Malicious Sites Track Users Through SSD Timing Side-Channel Attacks
ID: 494c5d30-32e2-5b03-a73e-97e9c4bed4df
STIX ID: report--494c5d30-32e2-5b03-a73e-97e9c4bed4df
Feed Name: Cyber Press
FROST is a browser-based surveillance technique that weaponizes the Origin Private File System (OPFS) to produce SSD contention from JavaScript, enabling cross-application website and application fingerprinting and a covert data-exfiltration channel; researchers demonstrated high classification accuracy and hundreds of bits-per-second throughput on macOS and Linux, and recommended mitigations such as limiting OPFS file sizes, restricting high-resolution timers when OPFS is in use, cross-origin OPFS tracking, and requiring explicit user permission.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.