安全研究人员详细介绍了一种名为 FROST(基于 OPFS 的 SSD 定时远端指纹识别)的新型争用旁路攻击,该攻击允许网站仅在浏览器中使用简单的 JavaScript 来监视访客的固态硬碟(SSD)活动。透过利用源自私有档案系统(OPFS)这一沙盒储存空间,该攻击可以测量输入-输出操作的延迟。随后,这些延迟轨迹会使用预先训练的卷积神经网路(CNN)进行分析,以识别用户设备上同时开启的其他网站和应用程式。
该攻击的可行性已在一部 M2 Mac 上得到证实,而在 Linux 上的测试表明,测量存取延迟轨迹的底层原语运作方式相似,这表明两者具有类似的分类效能。研究人员并未在 Windows 上测试该技术。FROST 的一个重大限制是它需要一个储存在同一 SSD 上的极大 OPFS 档案,通常为 1 GB 或以上(1 gigabyte 或以上)。如此庞大的档案大小使得大规模检测成为可能,且该攻击无法检测在独立硬碟上运作的应用程式。
FROST 的缓解措施包括关闭闲置的分页以减少资源争用,以及监控未知网站所分配之 OPFS 档案的建立和大小。浏览器开发商也可以透过限制 OPFS 档案的最大容量来对抗这种旁路通道。尽管目前尚未观察到实际的漏洞利用,但由 Dan Goodin 报导的这些发现凸显了浏览器攻击面的扩大,并预计由共同作者 Hannes Weissteiner 及其同事于 2026 年 7 月的 DIMVA 会议上发表。
Security researchers have detailed a new contention side-channel attack called FROST (Fingerprinting Remotely using OPFS-based SSD timing), which allows websites to spy on visitors' solid-state drive (SSD) activity using simple JavaScript in the browser. By exploiting the Origin Private File System (OPFS), a sandboxed storage space, the attack measures the latency of input-output operations. These latency traces are then analyzed using a pretrained convolutional neural network (CNN) to identify which other websites and applications are concurrently open on the user's device.
The attack's feasibility was demonstrated on an M2 Mac, while testing on Linux showed that the underlying primitive of measuring access latency traces functions similarly, suggesting a comparable classification performance. The researchers did not test the technique on Windows. A significant limitation of FROST is its requirement for an extremely large OPFS file, typically 1 GB (1 gigabyte) or more, stored on the same SSD. This large file size makes scale detection likely, and the attack cannot detect applications running on separate drives.
Mitigations for FROST include closing idle tabs to reduce resource contention and monitoring the creation and size of OPFS files allocated by unknown sites. Browser developers could also counter this side-channel by restricting the maximum size of OPFS files. Although no real-world exploits have been observed, the findings, reported by Dan Goodin, highlight expanding browser attack surfaces and are scheduled for presentation by coauthor Hannes Weissteiner and colleagues at the DIMVA conference in July 2026.