Chrome 67 Mitigates Spectre Attacks With Site Isolation in Chrome

Forum Moderators: open

Message Too Old, No Replies

Chrome 67 Mitigates Spectre Attacks With Site Isolation in Chrome

engine

11:45 am on Jul 12, 2018 (gmt 0)

Google has said a new security feature in Chrome 67, called Site Isolation, mitigates against Spectre attacks, and similar compromised renderer processes.

It says the facility was running as an experiment since Chrome 63, and now with the bug fixes in place, is fully enabled.

When Site Isolation is enabled, each renderer process contains documents from at most one site. This means all navigations to cross-site documents cause a tab to switch processes. It also means all cross-site iframes are put into a different process than their parent frame, using "out-of-process iframes." Splitting a single page across multiple processes is a major change to how Chrome works,

[security.googleblog.com...]

Site Isolation [chromium.org...]

Earlier stories
CPU Vulnerabilities Named Meltdown and Spectre [webmasterworld.com]

keyplyr

9:13 pm on Jul 12, 2018 (gmt 0)

running as an experiment since Chrome 63,

Well they can't be accused of rushing it :)

I feel Chrome is about as secure as a web browser can be and trust it more than others. Course, the responsibility is always on the user.

martinibuster

9:26 pm on Jul 12, 2018 (gmt 0)

>>>now with the bug fixes in place

There are still some known bug having to do with iframes and some other issues.

keyplyr

10:45 pm on Jul 12, 2018 (gmt 0)

There are still some known bug ...

Thanks for mentioning that. These are things I should know, but don't. I block browser support for iframes on my own sites (to stop hijacking & other issues) so I'm not accustomed to noticing anything abnormal.