing puke about the 'need' for a landing page with a moving carousel and he looked at me like I wanted to shoot his dog, when I suggested I don't want things moving on my page when I first land there, or any time after that. he drank the koolaid and he would hear nothing of what i suggested. his fellow pukes would not accept him if he didn't copy that annoying style like they all did.
amazon has gotton worse, too; very few areas are 'safe' for a mouse anymore. and once something pops up, to see the thing I wanted, I spend more time getting rid of that popover. dammit.
"how can I fool my fellow man" is NOT something to be proud of, you stupid yellow-tie-wearing asshats.
"It is now safe to switch off your computer."
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @08:49PM
Intended to allow site owners to serve low-power versions of sites and web apps
Hahahahaha, mohahahahaa.... hehehehe, mwaaahhaaaahaaaaaa ohhhh how funny...
Show me a site that does this and I'll stop laughing at you.
Also, I've got this bridge for sale. Pretty sturdy one. Interested?
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @08:59PM
Disable that crap, because it's enabled by default:
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @09:33PM
Or indeed any 3rd party spy beacons / malware infection hubs. One handy way to do so is using https://requestpolicycontinued.github.io/ [github.io]
For the maximum effect, go for the custom by-yourself-for-yourself whitelist. You'll be amazed at the amount of crap the average web site comes with these days.
(Score: 0) by Anonymous Coward on Tuesday August 02 2016, @09:57PM
I want my EverLowBattery plugin, to fake low battery status, so always get served the LQ page.
(Score: 2) by frojack on Tuesday August 02 2016, @10:59PM
TFS outright states this is being used to track mobile devices by advertisers.
Yet The linked standard says this is merely a proposed standard: "W3C Proposed Recommendation of March 2016", which is not incorporated in ANY BROWSER yet (Because most of the platforms don't have any mechanism to provide such data to the browser).
Further, the non-standard, is being modified before it is even out of the proposal phase, to include privacy concerns.
So once again, Hyped Bait Click Headlines that differ markedly from the truth.
No, you are mistaken. I've always had this sig.
(Score: 4, Informative) by JNCF on Wednesday August 03 2016, @12:32AM
Yet The linked standard says this is merely a proposed standard: "W3C Proposed Recommendation of March 2016", which is not incorporated in ANY BROWSER yet (Because most of the platforms don't have any mechanism to provide such data to the browser).
Can I Use disagrees, [caniuse.com] instead proposing that the battery API is supported in the Android browser, Chrome for Android, and the desktop versions Firefox, Chrome, and Opera. The earliest version of the standard I'm seeing [w3.org] is from April 2011. If you press Ctrl+Shift+i in Firefox or Chrome, it will bring up a console you can execute JavaScript in. Try pasting this snippet from the standard.
// We get the initial value when the promise resolves ...
navigator.getBattery().then(function(battery) {
console.log(battery.level);
// ... and any subsequent updates.
battery.onlevelchange = function() {
console.log(this.level);
};
});
(Score: 2) by Reziac on Wednesday August 03 2016, @02:27AM
"The standard suggests that false data can be provided by the client to hide the true battery status for testing purposes."
I have a little portable battery gadget called a Pocket Juice, which can recharge my phone 3-4 times. Or I can leave it plugged into the phone, and it will keep the phone topped off.
And there is no Alkibiades to come back and save us from ourselves.