Lukasz Olejnik

Privacy engineering analysis of Browser Status API

This was a fun privacy engineering piece of work. The work analyzed a browser mechanism enabling Web sites to read the battery level on user's devices. It turns out the mechanism is not entirely insignificant from privacy point of view.

The great news is as an outcome a W3C standard is changed to address the issue and a related Firefox fix is also deployed.

The work received some attention.

The Guardian, The Independent, Slashdot, Wired, International Business Times, Mashable, The Telegraph, Belfast Telegraph, The Inquier, Wall Street Journal, Beta News, Daily Mail, La Repubblica, Liberation, El Pais, Neue Zuericher Zeitung, Site of Belgian police? ;-).

Since then, a numerous creative use of battery data has surfaced. I describe the security and privacy aspect.

This work has drawn some attention; a few below.

The Guardian , The Daily Dot, Huffington Post , Zdnet, Slashdot, Telegraph, Liberation, International Business Times, Der Standard, Business Insider, Independent.

In 2016, Mozilla has decided to remove Battery API from Firefox and WebKit.

Story was further covered in international media, such as Guardian.