WEBSITES CAN NOW MONITOR YOUR SSD ACTIVITY

A new attack vector has emerged that allows websites to infer what files users have stored on their computers by measuring SSD activity patterns through the browser. The technique works by analyzing timing variations in how quickly data is accessed from storage. When a file exists on a user's SSD, it loads faster than when the system needs to fetch data from elsewhere. Websites can detect these subtle timing differences using simple JavaScript running in the browser. Researchers demonstrated that this method can identify whether specific files—such as documents, applications, or media—are present on a user's device. The attack requires no special permissions and works across different browsers and operating systems. The vulnerability is significant because it reveals information about users without their knowledge or consent. An attacker could potentially determine: - What applications are installed - Whether specific files or folders exist - User behavior patterns based on file access - Information about system configuration This creates privacy concerns beyond traditional browser tracking. Unlike cookies or fingerprinting techniques that websites already use, SSD activity monitoring is nearly invisible and difficult to detect or prevent. Current browsers offer limited defenses against this type of attack. Mitigations would require changes to how browsers handle timing measurements or access to storage information. Some browsers have already implemented protections against similar timing-based attacks, but those may not fully address this specific vulnerability. The discovery adds to growing concerns about what information websites can extract from visitor devices. Privacy advocates recommend browser developers implement protections, while users have limited recourse beyond using privacy-focused browsers with additional hardening options. The research highlights how web technologies initially designed for legitimate purposes can be repurposed for surveillance. As browsers become more powerful, the potential for misuse of their capabilities expands accordingly.