- Researchers at Graz University of Technology have revealed FROST, a browser side-channel attack
- The method can reveal visited websites and open desktop applications, but requires creating large files.
- Limitations exist, but the study highlights how modern browser features expand the attack surface for surveillance.
Security researchers have developed a new way to spy on Internet users, and they call it FROST. Recently, more than half a dozen researchers from the Graz University of Technology (Austria) published a new report titled “FROST: Fingerprinting Remotely using OPFS-based SSD Timing” in which they claim that there is a way to spy on user activities directly through the browser.
This is a remote side-channel technique that leverages a standard browser feature called Origin Private File System (OPFS). Typically, a side-channel attack is a way to steal secrets by measuring physical side effects, such as the duration of an action and the amount of energy it consumes. In this case, researchers measured SSD access speeds, which allowed them to track which websites the victim visited and which desktop applications they opened.
“Web browsers have evolved from simple document viewers to complex platforms capable of running sophisticated applications,” the research paper states. “Companies like Google, Microsoft, and Adobe have developed complete office suites, photo and video editors, or even integrated development environments (IDEs) that run entirely within the browser. »
Limits exist
“While these features enhance the capabilities of web applications and enable entirely new use cases, they also increase the browser’s attack surface, and some have already been shown to introduce new vulnerabilities.”
Unlike real-world exploits, those discovered in controlled environments have limitations, making them somewhat more difficult to achieve in the wild. For example, the attack only works if the victim’s activity and browser run on the same SSD. The attack requires the creation of an exceptionally large file to bypass the computer’s cache, which can significantly deplete the victim’s free disk space and because Firefox limits storage space per website to 10 GB, the attack is a little more difficult to carry out on this specific browser.
It was also said that the attacker cannot perform a quick and short measurement, because the large file must first be cleared from the system cache. And finally, if a user runs software that completely moves their browser profile into RAM, the interaction-free attack is successfully blocked.
Still, if you’re worried that someone is using FROST to spy on you, just make sure you only keep one tab open at a time.
Via Ars Technica
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
