Latest Version of Google Chrome Mitigates Risks of Spectre Bug

Steve Smith talks about the latest version of Google Chrome, and how it mitigates the risks of Spectre and Meltdown with Site Isolation.

Episode #8-47 released on July 15, 2018

Watch on Youtube

With over 2 billion installs, and 53.9% of the market using Google Chrome, it is no wonder, that Google is on the forefront in risk mitigation when we are referring to our daily lives online. It is, also, unsurprising that Google has finally updated the Chrome browser with risk mitigation technology called Site Isolation, designed to combat the risks of Spectre, and all its variants, to which one variant can be deployed using JavaScript. But what is the cost?

Well, the direct cost will be RAM, Google Chrome will now require more RAM than before with Site Isolation enabled, which it is, with the latest update of Chrome as of today. That comes out to 10-13% more RAM currently than ever before.

Why is Site Isolation important?

Let us explain something, Google Chrome does have separate processes for each tab, so if a tab freezes, you don't need to close the entire browser. That feature helps isolate one site from another. However, there is a same origin issue even within the same tab, which is where Site Isolation is important and comes into play. Site isolation prevents scripts from one domain from accessing information related to another domain. This means that even if the offending script is running, Site Isolate prevents that script from reading any information such as usernames, passwords, encryption keys, etc., that are for meant for another domain. And, once you leave that page, and move onto another site, Google Chrome kills those site processes.

Is there anything positive from this being enabled by default?

All previous mitigation methods for Meltdown and Spectre that were installed within Google Chrome are turned off, because Site Isolation is a better solution for dealing with Spectre and Meltdown vulnerabilities. Minimizing the number of processes running to mitigate issues will make the experience better for us, and with future updates, we can expect the 10-13% higher RAM usage to drop as the code is further optimized.

Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net

Sources & Resources

Community Comments

Share your thoughts, opinions and suggestions

Login or Register to post Your comment.