Websites Can Now Spy on You Through Your Hard Drive
Websites Can Now Spy on You Through Your Hard Drive
网站现在可以通过你的硬盘监视你
Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors’ browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all. 几十年来,各种网站一直在使用巧妙的技术来实时秘密追踪访问者的浏览历史、设备指纹以及键盘敲击和鼠标移动。甚至连 Meta 和 Yandex 最近也被发现参与了这场侵犯隐私的乱局。
Now sites have a new way to spy on their visitors: by measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices. 现在,网站有了一种监视访问者的新方法:通过测量他们与固态硬盘(SSD)之间的细微交互。这项名为 FROST(基于 OPFS 的 SSD 定时远程指纹识别)的技术,允许网站监控访问者正在浏览的其他网站以及设备上打开了哪些应用程序。
The technique, laid out in a research paper, exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data. 这项在研究论文中提出的技术利用了侧信道,这是一种由电磁辐射、数据缓存或完成任务所需时间等物理表现形式导致的泄露。通过测量这些表现形式,攻击者可以解密加密流量并推断出其他机密数据。
The attack that FROST uses is known as a contention side channel, which measures the interaction of various processes all using (or competing for) a given resource. By measuring the timing of certain I/O (input-output) operations of the SSD a visitor is using, the researchers were able to determine the websites open in other tabs—even on other browsers—and the apps that were open on the visitor’s device. FROST requires no interaction from the visitor other than opening the site hosting the attack. FROST 使用的攻击方式被称为竞争侧信道,它测量的是所有使用(或竞争)特定资源的各种进程之间的交互。通过测量访问者所使用的 SSD 的某些 I/O(输入-输出)操作的时间,研究人员能够确定在其他标签页中打开的网站(甚至在其他浏览器中),以及访问者设备上打开的应用程序。除了打开托管攻击的网站外,FROST 不需要访问者进行任何交互。
“Web browsers have evolved from simple document viewers into complex platforms capable of running sophisticated applications,” the paper authors wrote. “Companies like Google, Microsoft, and Adobe have developed full-fledged office suites, photo- and video editors, or even integrated development environments (IDEs) that run entirely within the browser.” The authors went on to note: “While these features enhance the capabilities of web applications and allow completely novel use cases, they also increase the browser’s attack surface, and some have already been shown to introduce new vulnerabilities.” “网络浏览器已经从简单的文档查看器演变为能够运行复杂应用程序的综合平台,”论文作者写道。“谷歌、微软和 Adobe 等公司已经开发了功能齐全的办公套件、照片和视频编辑器,甚至是完全在浏览器内运行的集成开发环境(IDE)。”作者进一步指出:“虽然这些功能增强了 Web 应用程序的能力并实现了全新的用例,但它们也增加了浏览器的攻击面,并且一些功能已被证明会引入新的漏洞。”
Unlike previous contention side-channel attacks on SSDs, FROST runs exclusively in the browser. It uses JavaScript that interacts with the OPFS (origin private file system), an allocated storage space that’s reserved for a specific site to run code needed to complete a given task. Websites can create one with no interaction required by the visitor. 与以往针对 SSD 的竞争侧信道攻击不同,FROST 完全在浏览器中运行。它使用与 OPFS(源私有文件系统)交互的 JavaScript,这是一个为特定网站保留的分配存储空间,用于运行完成特定任务所需的代码。网站可以在无需访问者交互的情况下创建该空间。
While each file system is sandboxed, meaning it’s isolated from other websites and from the device system itself, the JavaScript can measure the I/O interactions. Then, by running those interactions through a pretrained convolutional neural network—a system that uses deep learning to analyze text, audio, and images—the attacker can deduce various apps and websites open on the device. 虽然每个文件系统都是沙盒化的,即它与其它网站和设备系统本身是隔离的,但 JavaScript 可以测量 I/O 交互。然后,通过将这些交互数据输入到一个预训练的卷积神经网络(一种利用深度学习分析文本、音频和图像的系统)中,攻击者就可以推断出设备上打开的各种应用程序和网站。
“The attacker continuously measures SSD contention by performing random reads from a large OPFS file,” the researchers explained. “SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network (CNN) on these traces, the attacker can fingerprint user activity on the host system by classifying new traces using the trained model.” “攻击者通过从一个大型 OPFS 文件中执行随机读取来持续测量 SSD 的竞争情况,”研究人员解释道。“由用户活动引起的 SSD 竞争会导致这些读取操作产生可测量的延迟差异。通过在这些轨迹上训练卷积神经网络(CNN),攻击者可以使用训练好的模型对新的轨迹进行分类,从而对主机系统上的用户活动进行指纹识别。”
The technique has its limitations. First, the OPFS file must be extremely large—likely a gigabyte or more. That requirement means that attacks at scale would inevitably be detected by many users. Additionally, the OPFS file must be stored on the same SSD the visitor is using. This isn’t usually a problem for tracking open websites, since the OPFS file is stored in the browser’s default location. In the event apps are using a separate SSD drive for apps, those apps couldn’t be detected by FROST. 该技术也有其局限性。首先,OPFS 文件必须非常大——可能需要一千兆字节或更多。这一要求意味着大规模的攻击不可避免地会被许多用户发现。此外,OPFS 文件必须存储在访问者正在使用的同一块 SSD 上。对于追踪打开的网站来说,这通常不是问题,因为 OPFS 文件存储在浏览器的默认位置。如果应用程序使用单独的 SSD 驱动器,那么这些应用程序就无法被 FROST 检测到。
One of the best ways to prevent FROST attacks is to close tabs as soon as they’re no longer needed. More savvy users can monitor the creation and size of OPFS files allocated by unknown websites. The researchers proposed ways for browser makers to shut down the side channel. One such method is to limit the maximum size of such files that are allowed. There are no indications FROST attacks have been performed in the wild. 防止 FROST 攻击的最佳方法之一是在不再需要标签页时立即将其关闭。更精明的用户可以监控未知网站分配的 OPFS 文件的创建和大小。研究人员为浏览器制造商提出了关闭该侧信道的方法。其中一种方法是限制此类文件的最大允许大小。目前没有迹象表明 FROST 攻击已经在现实世界中被实施。
The researchers performed the full FROST attack on an M2 Mac. On Linux, they showed that the underlying primitive (measuring SSD access latency traces from JavaScript) works but didn’t run the full attack. 研究人员在 M2 Mac 上执行了完整的 FROST 攻击。在 Linux 上,他们证明了底层原语(从 JavaScript 测量 SSD 访问延迟轨迹)是有效的,但没有运行完整的攻击。
“However, since the performance of the primitive is similar between macOS and Linux, we expect similar performance for the full classification,” Hannes Weissteiner, one of the coauthors, wrote in an email. “In principle, it would be possible to train a model on any system activity that reliably generates SSD accesses.” “然而,由于该原语在 macOS 和 Linux 上的性能相似,我们预计完整分类的性能也会相似,”合著者之一 Hannes Weissteiner 在一封电子邮件中写道。“原则上,可以在任何能可靠产生 SSD 访问的系统活动上训练模型。”
The researchers did not test Windows. 研究人员没有测试 Windows 系统。
The paper linked above provides many more technical details. The research is scheduled to be presented at the DIMVA conference in July. 上述链接的论文提供了更多技术细节。该研究计划于 7 月在 DIMVA 会议上发表。
This story originally appeared on Ars Technica. 本文最初发表于 Ars Technica。