Steve Smith talks about the latest version of Google Chrome, and how it mitigates the risks of Spectre and Meltdown with Site Isolation.
Episode #8-47 released on July 15, 2018
Well, the direct cost will be RAM, Google Chrome will now require more RAM than before with Site Isolation enabled, which it is, with the latest update of Chrome as of today. That comes out to 10-13% more RAM currently than ever before.
Why is Site Isolation important?
Let us explain something, Google Chrome does have separate processes for each tab, so if a tab freezes, you don't need to close the entire browser. That feature helps isolate one site from another. However, there is a same origin issue even within the same tab, which is where Site Isolation is important and comes into play. Site isolation prevents scripts from one domain from accessing information related to another domain. This means that even if the offending script is running, Site Isolate prevents that script from reading any information such as usernames, passwords, encryption keys, etc., that are for meant for another domain. And, once you leave that page, and move onto another site, Google Chrome kills those site processes.
Is there anything positive from this being enabled by default?
All previous mitigation methods for Meltdown and Spectre that were installed within Google Chrome are turned off, because Site Isolation is a better solution for dealing with Spectre and Meltdown vulnerabilities. Minimizing the number of processes running to mitigate issues will make the experience better for us, and with future updates, we can expect the 10-13% higher RAM usage to drop as the code is further optimized.
Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net