• FACEBOOK
  • INSTAGRAM
  • TWITTER
  • LINKDIN

Websites Employ FROST Technique to Monitor Users Through SSD Activity

Key Takeaways

  • Researchers at Graz University have developed “FROST,” a method that can track user activities via browser side-channel attacks.
  • The technique measures SSD access speeds to reveal visited websites and opened applications while having significant limitations.
  • To protect against such attacks, users are advised to limit browser tabs and be aware of their system’s memory management.

New Browser Vulnerability Uncovered

A team of researchers from Graz University of Technology in Austria has introduced FROST, a novel browser-based side-channel attack technique. This method allows for monitoring user activities, such as the websites they visit and the desktop applications they open. The study, titled “FROST: Fingerprinting Remotely using OPFS-based SSD Timing,” highlights how modern browser capabilities can inadvertently increase the risk of surveillance.

FROST exploits the Origin Private File System (OPFS), a standard feature in modern browsers. Side-channel attacks traditionally exploit physical side effects—such as action duration and power usage—to extract sensitive information. In this case, the researchers concentrated on the access speeds of solid-state drives (SSDs) to gather data about user behavior. As stated in the paper, “Web browsers have evolved… into complex platforms capable of running sophisticated applications,” indicating a broader attack surface for potential threats.

Despite its potential, FROST has practical limitations that could hinder its effectiveness outside controlled environments. For successful execution, the attack must occur on a system where both the victim’s activity and the browser run on the same SSD. Moreover, attackers need to create an exceptionally large file to bypass memory cache restrictions. This can consume significant disk space, and browsers like Firefox limit storage to 10GB per site, complicating the attack further.

Quick measurements do not suffice for FROST to gather useful data; the large file must first clear the system’s memory cache, adding an extra layer of complexity. Furthermore, if users utilize software that fully transfers their browser profile into RAM, the risk of this attack diminishes dramatically.

In light of these findings, users are recommended to adopt preventive measures, such as maintaining a single open tab during browsing sessions to minimize exposure to potential spying. The growing sophistication of browsers implies an increase in their vulnerability, suggesting the importance of ongoing examination of security features and practices.

The content above is a summary. For more details, see the source article.

Leave a Comment

Your email address will not be published. Required fields are marked *

ADVERTISEMENT

Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)

Become a member

RELATED NEWS

Aaronia-11-19-24.jpg

The G20 Summit in Brazil: High-Tech “Made in Germany” Protects G20 Participants from Illegal Drones

Smart Cities

Salt_Lake_City12_smart_cities_Adobe1_rt.jpg

Salt Lake City Unveils Comprehensive Digital Service Tool for Residents

Smart Cities

Little_Rock_Arkansas_smart_cities_Adobe1.jpg

US Cities Awarded Innovation Grants to Boost Economic Mobility

Smart Cities

1200x800_ChargeGuru_Charger_smart_cities_PR1_rt.jpg

EV Infrastructure Influencing Purchase and Rental Choices in the UK

Smart Cities

Become a member

Scroll to Top