The critical Meltdown and Spectre bugs baked deep into modern computer processors will have ramifications on the entire industry for years to come, and Chrome just became collateral damage. Google 67 enabled Site Isolation Spectre protection for most users, and the browser now uses 10% to 13% more RAM due to how the fix behaves.
“Site Isolation does cause Chrome to create more renderer processes, which comes with performance tradeoffs,” Google’s Charlie Reis says. “On the plus side, each renderer process is smaller, shorter-lived, and has less contention internally, but there is about a 10%-13% total memory overhead in real workloads due to the larger number of processes. Our team continues to work hard to optimise this behavior to keep Chrome both fast and secure.”
It’s a significant performance hit, especially for a browser battling a reputation for being a memory hog, but a worthwhile one nonetheless. Spectre lets attackers access protected information in your PC’s kernel memory, potentially revealing sensitive details like passwords, cryptographic keys, personal photos, or anything else you’ve used on your computer. It’s bad.
Site Isolation guards against Spectre and has been available as an experimental option since Chrome 63, which released around the time of the Meltdown and Spectre disclosures, but it’s now enabled by default for 99% of Chrome users on all platforms.
“Site Isolation is a large change to Chrome’s architecture that limits each renderer process to documents from a single site,” Reis says. “This means that even if a Spectre attack were to occur in a malicious webpage, data from other websites would generally not be loaded into the same process, and so there would be much less data available to the attacker. This significantly reduces the threat posed by Spectre.”
Google promises further mitigations and memory optimizations in future Chrome updates.
IDG News Service
Subscribers 0
Fans 0
Followers 0
Followers