Safeguarding Your Privacy: Understanding Generic Sensor API Fingerprinting with JShelter

Modern devices are packed with sensors, from geolocation trackers in phones to heart rate monitors in smartwatches. While offering convenience, these sensors open doors to privacy risks by allowing websites to access sensitive data.

What is the Generic Sensor API?

JavaScript's Generic Sensor API provides a standardized way to interact with device sensors. It includes:

• Device Sensors: Physical hardware sensors. For example, a device's gyroscope. These are the actual sensors on the device.
• Platform Sensors: Interfaces that allow user agents (browsers) to interact with device sensors, providing a way to read data. This is the software interface.

The API uses a class hierarchy, with a base Sensor class and subclasses for specific sensors like Accelerometer, Magnetometer, and Gyroscope.

Browser Compatibility for Sensor API

Limited support exists in Chrome, Edge, and Opera, with Android support in Chrome for Android, Opera for Android, and Chromium-based browsers. Full feature support often requires enabling experimental flags.

High-Level vs. Low-Level Sensors

• Low-Level Sensors: Defined by their implementation (e.g., Gyroscope, Magnetometer).
• High-Level Sensors: Defined by their readings (e.g., GeolocationSensor, which can use GPS, Wi-Fi, or cellular data).

Sensor fusion combines data from low-level sensors, like the AbsoluteOrientationSensor using data from the Accelerometer, Gyroscope, and Magnetometer.

The Threat of Fingerprinting

The W3C acknowledges the risk of using the Generic Sensor API for device fingerprinting due to manufacturing variations unique to device models.

Unique Device Identification via Timestamp Exploitation

JShelter discovered a vulnerability in the Sensor.timestamp attribute, which reveals the device's last boot time, making fingerprinting easier. JShelter mitigates this by aligning the timestamp to the page context creation time.

Global Orientation Settings for realistic data faking

Sensor readings are interconnected, requiring consistent orientation data. JShelter uses a shared orientation model across wrappers to ensure realistic faked readings. Using similar logic to the principal axes, the rotation of the device is defined by yaw, pitch, and roll. These values are pseudorandomly drawn to allow realistic data faking.

AmbientLightSensor: Exposing Environmental Data and Risks

The AmbientLightSensor measures illuminance (light level) in lux. This sensor can reveal user behavior, lighting preferences, and even enable malicious activities like PIN skimming.

• Behavioral Analysis: Reveals work habits, lighting preferences, movement patterns.
• Distance Calculation: Determines distance to light sources via the inverse square law.
• PIN Skimming: Exploits sensor data to detect PINs for financial transactions. Studies show high accuracy in PIN classification using ambient light sensors.
• Cross-Device Tracking: Identifies users across multiple devices in the same room.
• Cross-Device Communication: Transmits data between devices using light emission and sensor readings.

JShelter's AmbientLightSensor Protection

JShelter generates fake readings based on typical office illuminance levels (500-900 lux), rounded to the nearest 50. A pseudorandom value, consistent across browser tabs, is used to simulate a stationary device under constant lighting.

Accelerometer: Monitoring Device Movement and User Activity

Accelerometers measure the rate of change of velocity. The API offers Accelerometer, LinearAccelerationSensor, and GravitySensor classes, each providing different aspects of acceleration data.

• Total Acceleration: Accelerometer provides total acceleration applied to the device.
• Linear Acceleration: LinearAccelerationSensor excludes gravity's influence.
• Gravity Acceleration: GravitySensor returns only gravity acceleration.

Accelerometer and Advanced Fingerprinting

• Device Positioning: Determine device position using trajectory inference.
• Activity Recognition: Infer user activities like lying, sitting, walking, or cycling.
• Walking Pattern Analysis: Analyze human walking patterns.
• Speech Recognition: Extract speech patterns via vibrations, enabling gender classification and speaker identification.

JShelter's Accelerometer Protection

JShelter simulates a stationary, potentially rotated device by:

• Faking gravity vector using a rotation matrix derived from a domain hash.
• Setting LinearAccelerationSensor to near-zero values with occasional pseudorandom vibrations.
• Combining these values for the Accelerometer sensor.

Gyroscope: Measuring Angular Velocity and Detecting Subtle Vibrations

Gyroscopes measure angular velocity along the x, y, and z axes. They are susceptible to fingerprinting through speech recognition and analysis of resonance from internal/external sounds.

JShelter's Gyroscope Protection

JShelter simulates a stationary device by:

• Setting angular velocities to near-zero values with pseudorandom oscillations.
• Applying changes in pseudorandom intervals to mimic real-world sensor imperfections. Actual values are pseudorandomly calculated to ensure deterministic behaviour.

Magnetometer: Measuring Magnetic Field Strength and Direction

Magnetometers measure the strength and direction of the magnetic field around the device, providing data on x, y, and z axes in microtesla (µT). However, these can be used in fingerprinting due to unique characteristics from different places on Earth.

By understanding the Generic Sensor API and its potential privacy risks, you can take steps to protect your data. JShelter provides a robust solution by faking sensor readings, ensuring a safer browsing experience.