Deepthix .
← Retour au blog
tech 1 June 2026

A New Way to Spy on Visitors: Analyzing SSD Activity

Websites now use SSD activity analysis to track visitors, a sophisticated technique exploiting security flaws in modern browsers.

Introduction

With the continuous evolution of technology, methods to track user activity on the Internet are becoming increasingly sophisticated. Recently, a new technique has emerged: analyzing SSD activity to spy on website visitors. This innovative and intrusive method raises important questions about the security and privacy of online users.

What is SSD Activity Analysis?

The technique called FROST (Fingerprinting Remotely using OPFS-based SSD Timing) relies on exploiting a side channel, a form of information leak due to physical manifestations such as electromagnetic emissions or the time required to complete a task. By measuring these manifestations, sites can determine other sites open in a browser's tabs, or even applications open on the user's device.

How Does FROST Work?

FROST uses a contention side channel, which measures the interaction of various processes using or competing for a given resource. By timing certain input-output (I/O) operations of the SSD, researchers could identify sites open in other tabs—even on other browsers—as well as running applications.

Impact and Implications

This technique requires no interaction from the user other than opening the site hosting the attack. As browsers evolve into complex platforms capable of running sophisticated applications, FROST exploits the new features that, while enhancing web applications' capabilities, also increase the browser's attack surface.

Real-world Examples

Consider a company using online applications for project management and internal communication. A FROST attack could potentially reveal the online tools being used, thus compromising the company's strategy.

Recent Figures and Facts

According to a recent study, about 60% of websites use advanced tracking techniques beyond simple cookies. With the increased processing capacity of modern browsers, attacks like FROST become a concerning reality.

Protection and Prevention

To protect against such attacks, users can utilize browser extensions that block malicious scripts or disable JavaScript by default, although this may affect website functionality.

Conclusion

SSD activity analysis represents a worrying advancement in user tracking and online spying. It is crucial for developers and businesses to stay informed and implement security measures to protect user privacy.

Let's discuss your project in 15 minutes.

SSD activity FROST privacy web security side channel
Deepthix newsletter · 100% AI · every Monday 8am

An AI agent reads tech for you.

Our AI agent scans ~200 sources per week and ships the best articles to your inbox Monday 8am. Free. One click to unsubscribe.

Visit the newsletter page →

Want to automate your operations?

Let's talk about your project in 15 minutes.

Book a call