Frost: [Browser] Fingerprinting Remotely Using OPFS-Based SSD Timing [pdf]

A fresh browser security paper just dropped, and the comments instantly turned into a mix of panic, confusion, and peak internet comedy. The researchers claim a malicious website can use a browser storage feature to measure tiny slowdowns in your computer’s drive and, from that, make a very educated guess about what site or app you’ve been using. In plain English: a tab you visit might be able to spy on your digital habits without installing anything. That’s the part making people sit up straight.

But the real show is in the replies. One camp basically yelled, “Wait, what exactly is leaking here?” with one commenter begging for an “ELI55” because the paper felt too vague for normal humans. Another immediately went full Linux survivalist, wondering whether clever setups like temporary home folders could blunt the whole thing. Translation: the community is already trying to out-hack the hack.

And then, because this is the internet, the joke brigade arrived right on cue. One reader confessed they saw OPFS and thought it was OSPF, a networking acronym, which is the kind of typo-induced brain damage only tech people truly appreciate. Another got distracted by the paper’s name and started workshoping a more cursed acronym: “FROSTY.” Meanwhile, someone veered off into asking how Reddit fingerprinting works, proving that once the word fingerprinting appears, everyone suddenly remembers the web is a giant creepy carnival. The vibe is equal parts “this is bad” and “please explain it like I am trapped at a barbecue with cybersecurity people.”