www. O S N E W S .com
News Features Interviews
BlogContact Editorials

Ambitious browser mitigation for Spectre attacks comes to Chrome
By Thom Holwerda on 2018-07-12 21:51:59

Google's Chrome browser is undergoing a major architectural change to enable a protection designed to blunt the threat of attacks related to the Spectre vulnerability in computer processors. If left unchecked by browsers or operating systems, such attacks may allow hackers to pluck passwords or other sensitive data out of computer memory when targets visit malicious sites.

Site isolation, as the mitigation is known, segregates code and data from each Internet domain into their own "renderer processes," which are individual browser tasks that aren't allowed to interact with each other. As a result, a page located at arstechnica.com that embeds ads from doubleclick.net will load content into two separate renderer processes, one for each domain. The protection, however, comes at a cost. It consumes an additional 10 to 13 percent of total memory. Some of the performance hit can be offset by smaller and shorter-lived renderer processes. Site isolation will also allow Chrome to re-enable more precise timers, which Google and most other browser makers disabled earlier this year to decrease chances of successful attacks.

5  Comments - Printer friendly - Related stories
Recent related stories
- A first look at the Fuchsia SDK - 2018-12-18
- Dr. Google is a liar - 2018-12-18
- Android Emulator picks up support for Fuchsia's Zircon kernel - 2018-12-08
- Riding in Waymo One, Google's first self-driving taxi service - 2018-12-05
- Measuring Google's "filter bubble" - 2018-12-05
- More related articles
 

Tell a friend
Your full name:
Your email address:
Your friend's email:
Anti-spam measure:
5+2=

News Features Interviews
BlogContact Editorials


WAP site - RSS feed
© OSNews LLC 1997-2007. All Rights Reserved.
The readers' comments are owned and a responsibility of whoever posted them.
Prefer the desktop version of OSNews?