356
Researchers say they can spy on your browsing by measuring SSD activity through a browser API
(www.tomshardware.com)
this post was submitted on 28 May 2026
356 points (98.6% liked)
Technology
84988 readers
4828 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Becau of the push for web apps to get around platform (and platform store) limitations.
e.g. Apple banned apps for vapes (not just talking about nic vapes but e.g. there's a number of cannabis flower vapourisers that use Bluetooth for fine tuned settings, those were forced to move over to web apps as the native apps simply got pulled), but also software like ESPHome is completely web based and needs access to raw USB devices to write the new firmware onto them, the list goes on.
Main issue seems to be that a lot of these APIs don't require explicit user approval. USB, Bluetooth does, but apparently accessing detailed system statistics doesn't? Make that make sense...
Well it’s all potential advertisement revenue
That's not a legitimate reason. The correct response is to make a standalone application, not a web app, and distribute it elsewhere than the main store. It's one more reason sideloading needs to be allowed. If it isn't we end up with vulnerabilities because of workarounds.
Good luck distributing it "elsewhere" when it comes to iPhones.
Yes, even with the DMA forcing Apple to open up to alternative app stores in Europe, Apple still has a definitive say as to what apps can be published, and what those apps have access to.
Also, a lot of the time, a full blown app is unnecessary, or not practical.
The solution isn't to prevent functionality from existing - this includes browsers and web apps having access to certain aspects to the hardware - but giving the user absolute control over what they allow an app to do.
Without creating the stupid browser based loopholes, it wouldn't be a choice. Developers would be pushing Apple and Google to allow "sideloading" (as if alternative sources are any less legitimate than from their stores).
It's just as practical. It's unnecessary for a browser to be built to function as a replacement to an application for literally any purpose. If you're making a website, then fine, you don't need an app. If you're making something that interfaces with the functionality of the device, that isn't the job of a browser.
How do you do this? If the browser has permission it has permission. Each application should be separate so the permissions are separate.
Even without the "browser loophole", developers are pushing Google and Apple about further permissions being granted and sideloading and whatnot. Apple and Google careth not... Your argument is pretty moot at this point.
And no, you can already do per website permissions. Or what the fuck do you think the notification settings are for, or the PER INSTANCE BASED REQUESTS for e.g. Bluetooth or USB device access? Or when a website asks you to access your camera or microphone? These are all instances of the browser having access and the website having to request permission separately from it...
Ever heard of this nifty thing called "sandboxing" that browsers have been doing for, oh, about a decade now?
No, not even without it. Without it there would be a significantly larger push. It wouldn't just be a small movement. It'd be necessary. It's like being on a computer and getting everything from the Microsoft store (if you're on Windows). Sometimes they don't have what you need, so basically every moderate user has had to download something elsewhere. It'd be the same on phones. Apple and Google would not be able to get away with preventing sideloading because every user and developer would care, not just the few of us there are now.