FROST: Fingerprinting Remotely using OPFS-based SSD Timing [pdf] (opens in new tab)

(hannesweissteiner.com)

73 pointssimjnd22d ago16 comments

16 comments

16 comments · 9 top-level

Bender22d ago· 2 in thread

I see they are testing this on a Mac. I am curious what the test results look like if the users home directory or even the dot directories are tmpfs. On Linux .bash_login can repopulate dot directories from a archive directory think skeleton files and the dot directories can be ephemeral mounted as tmpfs. The person can have a command to commit their ephemeral directories back to the archive if they want to "keep their changes" so to speak. Or automate it on .bash_logout.

    du --max-depth 0 -h -c .cache .config .local
    767M    .cache
    278M    .config
    2.2M    .local
    1.1G    total

It's a bit of space on this CachyOS laptop but it's doable.

Avamander22d ago

It's really difficult to reliably separate temporary and persistent browser storage. I tried at some point to reduce HDD noise. But given how neither Firefox or Chrome properly follow the XDG spec, it did not yield the results I wanted without a lot of handcrafted mounts.

In the end I'd guess you can also use some aspects of persistent storage to achieve similar results, even if the rest is actually tmpfs/RAM.

Bender21d ago

Indeed. Apps do always seem to keep adding new cruft to the filesystem layout. For a while my entire home directory was tmpfs on a few machines just to stop some of the tracking. I would commit my bookmarks back to persistent storage but that was it. It was a manual process and sometimes I would forget to commit but that's just my laziness. I'm sure others would automate this process.

SoftTalker21d ago· 2 in thread

Wonding about running a background program that just performs a low level of random reads and writes to the SSD, or driver-level mitigations to add random delays to disk activity, to obfuscate the contention patterns. Though I think that adding random noise to channels like this doesn't really prevent the attack, though might make it more expensive.

itopaloglu8321d ago

Tracking people individually and selling that data is so profitable that even with the hardened security the financial incentive is significant, so maybe we should also add fines and other forms of costs to the other side of the equation as well.

Aurornis21d ago

Most of us probably have some form of that going on already with the different apps and services we have running.

nine_k22d ago· 1 in thread

I still have trouble understanding what information can be leaked this way. Apparently it allows to check whether a particular website was visited recently, but the article is vague in this regard. Can anybody ELI55 this?

e12e21d ago

The Ars Technica submission might be better (I've not read TFA):

https://news.ycombinator.com/item?id=48309492

They basically trained a neural network on the data they got from the SSD - and recorded data with other websites open in different tabs or even different browsers.

They could then guess/detect other open sites.

I presume, if they'd trained/recorded - they might detect other software as well.

But right now, they demonstrated (on MacOS) that if you open the exploit in a browser - they can look at SSD activity and tell you have website x, y and z open.

Might let you target users of a certain bank, child porn, regular porn, shopping sites... Mostly imagination that sets the limit.

ttctciyf21d ago· 1 in thread

If browsers have enough low-level access to my storage hardware to carry out timing attacks for fingerprinting, it seems likely they also have enough to maliciously chug the hardware sufficiently to degrade capacity over time and otherwise impact system integrity. I hate the thought of some random website writing and overwriting random bytes in a tight loop in the background while I'm browsing elsewhere to find the cause of my slow disk subsystem.

To that end an option to disable storage access by type would be nice to have. All I see in firefox settings is the ability to block all storage including cookies, and the ability to block persistent storage when the site requests it. It's not clear to me how the OPFS system in TFA relates to either of these, but I'd guess that it's a separate system. There's a bunch of storage quotas in about:config, but nothing obviously related to OPFS (that I can see).

Given the choice I would be happy to allow traditional cookie storage and block everything else with any exceptions I need (none that I can think of) on a per-site basis. If this can be achieved via about:config, I'm all ears!

While looking at my storage data, I see youtube has 174(!) cookies and 57M data stored on my machine. Sigh.

Avamander21d ago

> [...] it seems likely they also have enough to maliciously chug the hardware sufficiently to degrade capacity over time and otherwise impact system integrity. I hate the thought of some random website writing and overwriting random bytes in a tight loop in the background while I'm browsing elsewhere to find the cause of my slow disk subsystem.

Absolutely. Things like IndexedDB get fsynced super frequently. There's no way to tell Chrome that some web apps do not need to make it do the physical disk this often.

Dwedit22d ago· 1 in thread

Saw "OPFS" and immediately misread it as OSPF (open-shortest-path-first)

majorchord21d ago

I misread it as OBFS the proxy protocol

freedomben21d ago

As much as I love a good backronym, especially one with nested acronyms in it, it could use something self-referentially recursive, preferably with tail-recursion. This is not the solution, but something like FROSTY (Fingerprinting Remotely using OPFS-based SSD Timing with frostY)

mrbluecoat21d ago

A layperson overview: https://news.ycombinator.com/item?id=48309492

firefax21d ago

Out of curiosity the use of this API normally logged in MacOS?

This is interesting work... thanks for sharing.

vivzkestrel22d ago

a bit off topic but on the topic of fingerprinting here, anyone knows how reddit fingerprinting works at a rough level?

j / k navigate · click thread line to collapse