Websites have a new way to spy on visitors: analyzing their SSD activity

Wait, wait, wait: browsers allow websites to store junk on my drive? They take up gigabytes of memory and still write to disk on top of this? Without even asking whether the site can use local storage?

Years and years back when laptops still had HDDs, I had a script to put the Firefox profile &c on a ramdisk and sync it on reboots so that it didn't spin up the drive constantly. I guess I should have kept doing it.

It's a sad day when Arch users are right (again) https://wiki.archlinux.org/title/Firefox/Profile_on_RAM

I’m skeptical of these side channel attacks that rely on training a neural network on specific controlled scenarios on controlled hardware. I believe that with enough time and effort and the perfect circumstances where the user is only visiting their website and doing one other thing that the network was trained on it can match.

It does not seem useful as a general purpose side channel vector.

It's really not surprising that letting websites run arbitrary code on your machine, even in a sandbox, would lead to things like this.

Still don't really understand how it works - I put the reddit logo into your local storage and it only took 20ms to take it out again instead of 50ms so therefore you have reddit open in another tab?

I laugh at your spying attempts from my HD-equipped laptop, ...

For a more technical read: https://news.ycombinator.com/item?id=48345822

{first.last}@tugraz.at