According to two privacy experts, ambient light sensors on mobile devices can pose a risk to your private information. They argued that the sensors can pick up light from a device’s screen, which can be manipulated to uncover a user’s browser history.
Google Wants Browsers to Have Permissionless Access to Sensors
Ambient sensors on mobile devices have become a commonplace feature, so much so that the World Wide Web Consortium (W3C) has developed a special interface that allows websites (through a browser) to interact with them.
Last month, Google’s Chrome developer team proposed relaxing browser permission requirements for accessing these sensors. This proposal was made in relation to WC3’s discussion of generic sensor specification.
In addition to removing permission requirements, Google’s team also proposed relaxing permission for other sensors, such as gyroscope, magnetometer, and accelerometer sensors they argued should all be exempt from the browser permissions system
Google’s justification for this was to allow browsers to become equal to mobile apps in functionality, which do not have to seek explicit permission from users before accessing these sensors.
A Secret Key to Your Browsing History
This proposal was challenged, however, by privacy experts — specifically Lukasz Olejnik and Artur Janc. They said giving browsers the ability to gain access to ambient light sensors, without first prompting the user, could expose people to privacy breaches.
The two argued and proved — in a series of demonstrations — that light radiating from a mobile device’s screen can be picked up by ambient sensors. Moreover, they said that because of this, hackers could lure people to their sites and also gain access to their browsing history.
The potential attacks via this method rely on using differences in light intensity for normal and previously-visited links. These different links produce variations in light output which makes it possible for hackers to infer previously-visited URLs — thus gaining access to your private browsing history.
Additionally, hackers can steal QR codes using this method. However the process is quite a bit slower, making it more difficult to perform than the other attack.
Preventing the Attack
One of the researchers, Olejnik, still thinks breaches via this method can be prevented. In fact, he said the solution is pretty simple and something browser developers themselves can easily prevent.
According to him, it only requires browser makers to change the default frequency at which the sensors report their readings. He also recommended they quantize the result by limiting the precision of the sensor output to only a few values in a preset range.
Furthermore, while these safeguards are not foolproof and don’t even completely stop attacks from happening, they do cause the attack to take longer than it otherwise would. Because these attacks take between seconds and minutes to perform, extending their length of execution makes them practically impossible to complete.
Do you think Browsers should get permission from users to access ambient light sensors? Let’s hear your thoughts.
Images via Shulman Law Firm, MakeUseOf