Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
FROST: Fingerprinting Remotely using OPFS-based SSD Timing [pdf](hannesweissteiner.com)
16 points by simjnd 4 hours ago | 8 comments
mrbluecoat 3 minutes ago | parent | next [-]

A layperson overview: https://news.ycombinator.com/item?id=48309492

freedomben 33 minutes ago | parent | prev | next [-]

As much as I love a good backronym, especially one with nested acronyms in it, it could use something self-referentially recursive, preferably with tail-recursion. This is not the solution, but something like FROSTY (Fingerprinting Remotely using OPFS-based SSD Timing with frostY)

nine_k an hour ago | parent | prev | next [-]

I still have trouble understanding what information can be leaked this way. Apparently it allows to check whether a particular website was visited recently, but the article is vague in this regard. Can anybody ELI55 this?

Bender 4 hours ago | parent | prev | next [-]

I see they are testing this on a Mac. I am curious what the test results look like if the users home directory or even the dot directories are tmpfs. On Linux .bash_login can repopulate dot directories from a archive directory think skeleton files and the dot directories can be ephemeral mounted as tmpfs. The person can have a command to commit their ephemeral directories back to the archive if they want to "keep their changes" so to speak. Or automate it on .bash_logout.

    du --max-depth 0 -h -c .cache .config .local
    767M    .cache
    278M    .config
    2.2M    .local
    1.1G    total
It's a bit of space on this CachyOS laptop but it's doable.
Avamander an hour ago | parent [-]

It's really difficult to reliably separate temporary and persistent browser storage. I tried at some point to reduce HDD noise. But given how neither Firefox or Chrome properly follow the XDG spec, it did not yield the results I wanted without a lot of handcrafted mounts.

In the end I'd guess you can also use some aspects of persistent storage to achieve similar results, even if the rest is actually tmpfs/RAM.

Bender 9 minutes ago | parent [-]

Indeed. Apps do always seem to keep adding new cruft to the filesystem layout. For a while my entire home directory was tmpfs on a few machines just to stop some of the tracking. I would commit my bookmarks back to persistent storage but that was it. It was a manual process and sometimes I would forget to commit but that's just my laziness. I'm sure others would automate this process.

Dwedit 2 hours ago | parent | prev | next [-]

Saw "OPFS" and immediately misread it as OSPF (open-shortest-path-first)

vivzkestrel 2 hours ago | parent | prev [-]

a bit off topic but on the topic of fingerprinting here, anyone knows how reddit fingerprinting works at a rough level?