Malicious websites can now exploit subtle SSD timing signals in modern browsers to quietly track what users are doing on their devices, including which sites and apps they open, using a new side‑channel technique called FROST.
Security researchers Hannesweissteiner have revealed that a single drive‑by visit to a booby‑trapped page is enough for an attacker to begin passively monitoring SSD activity from within the browser.
By abusing the Origin Private File System (OPFS) API and high‑resolution timers, the attack turns benign disk I/O into a powerful fingerprinting channel that works across tabs and even across different browsers on the same machine.
The work shows that performance‑oriented web storage features are quietly eroding traditional sandbox boundaries, creating a new class of remote surveillance threats.
How SSD timing becomes a spy channel
The attack, dubbed FROST (Fingerprinting Remotely using OPFS‑based SSD Timing), relies on measuring contention on the victim’s SSD from JavaScript. Using OPFS, a malicious site can silently create a very large file within its origin‑scoped sandbox and perform continuous random reads from it, forcing real disk accesses rather than hitting the page cache.
Whenever other apps or browser tabs use the same SSD, their I/O competes with these reads, causing tiny but measurable latency spikes that encode a fingerprint of the user’s activity.
To improve measurement accuracy, the site enables strict cross‑origin isolation headers, which unlock high‑resolution timers such as performance.now() despite recent browser defenses.
The resulting latency trace is then cleaned to remove scheduling noise and fed into a convolutional neural network (CNN) that learns to associate timing patterns with specific websites or applications.
On Linux and macOS, the researchers also built a high‑speed covert channel in which a native sender modulates SSD contention. The browser‑based receiver decodes bits at up to tens of kilobits per second, confirming that the underlying signal is both stable and information‑dense.
In practical experiments, FROST proved capable of tracking both browser and desktop activity on macOS systems. By recording 10‑second traces while opening the top 50 Alexa websites, the CNN could predict which site the victim loaded in a separate Safari instance from a malicious Chrome tab, achieving macro‑averaged F1 scores of 88.95 in a closed‑world setting and 86.95 in an open‑world setting.
The technique similarly distinguished 10 pre‑installed macOS applications, such as Safari, Maps, and System Settings, achieving an F1 score of 95.83 for application fingerprinting at startup.
Because the attack occurs at the SSD level, it does not depend on the victim using the same browser or tab. It works even across Chrome–Safari or cross‑tab scenarios as long as they share the same drive.
Importantly, no extra permissions are needed when OPFS is available: once the victim lands on the attacker’s page and leaves it open in the background, monitoring can continue without further clicks or dialogs.
Older browsers without OPFS are still vulnerable if the user can be tricked into selecting a large local file for the page, although this variant is weaker because it requires interaction.
The researchers argue that FROST shows how “near‑native” web APIs can revive powerful side channels from within the browser, even after traditional timer‑based mitigations.
The primary impact is privacy: advertisers, malicious trackers, or threat actors could silently profile which sites users visit, which apps they launch, and potentially correlate that with sensitive behavior for surveillance or blackmail.
While the attack currently targets SSD contention rather than extracting cryptographic keys, it demonstrates that OPFS‑backed storage is a rich telemetry source that browser vendors did not originally model as a cross‑origin resource.
There are practical constraints. FROST requires that the victim’s activity hit the same SSD as the OPFS file, which is almost always true on consumer laptops but less so on multi‑disk workstations.
Long‑running measurements also depend on allocating very large OPFS files to stay ahead of the page cache, which could draw attention on systems with tight disk monitoring.
Some niche configurations, such as moving browser profiles into RAM with profile‑sync‑daemon, can break the OPFS‑based variant by keeping those files off the SSD altogether.
Mitigations discussed in the paper focus on reducing OPFS abuse without completely breaking legitimate apps. Ideas include capping OPFS file sizes so they fit in RAM, treating OPFS usage as a sensitive capability that disables high‑resolution timers, or prompting explicit user consent before granting large private storage quotas.
Browser vendors have reacted cautiously so far: Chromium does not treat fingerprinting as a security bug, while Apple and Mozilla have acknowledged the issue but have not yet shipped concrete defenses.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
