Looking ahead: A research team in Austria has identified a new way for websites to quietly observe what users are doing on their devices using nothing more than a browser and faint signals from the machine's own hardware. The technique does not rely on cookies, click-tracking scripts, or the fingerprinting methods that have become familiar over the years. Instead, it exploits the timing behavior of solid-state drives.
The method, known as FROST – short for "fingerprinting remotely using OPFS-based SSD timing" – focuses on how different processes compete for storage access. That competition leaves behind small but measurable timing differences. By monitoring those timing shifts, the research team was able to determine which other sites and applications were active on the device.
This approach falls into a category known as side-channel attacks, in which information is inferred indirectly from system behavior rather than accessed directly. In this case, the side channel is SSD latency. When multiple programs try to read or write data simultaneously, the resulting delays shift in ways that can be observed from within a browser session.
What makes FROST notable is that it runs entirely within the browser. The attack uses JavaScript to interact with the Origin Private File System, or OPFS, a feature designed to give websites isolated storage space. While OPFS is sandboxed at the software level, it still relies on shared hardware. That shared layer is where the information leakage occurs.

The attack works by creating a large file in OPFS and repeatedly reading from it. As those reads are executed, the script records how long each operation takes. If another application or browser tab is actively using the SSD, those timings shift. Over time, the collected data forms recognizable patterns.
"The attacker continuously measures SSD contention by performing random reads from a large OPFS file," the researchers explained. "SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network on these traces, the attacker can fingerprint user activity on the host system by classifying new traces using the trained model."
A convolutional neural network is then used to interpret those patterns. Once trained, the model can associate specific timing signatures with particular activities, such as opening a certain website or running a specific type of application. The researchers showed that this can work even across different browsers, suggesting the signal is tied more to overall system behavior than to any single software environment.
The work builds on a broader trend in browser development. Modern browsers are no longer just tools for viewing webpages – they now run complex applications that rival desktop software. That shift has increased their interaction with system resources, which in turn creates new opportunities for unintended data exposure.
"Web browsers have evolved from simple document viewers into complex platforms capable of running sophisticated applications," the authors wrote. "Companies like Google, Microsoft, and Adobe have developed full-fledged office suites, photo- and video editors, or even integrated development environments that run entirely within the browser." They added: "While these features enhance the capabilities of web applications and allow completely novel use cases, they also increase the browser's attack surface, and some have already been shown to introduce new vulnerabilities."
There are limits to how practical FROST is today. The attack requires generating a very large file – likely at least one gigabyte – which could be noticeable to users or trigger storage warnings. It also depends on the monitored activity occurring on the same physical SSD. If applications are running from a separate drive, they may not produce a detectable signal.
The researchers carried out a full demonstration on an Apple M2 system and tested core elements on Linux, where they observed similar behavior. Co-author Hannes Weissteiner wrote that the underlying technique performs similarly on macOS and Linux, suggesting the full classification approach would likely deliver comparable results on both systems. He also noted that, in theory, the model could be trained to recognize any type of system activity that consistently produces SSD access patterns. The team did not test the method on Windows.
There is no indication that the technique has been used outside a research setting. Still, it adds to a growing body of work showing how browser-based code can reach further into system behavior than previously expected. The researchers suggest browser vendors could reduce the risk by imposing stricter limits on OPFS usage, such as file-size caps, or by monitoring unusual storage access patterns. Their findings are scheduled to be presented at the DIMVA conference in July.