Buzz
Site Isolation is no longer a novelty. This security feature was introduced and first integrated into Chrome 63, released back in December last year, and was only available when users changed Chrome flags and activated the feature manually.
Google secretly activates Site Isolation feature
When the feature is activated, Chrome browser will run separate web browsing processes for each Internet domain.
Site Isolation was introduced to the browser after the Meltdown and Spectre vulnerabilities
Initially, Google described Site Isolation security feature as 'enhancing security boundaries between web pages,' and it's a solution to prevent malicious websites from tampering with legitimate ones' code.
Google's Site Isolation deployment plans changed just 1 month after the Meltdown and Spectre vulnerabilities were discovered back in January this year. From a trial project to be deployed in a few months, Site Isolation became a key security feature in Chrome browser to mitigate Meltdown and Spectre vulnerability attacks.
Google begins default activation of Site Isolation for users since January and assesses how the feature impacts browser performance.
Splitting code into separate processes for each domain takes a considerable amount of time. According to Google, the process impacts around 10 - 13% of total memory in real-world workloads due to the large number of processes.
Site Isolation is currently activated by default for 99% of Chrome users on desktop and will soon be rolled out to Chrome users on Android.
The feature is also supported on Chrome for Android but is disabled by default and hidden in the chrome://flags/#enable-site-per-process flag.
Alleviating the impact of Meltdown and Spectre vulnerabilities
According to Google, activating Site Isolation for users on Chrome 67 to mitigate the impact of Meltdown and Spectre vulnerability attacks. The company stated plans to re-enable timers and features like SharedArrayBuffer, which can be used as timers on computers.
Timers with lower accuracy and disabling the SharedArrayBuffer feature is how browsers like Firefox, Edge, and Safari handle the Meltdown and Spectre vulnerabilities, CPU hardware flaws that allow attackers to use JavaScript to access information from the browser's process like passwords and encryption keys.
When Site Isolation feature is activated, such attacks cannot be executed because each website domain runs its own browser process, containing data from only one domain instead of data from multiple websites simultaneously. Additionally, Site Isolation terminates a website's process and creates a new one when users navigate to a different website on the same tab.
Reactivating timers and granting access to the SharedArrayBuffer feature does not negatively impact browser security, allowing web developers to create more accurate web applications, handling real-time data.
Despite still being very successful with Windows 10 operating system, according to a leaked source Microsoft is set to unveil the next-generation operating system promising to have more exciting new features, better optimization, and enhanced security compared to the current Windows 10 operating system.
