Loading...
Loading...
Researchers unveiled FROST, a browser-based side-channel that leverages the Origin Private File System (OPFS) to infer which sites and apps a visitor has open by measuring SSD I/O contention. Malicious JavaScript writes a large OPFS file and performs timed random reads; latency fluctuations caused by other processes’ SSD activity are fed into a convolutional neural network to classify user activity across tabs and applications. The attack works without user interaction and across browsers, exposing a novel cross-origin privacy risk from shared hardware resources. Mitigations include limiting OPFS exposure, API changes, SSD firmware or OS isolation, and detection at scale.
FROST reveals a cross-origin privacy risk where websites can infer user activity across tabs and apps by measuring shared SSD behavior, impacting browser security and threat models. Tech professionals must reassess OPFS exposure, browser APIs, and storage isolation to mitigate hardware-based fingerprinting.
Dossier last updated: 2026-05-28 03:45:47
Researchers disclosed FROST, a browser-based side-channel attack that uses JavaScript to monitor SSD I/O latency and infer which other sites or apps a user is visiting. The attack creates a very large OPFS file (often ~1GB+) and issues repeated random reads to record latency traces; contention from other processes’ SSD activity alters those traces, which a pretrained CNN classifies to identify visited pages. Demonstrations completed on Apple M2 macs and latency-measurement validation on Linux; Windows remains untested. Limitations include high storage footprint (easy to detect) and requirement that targets reside on the same physical SSD. Researchers suggest browser limits on OPFS size and advise users to close unused tabs and watch for large site storage files. Paper due at DIMVA in July.
Researchers described FROST, a browser-based side-channel attack that uses JavaScript and the Origin Private File System (OPFS) to measure SSD I/O contention and infer which websites and apps a visitor has open. The technique works by creating a large OPFS file and performing repeated reads; user activity on the same SSD causes latency patterns that a pretrained convolutional neural network can classify to fingerprint activity across browsers with no additional user interaction. FROST is notable because it operates entirely in-browser and leverages storage timing rather than network or sensor data. Limitations include the need for very large OPFS files and co-location on the same SSD, and mitigation options include closing unused tabs and restricting OPFS usage.
Researchers disclosed FROST, a new browser-based side-channel that lets websites infer which other sites and apps a visitor has open by measuring SSD I/O contention via the Origin Private File System (OPFS). Malicious JavaScript creates a large OPFS file and performs timed random reads; latency variations from other processes’ SSD activity are fed into a pretrained convolutional neural network to classify user activity across browsers and tabs without user interaction. The attack requires a very large OPFS file stored on the same SSD and is somewhat detectable at scale, but highlights a novel privacy risk from browser storage APIs and shared hardware resources. Closing tabs and reducing OPFS exposure can mitigate it.
Researchers have disclosed FROST, a new browser-based side-channel technique that lets websites infer which sites and apps a visitor is using by measuring subtle timing variations when interacting with a device’s SSD via the web platform’s OPFS (Origin-Private File System). The method exploits contention and timing leaks in SSD access patterns exposed to web pages, enabling remote fingerprinting of open applications and visited domains without traditional tracking mechanisms. The paper demonstrates practical cross-origin privacy risks from hardware-level interactions accessible in browsers, raising concerns for browser vendors, cloud providers, and web-security teams. Mitigations will require changes to browser APIs, SSD firmware behavior, or OS-level isolation to block these covert timing channels.