Spectre doesn't stand a ghost of a chance on the new Chrome, nor will your available RAM

Subject: General Tech | July 12, 2018 - 02:10 PM |
Tagged: chrome, security, spectre

Chrome's predilection for gobbling up vast amounts of RAM will soon increase to new levels but it is for a very good reason.  Chrome 67 will offer a Site Isolation feature which will protect you against a variety of Spectre attacks.   When you have this feature enabled in Chrome each site would be isolated, with the a single renderer process per page.  This means coss-site iframes and pop-ups will be unable to read data from other pages; in fact a single site may spawn multiple render processes, each running in isolation.

There is of course a cost, The Inquirer was quoted an increase of 10-13% in RAM usage ... so better get a 128GB kit.

View Full Size

"The new feature basically splits the render process into separate tasks using out-of-process iframes, which makes it difficult for speculative execution exploits like Spectre to snoop on data."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Inquirer

July 12, 2018 | 02:36 PM - Posted by Isaac Johnson

Neat. I'm glad to see more browsers doing this type of thing as default, or at least as a built-in feature. It can also help in keeping tracking sites like the 'social site that shall not be named' at bay.

July 12, 2018 | 06:56 PM - Posted by Jeremy Hellstrom

I bet it's Etsy.

July 13, 2018 | 12:30 AM - Posted by Isaac Johnson

Dangit, I thought that was still a secret. Now everyone's gonna find out about my personalized monogrammed bracelet obsession. I mean hobby. I mean business.

July 12, 2018 | 03:06 PM - Posted by Publius (not verified)

Will this be coming to mobile chrome (Android specifically)? I have had my email inbox open in a old tab for a week with dozens of other open tabs, it ended up getting hacked (along with my Amazon/steam/rockstar social club) by some Ukrainian lol.

July 12, 2018 | 07:50 PM - Posted by MoreFlashingOfFirmwareAndOSPatchesAndNoEndInSight (not verified)

Just updated the Firmware on my HP Probook(Ivy Bridge Mobile CPU) for the 2nd time this year and more new Intel Spectre nasty bugs are just found that are needing to be fixed. I just wonder when Intel will get all this fixed in their CPU hardware and close up more fully these side channel cockups without haveing the system performance suffer.

I'm waiting for more Laptops(Business laptops) to appear that make use of AMD's Raven Ridge Pro SKUs and hopefully HP will be updating their new Probooks with some Raven Ridge Pro Options.

So this means PCs really need to offer more memory and maybe for laptops 16GB will be possible on more offerings. How much is all this extra protection/process isolation going to cost in system performance.

July 13, 2018 | 10:34 AM - Posted by Geforcepat (not verified)

No thank you. this better stay an option.

July 13, 2018 | 12:01 PM - Posted by ipkh

Site isolation is a long time coming. Even firefox is trying to get there. Spectre really exposed the need to kill off shared processes and memory. If we hadn't started sharing memory and cache, we'd have much better security with regard to buffer overflows and timing attacks.
Totally needed in hindsight and certainly forecasted by security experts.

July 13, 2018 | 07:01 PM - Posted by Scam Industry Talk Representative, PR (not verified)

This is very useful for the scam industry: Put 500 iframes into a scam site - which will cause their pc to freeze from all the ram usage - and tell them to call one of them microsoft scam numbers to fix issue!

Why not tell AMD and Intel to delete their ME (management engine) and PSP (platform security processor) and fix their intentional "performance features" (speculative execution) and put SECURITY in the same place as CORRECTNESS instead of treating performance first because muuuuh Crysis?

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.