Websites can now spy on you through your hard drive

Over the past decades, there has been no shortage of websites using intelligent technologies to secretly track visitors’ browsing histories, device fingerprints, keystrokes, and mouse movements in real time. Even Meta and Yandex were recently caught joining the privacy free-for-all.

Websites now have a new way to spy on their visitors: by measuring minute interactions with their solid-state drives. This technology, called FROST (OPFS-based SSD Timing Remote Fingerprinting), allows sites to monitor what other sites a visitor is viewing and what applications are open on their device.

The technique, described in a research paper, exploits a side channel, a form of leakage caused by physical manifestations such as electromagnetic emissions, data caches, or the time needed to complete a task. By measuring appearances, attackers can decrypt encrypted traffic and infer other confidential data.

The attack used by FROST is known as side-channel contention, which measures the interaction of different processes that are all using (or competing for) a particular resource. By measuring the timing of certain I/O operations (input and output) of the SSD drive being used by the visitor, the researchers were able to determine which websites were open in other tabs — even on other browsers — and which applications were open on the visitor’s device. FROST requires no interaction from the visitor other than opening the site hosting the attack.

“Web browsers have evolved from simple document viewers to complex platforms capable of running sophisticated applications,” the paper’s authors wrote. “Companies like Google, Microsoft, and Adobe have developed entire office suites, image and video editors, or even integrated development environments (IDEs) that run entirely within the browser.” The authors went on to note: “While these features enhance the capabilities of web applications and allow entirely new use cases, they also increase the attack surface of the browser, and some have already been shown to introduce new vulnerabilities.”

Unlike previous side-channel attacks on SSD drives, FROST works exclusively in the browser. It uses JavaScript that interacts with OPFS (Original Private File System), which is a dedicated storage space reserved for a specific location to run the code needed to complete a particular task. Websites can create a site without any visitor interaction required.

While each file system is sandboxed, meaning it is isolated from other websites and from the device system itself, JavaScript can measure I/O interactions. Then, by running these interactions through a pre-trained convolutional neural network — a system that uses deep learning to analyze text, audio, and images — an attacker can infer the many apps and websites open on the device.

“The attacker continually measures SSD contention by performing random reads from a large OPFS file,” the researchers explained. “SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network (CNN) on these traces, an attacker can fingerprint user activity on the host system by classifying new traces using the trained model.”

This technique has its limitations. First, the OPFS file must be very large, likely a gigabyte or more in size. This requirement means that large-scale attacks will inevitably be detected by many users. Additionally, the OPFS file must be stored on the same SSD that the visitor is using. This is usually not a problem for tracking open websites, as the OPFS file is stored in the browser’s default location. If applications use a separate SSD drive for applications, FROST will not be able to detect these applications.

One of the best ways to prevent FROST attacks is to close tabs as soon as they are no longer needed. More experienced users can monitor the creation and size of custom OPFS files by unknown websites. Researchers have suggested ways for browser makers to close the side channel. One such way is to limit the maximum size of these files allowed. There are no indications of FROST attacks being carried out in the wild.