Google’s Chrome browser now uses more RAM to implement Spectre fixes
Google’s Chrome browser now uses more RAM to implement Spectre fixes
Google has announced that Chrome now offers users a feature called “Site Isolation”, a security feature that is now enabled by default on Mac, Linux, Windows and ChromeOS installations of Chrome. This feature has been available since the release of Chrome 63, though since then the function has been refined and most bugs have been ironed out, making the feature usable for the masses.
Site isolation makes substantial changes to Chrome’s internal architecture, limiting each render process to a single website, allowing OS-level spectre/meltdown mitigations to prevent attacks between processes. Additional features like Cross-Origins Read Blocking are also enabled to limit spectre-like attacks further.
The major downside of these mitigations is that the creation of a larger number of smaller processes increases Chrome’s memory consumption, eating around 10-13% more DRAM space. This change will not have much of an impact on most Chrome users, though heavy users may start to face RAM-based performance limitations.
Google has pledged to optimise their latest security features further, hoping to create a version of the browser that is “both fast and secure”. Google is currently working to enable Site Isolation to Chrome users on Android, though there is no ETA for this update.
You can join the discussion on Google’s Spectre mitigations increasing DRAM utilisation on the OC3D Forums.