Tracking even when Browsing in Private!
Have you come across a website that advertises a product that you have planning to purchase or already purchased but have never written about it or shared the information with anyone online! Like some advertiser being able to read what’s on your mind and you not knowing about it.
So yes, you may have called a number and inquired about the product and that information is now digital and online linked to maybe your email which is linked to some cookie on your browser. So there you go. The link is established offline to online and once you are tracked once, even clearing cookies or using Private Browsing would not stop these advertisers from getting to you. In fact, the exploit also walks through a VPN unhindered.
These vulnerabilities are exploited primarily through mobile browsers such as the Battery API on Chrome for Android can know if the phone is charging, the amount of juice in the battery and how long before it is fully charged.
So when one is playing a video on the phone, the service may figure out if there is enough batter power to play the video and if not alert the user to plugin the phone to the charger. So how is this exploit being used to track visitors to a website? Well it is called fingerprinting and already there are many different ways of fingerprinting whats on your browser and the Battery API is another one tool in the kit.
The fact that more and more people are going online and the need to develop APIs to help mobile users remain online and on call may lead for some apps install more of these exploits to understand the different parameters of your phone and thus fingerprint you all the while even when you are not online.
That is something to be worried about. Because with the desktop computer, one had the provision of not allowing anyone to track you or go on private browsing or some other way to remain in stealth. Not so with the mobile computing.