Sunday April 23, 2017

Stealing Browser History With Ambient Light

Privacy guru Lukasz Olejnik has discovered a way to steal a user's browser history using the ambient light sensors commonly installed in mobile devices. Ambient light sensors have become standard hardware for everything from smart phones, tablets, laptops and TVs. They are so common, that the World Wide Web Consortium developed an API that ships with browsers like Chrome and Firefox for the sole purpose of interacting with those sensors. It gets even worse. Google is trying to remove the permission requirements for these devices to make their PC based browser software more akin to their mobile bretheren. The ambient light sensor isn't their only focus. If they have their way, browsers will be able to interact with the phone's gyroscope, accelerometer and magnetometer. Interesting indeed.

Lukasz found that the light that is gloriously eminating from a monitor can be picked up by the ambient light sensors in a mobile device. If an end user takes a leisurely stroll to a malicious domain, an attacker can determine their browser history. The attack itself is able to work by parsing out the different colors used for sites that have been previously and newly visited. These sites produce small variations in light that are detected by the ambient light sensors. This attack method can also steal a precise QR code.

I wouldn't run for the hills and declare "Red Alert" just yet. At this time it is unclear just how much history is exposed. Logic would dictate that data is only vulnerable within the time frame that the mobile device was compromised coupled with its proximity to the target device. There are a lot of moving parts and variables to this, which in my opinion, reduces risk as the scenario has to be "just right".

Discussion