Account

  Login
  Sign Up For Free

The Actual News

Just the Facts, from multiple news sources.

Websites have a new way to spy on visitors: analyzing their SSD activity

Websites have a new way to spy on visitors: analyzing their SSD activity

May 27, 2026 Technology

Summary

A new spying method called FROST lets websites track what other sites visitors have open and which apps they use by measuring tiny delays in their solid-state drives (SSDs). This attack works through the web browser without needing visitors to do anything except visit the spying website.

Key Facts

  • FROST uses a special technique called a side-channel attack that measures timing delays in SSD input-output operations.
  • It runs entirely in the browser using JavaScript and accesses the origin private file system (OPFS), a storage space reserved for a website.
  • By analyzing timing data with a deep learning system called a convolutional neural network, attackers can guess which websites or apps are active on a device.
  • The attack does not require visitors to click or interact—just loading the page is enough.
  • The method can detect websites open in other tabs and even in different browsers.
  • The OPFS file used must be very large (around one gigabyte or more), which might make large-scale spying noticeable to users.
  • FROST can only monitor apps stored on the same SSD as the OPFS file, so apps on a separate drive may not be detected.
  • Closing unused browser tabs can help reduce the risk of being tracked by this method.
Read the Full Article

This is a fact-based summary from The Actual News. Click below to read the complete story directly from the original source.

Ars Technica