FROST Attack Lets Websites Spy on User Activity by Measuring SSD Timing via Browser API
Researchers have demonstrated a novel browser-based side-channel attack called FROST that infers user activity by measuring SSD I/O timing through the Origin Private File System API, requiring no malware or extensions.
Researchers have demonstrated a new browser-based tracking technique called FROST (Fingerprinting Remotely using OPFS-based SSD Timing) that allows websites to infer user activity by measuring an SSD's I/O timing via the Origin Private File System (OPFS) API. Unlike conventional browser fingerprinting, this method analyzes storage device behavior and can potentially identify visited applications or files. The attack highlights a novel side-channel that exploits low-level storage access available to web applications.
FROST is a side-channel attack that extracts information from indirect signals generated by a system. In this case, the signal comes from SSD contention, which occurs when multiple programs compete for access to the same storage device. By measuring the timing differences created by that competition, a website can collect information about activity occurring elsewhere on a system. Previous SSD-based side-channel attacks required software running directly on a device, but FROST moves the attack entirely into the browser.
The technique relies on the Origin Private File System (OPFS), a browser feature that gives websites their own sandboxed storage area for saving data locally. According to the authors, this work represents the first demonstration of an attack that exploits OPFS to leak information from a victim's system through JavaScript running in a browser. A user only needs to visit a webpage hosting the attack code — no malware, browser extensions, elevated privileges, or software installation are required. The researchers also demonstrated that the same mechanism can be used to establish a covert communication channel through SSD contention.
The researchers say the findings reflect a broader shift in how web browsers are used. "Web browsers have evolved from simple document viewers into complex platforms capable of running sophisticated applications. Companies like Google, Microsoft, and Adobe have developed full-fledged office suites, photo- and video editors, or even integrated development environments (IDEs) that run entirely within the browser," the paper authors wrote. "Moving applications to the web allows them to be platform independent, accessible and always up-to-date. However, this shift also introduces new security and privacy challenges."
The technique comes with several practical limitations. Long-running measurements require a large OPFS file, which can consume a noticeable amount of storage space. Users who monitor available disk space may be able to spot unusual storage usage associated with the attack. FROST also depends on the targeted activity occurring on the same SSD being monitored. Website fingerprinting is less affected by this requirement because OPFS files are stored in the browser's default location, but application fingerprinting may be less reliable on systems that use separate drives for different workloads. The attack does not provide direct access to files stored on a device and does not bypass browser sandboxing protections.
Several mitigations are discussed in the paper. These include limiting the amount of storage available through OPFS, reducing the precision of timing information available to websites, and alerting users when websites store unusually large amounts of data. The findings were responsibly disclosed to Google, Mozilla, and Apple before publication. The Chromium team stated that it does not consider fingerprinting attacks to be security vulnerabilities. Apple considered the attack out of scope, although it indicated that mitigations may be implemented in the future. Mozilla acknowledged the findings but had not implemented mitigations at the time of publication.
FROST represents a significant evolution in browser-based tracking, moving beyond software and hardware fingerprinting to exploit physical storage characteristics. While the attack has practical limitations, it underscores the growing attack surface created by powerful browser APIs designed for web applications. As browsers continue to evolve into full-fledged application platforms, the line between legitimate functionality and privacy-invasive side channels becomes increasingly blurred. The research serves as a reminder that even sandboxed environments can leak sensitive information through indirect signals, and that browser vendors must carefully consider the privacy implications of every new API they expose to the web.