Websites Can Now Spy on You Through Your Hard Drive
ID: 5a14a606-2b3f-5701-92a3-80df4715c3de
STIX ID: report--5a14a606-2b3f-5701-92a3-80df4715c3de
Feed Name: WIRED Security
Researchers describe FROST, a browser-executed side-channel attack that uses large OPFS files and timing measurements of SSD reads to infer other open websites and applications on a victim’s device; the JavaScript probe data is classified with a convolutional neural network. The technique is notable for running entirely in-browser without user interaction, but it has practical limitations (requires very large OPFS files, must be on the same SSD, and would likely be detectable), and there are no indications it has been used in the wild.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
