This post is built around my paper (presented to/at the International Workshop on Privacy Engineering) devoted to privacy assessment in web standards. After the previous one (Battery Status Not Included: Assessing Privacy in W3C Web Standards) this is the next insight in this domain. While I point out the…
Read more
My work touches multiple dimensions: research, technology, standards and technology policy. One of the aspects of my security and privacy research involvement are the study of sensors privacy - and especially sensors exposed to websites via web browsers. The practical outcome of this work are privacy analyses of Web APIs.…
Read more
In this post we describe and demonstrate a neat trick to exfiltrate sensitive information from your browser using a surprising tool: your smartphone or laptop’s ambient light sensor.
In short:
1. We provide background about the light sensor API and current discussions to expose it more broadly to websites.…
Read more
Introduction
Smartphones are equipped with a sensor letting the device to detect the brightness levels in their environment (modern sensors are even capable to measure the intensity of green, red and blue lights). The simplest application of the sensor is to adjust the screen's brightness in accordance with the environment.…
Read more