Websites Have a New Way to Spy on Visitors: Analyzing Their SSD Activity
Researchers have discovered a new browser-based side-channel attack called FROST that enables websites to spy on visitors by measuring subtle timing differences in SSD activity via JavaScript interacting with the origin private file system (OPFS). This technique allows attackers to infer what other websites and apps the user has open without any interaction beyond visiting the malicious site, highlighting a novel privacy risk stemming from modern browser capabilities and SSD contention.













