FROST shows a malicious site can infer your tabs and apps by timing SSD activity, turning browser storage into a privacy leak.
Key takeaways
- A gigabyte-plus browser storage file may be enough for a website to infer what else is happening on your machine — not by reading your files, but by timing how you...
- That is the privacy risk behind FROST, short for “fingerprinting remotely using OPFS-based SSD timing,” a research technique covered by Ars Technica. The attack ru...
- Why should web users care that JavaScript can read clues from SSD activity?
- The unsettling part is not that a site can open your documents. FROST does not mean a webpage can directly read local files, steal passwords from disk, or list fil...
👉 Read the full breakdown on MLXIO
Canonical source: https://mlxio.com/cybersecurity/frost-ssd-timing-spy
Top comments (0)