GOOGLE’S CHROME 67 offers a Site Isolation security feature for Windows, macOS, Linux and Chrome OS to keep attacks like the Spectre exploit at bay.
Site Isolation effectively changes how Chrome turns code into actual content that can be viewed on a computer or smartphone, which is known as a render process.
The new feature basically splits the render process into separate tasks using out-of-process iframes, which makes it difficult for speculative execution exploits like Spectre to snoop on data.
“Site Isolation is a large change to Chrome’s architecture that limits each renderer process to documents from a single site,” explained Google Chrome team member Charlie Reis.
He noted that Chrome always had a multi-process architecture whereby different tabs could use different renderer processes, with a tab even switching processes in some cases when navigating to a different site, but such an architecture could still be exploited.
“It was still possible for an attacker’s page to share a process with a victim’s page. For example, cross-site iframes and cross-site pop-ups typically stayed in the same process as the page that created them. This would allow a successful Spectre attack to read data (e.g., cookies, passwords, etc.) belonging to other frames or pop-ups in its process,” explained Reis.
“When Site Isolation is enabled, each renderer process contains documents from at most one site. This means all navigations to cross-site documents cause a tab to switch processes. It also means all cross-site iframes are put into a different process than their parent frame, using “out-of-process iframes”.
“Splitting a single page across multiple processes is a major change to how Chrome works, and the Chrome Security team has been pursuing this for several years, independently of Spectre.”
Site Isolation had started a limited rollout in May, but has now been enabled for 99 per cent of Chrome users, according to Reis.
All this sounds good, but it comes at a cost. Reis highlighted that Site Isolation will chow down on an extra 10 to 13 per cent total memory overhead in “real workloads”, basically making the Chrome browser an even bigger memory hog than it already is. But Reis did say Google is working on optimising Chrome to it keeps its security but runs fast.
At least this security feature keeps Spectre attacks at bay, which seem to be showing no sign of going away. µ
Source : Inquirer