Websites have a new way to spy on visitors: analyzing their SSD activity
Source: Ars Technica
How the Attack Works
While each file system is sandboxed—isolated from other websites and from the device system itself—JavaScript can measure I/O interactions. By running those interactions through a pretrained convolutional neural network (a deep‑learning system that analyzes text, audio, and images), an attacker can deduce various apps and websites open on the device.
“The attacker continuously measures SSD contention by performing random reads from a large OPFS file,” the researchers explained. “SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network (CNN) on these traces, the attacker can fingerprint user activity on the host system by classifying new traces using the trained model.”
Limitations
- File size requirement – The OPFS file must be extremely large (likely a gigabyte or more). At scale, this would be noticeable to many users.
- Same‑SSD requirement – The OPFS file must reside on the same SSD the visitor is using. This is usually not a problem for tracking open websites because the OPFS file is stored in the browser’s default location, but apps that run on a separate SSD would be invisible to the attack.
Mitigations
- Close tabs promptly when they are no longer needed.
- Monitor OPFS files: more security‑savvy users can watch for the creation and size of OPFS files allocated by unknown websites.
- Browser‑level defenses: researchers propose limiting the maximum size of such files.
There are currently no known instances of FROST attacks being performed in the wild.
Experimental Results
- The researchers performed the full FROST attack on an M2 Mac.
- On Linux, they demonstrated that the underlying primitive (measuring SSD access latency traces from JavaScript) works, though they did not run the full attack.
“Since the performance of the primitive is similar between macOS and Linux, we expect similar performance for the full classification,” said co‑author Hannes Weissteiner. “In principle, it would be possible to train a model on any system activity that reliably generates SSD accesses.”
- Windows was not tested.
Further Reading
The paper linked above provides many more technical details. The research is scheduled to be presented at the DIMVA conference in July.