Chrome’s 67 Site Isolation as Spectre mitigation

[German]Google's Chrome developershave activated site isolation on 99% of the systems using version 67 of the browser. This feature also serves as protection against spectre attacks.


Advertising

Speculative side channel attacks like Spectre are a newly discovered security risk for web browsers. A website may use such attacks to steal data or login information from other websites in an open browser.

Meltdown/Spectre

When the Spectre vulnerabilities became known, Google already pointed out the experimental possibility of using Site Isolation as Spectre protection.

Chrome 67 has Site Isolation integrated

In this blog post Google's developers addressed this topic. To better mitigate these attacks, developers write that Chrome 67 has enabled a security feature called Site Isolation on Windows, Mac, Linux and Chrome OS. Site Isolation has been optionally available as an experimental corporate policy since Chrome 63, but many known issues have been fixed since then, making it convenient to enable it by default for all desktop chrome users. However, Google has not enabled this for all users with Chrome yet.

Pros and cons

Bleeping Computer writes here, that Site Isolation is now enabled for 99% of Google Chrome users. This has its advantages and disadvantages. On the one hand, it is nice that the Google Chrome browser tabs point their URLs to different domains, isolated from each other.


Advertising

Chrome Tasks

However, I have noticed that Google Chrome has become a memory eating monster when several browser tabs are open. Often, hundreds of MByte of RAM are grabbed per tab over time. I'm using the Google Chrome extension The Great Suspender, taming the memory usage, but it doesn't really work well anymore.


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in browser, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *