on w3c, chrome, privacy

Privacy of Web Request API

Simple payment standard will be the new cool thing web browsers can do. This happens thanks to W3C Payment Request API. Early on it has been even featured in the New York Times and rightly so, as it has a big potential. Why? Introduction Chances are that the days of…

Read more

on w3c, privacy, web browser, firefox, privacy engineering, chrome, sensors, light sensor

Stealing sensitive browser data with the W3C Ambient Light Sensor API

In this post we describe and demonstrate a neat trick to exfiltrate sensitive information from your browser using a surprising tool: your smartphone or laptop’s ambient light sensor. In short: 1. We provide background about the light sensor API and current discussions to expose it more broadly to websites.…

Read more