Skip to content
Tech News
← Back to articles

Websites have a new way to spy on visitors: analyzing their SSD activity

2026-05-27 | original
read original get SSD Monitoring Tool → more articles
Why This Matters

The emergence of FROST highlights a new privacy threat where websites can covertly monitor users' device activity through SSD timing analysis, potentially exposing sensitive browsing and app usage data. This development underscores the growing sophistication of side-channel attacks and the need for enhanced security measures in web browsers and hardware. For consumers and the tech industry, it emphasizes the importance of prioritizing privacy protections against increasingly subtle and invasive tracking techniques.

Key Takeaways

Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors’ browsing histories, device fingerprints, and log keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all.

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices.

A side channel based on contention

The technique, laid out in a research paper, exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data.

The attack that FROST uses is known as a contention side channel, which measures the interaction of various processes all using (or competing for) a given resource. By measuring the timing of certain I/O (input-output) operations of the SSD a visitor is using, the researchers were able to determine the websites open in other tabs—even on other browsers—and the apps that were open on the visitor’s device. FROST requires no interaction from the visitor other than opening the site hosting the attack.

“Web browsers have evolved from simple document viewers into complex platforms capable of running sophisticated applications,” the paper authors wrote. “Companies like Google, Microsoft, and Adobe have developed full-fledged office suites, photo- and video editors, or even integrated development environments (IDEs) that run entirely within the browser.” The authors went on to note: “While these features enhance the capabilities of web applications and allow completely novel use cases, they also increase the browser’s attack surface, and some have already been shown to introduce new vulnerabilities.”

Unlike previous contention side-channel attacks on SSDs, FROST runs exclusively in the browser. It uses JavaScript that interacts with the OPFS (origin private file system), an allocated storage space that’s reserved for a specific site to run code needed to complete a given task. Websites can create one with no interaction required by the visitor.

Explore topics: frost yandex meta solid-state drives side channel
Related:
Meta now lets you pay for the pleasure of using Facebook
Meta Starts Rollout of Subscriptions for Facebook, Instagram
Meta rolls out subscription tiers for Instagram, Facebook and WhatsApp
Meta to start testing AI subscription services, with cheapest plan at $7.99 a month
Facebook Plus, Instagram Plus subscriptions launch for $3.99/month

© 2026 GoKawiil

About | Editorial Policy | Contact