Google recently announced that it has enabled a Site Isolation security feature through the release of the Chrome 67 web browser.
The feature is currently available to Windows, Mac, Linux and Chrome OS users.
The move is largely aimed at better mitigating Spectre attacks, a form of speculative execution side-channel attack.
However, the security feature can also be effective against numerous other online threats.
Spectre and Meltdown are a set of vulnerabilities affecting nearly every computer chip. Researchers from Google Project Zero disclosed details about these vulnerabilities at the beginning of 2018.
At the time, Google advised desktop users to turn on the Chrome Site Isolation feature manually on their devices. The discovery of several variants and sub-variants of Spectre in May has promoted the tech giant to enable this security feature by default in Chrome.
Google has decided that the web browser is stable enough and 99 percent of Chrome users on Mac, Windows, Linux and Chrome OS currently have default Site Isolation.
This update is still in the trail phase and Google is keeping a 1 percent holdback for monitoring and performance improvement purposes.
The Risks of Spectre and Meltdown
While Spectre and Meltdown are hardware vulnerabilities, Spectre poses a great security risk for web browsers. It is harder to exploit Spectre but the potential for serious damage is real.
A malicious website can use this flaw to collect data and login credentials from other websites open within the browser.
Understanding this flaw is key to understanding why Google has enabled Site Isolation by default in Chrome.
When a user enters personal information such as passwords into an online field, this data exists unsecured on the computer before secure transmission.
The modern processing technique termed “speculative execution” creates a processor state change that can tip off malicious programs to the storage location of sensitive data on the device’s memory functions.
Spectre makes use of this flaw by breaking down the security barriers between the operating system and user applications such as web browsers.
How the Site Isolation Feature Can Prevent Data Theft
According to a post by Google Site Isolator Charlie Reis, web browsers are most vulnerable since they often utilize the same process to run JavaScript code from several websites.
Major browsers have deployed mitigation tactics for Spectre including revising JavaScript compilers and reducing timer granularity.
However, Reis believes that Site Isolation is the most effective since it can prevent data theft even if an attack occurs.
Site Isolation works by limiting document renderer processes from one site. Having different tabs use separate renderer processes prevents cross-process attacks and consequently cross-site attacks.
With default Site Isolation, a tab will switch processes whenever cross-site document navigation takes place. You can think of it as separating a single webpage into several separate processes.
This is not exactly a new security feature per-se. Chrome’s cybersecurity team had been working on this feature before the exposure of Spectre and Meltdown.
It was first introduced to Chrome 63 in 2017 but had to be enabled manually.
Some Drawbacks to Chrome’s Site Isolation
It is worth noting that limiting document renderer processes to single sites does not completely protect users against Spectre attacks.
Site Isolation now has a feature termed Cross-Origin Read Blocking (CORB). A malicious webpage can access information from cross-site URLs by requesting the URLs as sub-resources. CORB aims to mitigate this.
It achieves this by blocking cross-site HTML, JSON and XML responses from renderer processes. It has minimal impact on compatibility.
Chrome’s Site Isolation works behind the scenes without causing major changes to the user’s web experience.
However, there is one notable drawback to the Site Isolation feature—its default status means that the Chrome 67 web browser uses considerably more RAM than its predecessors.
Since it causes the browser to create additional renderer processes, there is a 10-20 percent memory overhead. This is despite the fact that the renderer processes are smaller and short-lived.
Chrome is yet to find a way to tackle this problem. As such, Chrome’s RAM usage is expected to be 10 to 20 percent higher.
Many Chrome users have already criticized this aspect of the new security feature. The obstacle is compounded by the fact that Chrome already uses far more memory than other major browsers.
It may be a small price to make payment for increased online security. The Chrome team has assured users that they are currently working on ways to optimize memory overhead and provide extra security checks in browser processes. Google now seeks to extend the Site Isolation feature to Android’s version of Chrome.