عاجل
RUМать пропавшей в Ачинске девочки найдена в НовосибирскеFRCanicule, incendies, orages : le point sur les catastrophes qui frappent la France et le mondeUSLawsuit Alleges US Shared Iranian Asylum Seeker Data with IranDEHeckler & Koch zahlt Millionenstrafe für illegale Waffenexporte nach MexikoTRABD'nin Dış Ticaret Açığı Mayıs'ta Yüzde 42,2 ArttıARمصر والأرجنتين: مواجهة نارية في دور الـ 16 بكأس العالمDEMehrfamilienhaus in Oberkirch nach Brand unbewohnbarRUTrump Hints at Further US Troop Reduction in EuropeDERiester-Rente endet: Das Altersvorsorgedepot kommtARغضب جماهير ليفربول بسبب تجاهل محمد صلاح في منشور دعم لماك أليسترRUМать пропавшей в Ачинске девочки найдена в НовосибирскеFRCanicule, incendies, orages : le point sur les catastrophes qui frappent la France et le mondeUSLawsuit Alleges US Shared Iranian Asylum Seeker Data with IranDEHeckler & Koch zahlt Millionenstrafe für illegale Waffenexporte nach MexikoTRABD'nin Dış Ticaret Açığı Mayıs'ta Yüzde 42,2 ArttıARمصر والأرجنتين: مواجهة نارية في دور الـ 16 بكأس العالمDEMehrfamilienhaus in Oberkirch nach Brand unbewohnbarRUTrump Hints at Further US Troop Reduction in EuropeDERiester-Rente endet: Das Altersvorsorgedepot kommtARغضب جماهير ليفربول بسبب تجاهل محمد صلاح في منشور دعم لماك أليستر
Newsgather
BackNew FROST Technique Spies on Users via SSD Interactions
New FROST Technique Spies on Users via SSD Interactions
يتطور
Wired01.06.2026تقنية3 dk okuma

New FROST Technique Spies on Users via SSD Interactions

نظرة سريعة

A new technique called FROST (fingerprinting remotely using OPFS-based SSD timing) allows websites to monitor users' browsing history and open applications by measuring subtle interactions with their solid-state drives (SSDs).

ملخص مُنشأ بالذكاء الاصطناعي

لماذا يهم

Websites have historically used clever techniques to track user browsing histories and device information. Recently, Meta and Yandex were identified as engaging in such privacy-invasive practices. A new technique, FROST, exploits solid-state drive (SSD) interactions to monitor users.

حجم الخط

Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors’ browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all.

Now sites have a new way to spy on their visitors: by measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices.

The technique, laid out in a research paper, exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data.

The attack that FROST uses is known as a contention side channel, which measures the interaction of various processes all using (or competing for) a given resource. By measuring the timing of certain I/O (input-output) operations of the SSD a visitor is using, the researchers were able to determine the websites open in other tabs—even on other browsers—and the apps that were open on the visitor’s device. FROST requires no interaction from the visitor other than opening the site hosting the attack.

“Web browsers have evolved from simple document viewers into complex platforms capable of running sophisticated applications,” the paper authors wrote. “Companies like Google, Microsoft, and Adobe have developed full-fledged office suites, photo- and video editors, or even integrated development environments (IDEs) that run entirely within the browser.” The authors went on to note: “While these features enhance the capabilities of web applications and allow completely novel use cases, they also increase the browser’s attack surface, and some have already been shown to introduce new vulnerabilities.”

Unlike previous contention side-channel attacks on SSDs, FROST runs exclusively in the browser. It uses JavaScript that interacts with the OPFS (origin private file system), an allocated storage space that’s reserved for a specific site to run code needed to complete a given task. Websites can create one with no interaction required by the visitor.

While each file system is sandboxed, meaning it’s isolated from other websites and from the device system itself, the JavaScript can measure the I/O interactions. Then, by running those interactions through a pretrained convolutional neural network—a system that uses deep learning to analyze text, audio, and images—the attacker can deduce various apps and websites open on the device.

“The attacker continuously measures SSD contention by performing random reads from a large OPFS file,” the researchers explained. “SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network (CNN) on these traces, the attacker can fingerprint user activity on the host system by classifying new traces using the trained model.”

The technique has its limitations. First, the OPFS file must be extremely large—likely a gigabyte or more. That requirement means that attacks at scale would inevitably be detected by many users. Additionally, the OPFS file must be stored on the same SSD the visitor is using. This isn’t usually a problem for tracking open websites, since the OPFS file is stored in the browser’s default location. In the event apps are using a separate SSD drive for apps, those apps couldn’t be detected by FROST.

One of the best ways to prevent FROST attacks is to close tabs as soon as they’re no longer needed. More savvy users can monitor the creation and size of OPFS files allocated by unknown websites. The researchers proposed ways for browser makers to shut down the side channel. One such method is to limit the maximum size of such files that are allowed. There are no indications FROST attacks have been performed in the wild.

ما الذي يجب مراقبته

توقعات الذكاء الاصطناعي — احتمالات وليست حقائق

  • Browser makers will implement measures to limit OPFS file sizes or modify SSD I/O timing to prevent FROST attacks.

    مرجح · خلال أشهر

أسئلة مفتوحة

  • Have FROST attacks been performed in the wild?
  • What are the exact technical limitations for large-scale FROST attacks?
  • Will browser makers implement the proposed countermeasures?
  • Can FROST be used to infer more sensitive data beyond open websites and apps?

مواضيع ذات صلة

This article was originally published by Wired.

أخبار ذات صلة

Marshall Launches Next-Generation Acton IV and Stanmore IV Speakers
تقنية·3 sa önce

Marshall Launches Next-Generation Acton IV and Stanmore IV Speakers

Marshall has released its updated Acton IV and Stanmore IV vintage-inspired speakers, featuring wooden cabinets, PU leather wrapping, and upgraded media controls. The new models boast improved tweeters and waveguides for better sound dispersion, enhanced bass, and clearer audio, along with RCA and AUX inputs for connectivity. They also support Auracast technology for multi-speaker synchronization and can connect to older models via the Heddon streaming hub.

Engadget
المزيد حول هذا الموضوعFROST