> the researchers suggest a variety of ways to obtain that MAID, including placing an "active-content" ad that uses javascript to pull the MAID from a phone at a certain location... MAIDs can also be intercepted by someone on the same Wi-Fi network as the target phone.
> "It’s not a particularly high bar to entry for a very, very highly targeted attack," says Adam Lee... A domestic abuser could, for instance, obtain a spouse's MAID... or a co-worker could do the same in the office... Or an ad buyer could use active-content ads to gather the MAIDs of the people at a specific location, like a protest, or users of a potentially sensitive app like gay-dating apps or religious apps...
You talk about illegitimate purposes, not legitimate.
I guess they're intended to show ads multiple time for a user. Ads often only work if you've seen them often enough. A coke ad once will not change your behaviour but seeing it three times a day over a week could.
> the researchers suggest a variety of ways to obtain that MAID, including placing an "active-content" ad that uses javascript to pull the MAID from a phone at a certain location... MAIDs can also be intercepted by someone on the same Wi-Fi network as the target phone.
> "It’s not a particularly high bar to entry for a very, very highly targeted attack," says Adam Lee... A domestic abuser could, for instance, obtain a spouse's MAID... or a co-worker could do the same in the office... Or an ad buyer could use active-content ads to gather the MAIDs of the people at a specific location, like a protest, or users of a potentially sensitive app like gay-dating apps or religious apps...