Your browsing habits may not be as private as you think, even with all the right precautions in place. According to Ars Technica, security researchers have uncovered a new attack technique that allows a malicious website to determine which other sites and applications you have open. Remarkably, you do not need to click anything, download anything, or grant any permissions; simply visiting the page is sufficient.
How Can Websites Spy on Your Browsing Activity Through Hard Drive?
The technique, known as FROST (Fingerprinting Remotely using OPFS-based SSD Timing), takes advantage of a browser feature called the Origin Private File System (OPFS). This feature enables websites to store files on your local drive without prompting for permission. Every website and application generates a unique pattern of activity on your SSD, which FROST exploits to monitor your online behavior.
FROST: Fingerprinting Remotely using OPFS-based SSD Timing
When a malicious website employs the FROST technique, it creates a large file on your SSD and monitors tiny speed fluctuations generated when the drive is engaged in other tasks. These fluctuations can then be analyzed by an AI model trained to recognize the specific patterns associated with various websites and applications. In tests conducted on an Apple M2 Mac, researchers found that the technique could accurately identify visited websites around 89% of the time and running applications with approximately 96% accuracy.
What’s particularly concerning about this method is its ability to operate across different browsers. For example, if you visit an attacker’s page in Chrome, it can still reveal what you are doing in Safari without any additional user interaction.
The Browsers Won’t Fix This, but You Can Protect Yourself
Campaign Creators / Unsplash
Fortunately, FROST has not yet been detected in real-world scenarios, which offers some reassurance. Moreover, the attack can only function while the malicious tab remains open; closing it will immediately halt the intrusion. However, browser developers, including Google, Apple, and Mozilla, have been notified, and none have committed to an immediate fix.
To safeguard your browsing privacy, it is crucial to monitor your available disk space closely. A sudden, unexplained decrease in storage could signal unauthorized activity worth investigating. Although proposals for browser-level fixes have been suggested—such as limiting the amount of disk space OPFS can access—implementation appears distant given the lack of response from browser vendors.
For more information on this pressing security issue, you can read the full article here.
Image Credit: www.digitaltrends.com
