- Researchers at Graz University of Technology uncovered FROST, a browser side-channel attack
- The method can reveal visited websites and opened desktop apps, but requires the creation of large files
- Limitations exist, but the study highlights how modern browser features expand the attack surface for surveillance
Security researchers have come up with a new way to spy on internet users and they call it FROST. Recently, more than half a dozen researchers from the Graz University of Technology (Austria) published a new report called “FROST: Fingerprinting Remotely using OPFS-based SSD Timing”, in which they claim that there is a way to spy on user activities directly through the browser.
This is a remote side channel technique that leverages a standard browser feature called Origin Private File System (OPFS). In general, a side-channel attack is a way to steal secrets by measuring physical side effects, such as how long an action takes, how much power it uses. In this case, the researchers measured solid-state drive (SSD) access speeds so they could track which websites a victim visited and which desktop applications they opened.
“Web browsers have evolved from simple document viewers to complex platforms capable of running sophisticated applications,” the research paper says. “Companies such as Google, Microsoft and Adobe have developed full-fledged office suites, photo and video editors or even integrated development environments (IDEs) that run solely in the browser.”
There are limitations
“While these features improve the capabilities of web applications and allow entirely new use cases, they also increase the browser’s attack surface, and some have already been shown to introduce new vulnerabilities.”
Unlike real life, those discovered in controlled environments have limitations that make it somewhat more difficult to venture out into the wild. For example, the attack only works if the victim’s activity and the browser are running on the same SSD. The attack requires an unusually large file to be created to bypass the computer’s memory cache, which can noticeably drain the victim’s free disk space, and since Firefox limits storage space per site to 10 GB, the attack is a bit more difficult to execute on the specific browser.
It was also said that the attacker cannot perform a quick, short measurement because the large file must first be flushed out of the system’s memory cache. And finally, if a user runs software that completely moves their browser profile into RAM, the zero-interaction attack is blocked.
Still, if you’re worried about someone using FROST to snoop on you, just make sure you only keep one tab open at a time.
Via Ars Technica
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
