Your SSD is Snitching: New FROST Attack Tracks Your Browsing Secrets

A new technique called FROST (File-system-based Remote Observation of SSD Throughput) lets websites eavesdrop on your device by measuring how your storage drive processes data. By creating a massive temporary file using OPFS (Origin Private File System), a malicious site can track the timing of input/output requests. Because browsers like Chrome have become bloated operating systems, they now allow scripts to compete for drive access, creating a side-channel leak that exposes what other tabs or apps you have open.

Researchers trained a convolutional neural network to analyze these I/O timing jitters. When your Mac with an M2 chip performs tasks, it creates unique latency patterns on the SSD. The attacker’s script effectively feels the 'vibrations' of your system's activity through these tiny delays, identifying your open applications without needing any permissions or user clicks.

The catch is that this requires the site to dump a gigabyte-sized file onto your drive, which isn't exactly subtle. While the team behind this isn't aware of any real-world attacks yet, they’ve confirmed the math holds up across platforms like Linux. It turns out that making web browsers powerful enough to replace your entire computer was a brilliant idea for productivity, but a catastrophic one for privacy. The industry is currently waiting for browser makers to implement basic sanity limits on file access, but until then, every open tab is potentially a tiny, gossiping informant living inside the hardware.

Source: Ars Technica