Introduction to FROST Attacks
A new technique has been discovered that allows websites to spy on their visitors by analyzing the activity of their solid-state drives (SSDs). This method, known as FROST, uses JavaScript to measure the I/O interactions between the website and the visitor's device. By running these interactions through a pretrained convolutional neural network, the attacker can deduce which apps and websites are open on the device.
How FROST Attacks Work
The FROST attack works by creating a large file on the visitor's SSD and then measuring the latency differences in read operations from this file. These latency differences can be used to fingerprint user activity on the host system. The attacker can then use this information to determine which apps and websites are open on the device. However, the FROST attack has its limitations, including the requirement for a large file to be stored on the same SSD as the visitor's browser.
Preventing FROST Attacks
One of the best ways to prevent FROST attacks is to close tabs as soon as they are no longer needed. More savvy users can monitor the creation and size of files allocated by unknown websites. Browser makers can also limit the maximum size of files that are allowed, which can help to shut down the side channel. While there are no indications that FROST attacks have been performed in the wild, it is still important for users to be aware of this potential threat and take steps to protect themselves.
Source
Original reporting by Ars Technica (https://arstechnica.com/security/2026/05/websites-have-a-new-way-to-spy-on-visitors-analyzing-their-ssd-activity/).