A new security feature named ‘Site Isolation’ has been introduced for Google Chrome 67 which would nullify the effects of speculative execution side-channel attacks like Spectre.
To put things to the perspective, Spectre is one of the two fundamental design flaws in the modern processors, which allow programs to get access to the data for which it is not authorized. Malicious data can exploit this flaw to steal your password and other personal information.
What is Site Isolation?
The new Site Isolation feature introduced in Google Chrome 67 brings about a fundamental change to Chrome’s architecture. Now, Chrome has changed how its multi-process architecture worked and different tabs used different render processes. According to the new architecture, Chrome limits each renderer process to a single site.
By this separation of processes, Google aims to prevent direct memory reading across different processes to safeguard users’ data. According to Google’ official blog post, “As a result, Chrome can rely on the operating system to prevent attacks between processes, and thus, between sites.”
However, this isolation process comes with caveats. Since more render processes are created with more tabs, performance tradeoffs are experienced. With a large number of process, Google Chrome will haul 10-13% more RAM than it previously used to.
Google also mentioned: “Our team continues to work hard to optimize this behavior to keep Chrome both fast and secure.”
To conclude, all those users who open many tabs on Google Chrome are about to see a rise in memory usage.