Chrome's predilection for gobbling up vast amounts of RAM will soon increase to new levels but it is for a very good reason. Chrome 67 will offer a Site Isolation feature which will protect you against a variety of Spectre attacks. When you have this feature enabled in Chrome each site would be isolated, with the a single renderer process per page. This means coss-site iframes and pop-ups will be unable to read data from other pages; in fact a single site may spawn multiple render processes, each running in isolation.
There is of course a cost, The Inquirer was quoted an increase of 10-13% in RAM usage … so better get a 128GB kit.
"The new feature basically splits the render process into separate tasks using out-of-process iframes, which makes it difficult for speculative execution exploits like Spectre to snoop on data."
Here is some more Tech News from around the web:
- New Spectre 1.1 and Spectre 1.2 CPU Flaws Disclosed @ Slashdot
- Intel's new Xeon E chips take aim at entry-level workstations @ The Inquirer
- Microsoft is Updating Windows Notepad Application For the First Time in Years @ Slashdot
- NAND the beat goes on: Samsung to fling out 96-layer 3D NAND chip @ The Register
- You Can Now Buy a Practical Gauss Gun @ Hackaday
Neat. I’m glad to see more
Neat. I’m glad to see more browsers doing this type of thing as default, or at least as a built-in feature. It can also help in keeping tracking sites like the ‘social site that shall not be named’ at bay.
I bet it’s Etsy.
I bet it's Etsy.
Dangit, I thought that was
Dangit, I thought that was still a secret. Now everyone’s gonna find out about my personalized monogrammed bracelet obsession. I mean hobby. I mean business.
Will this be coming to mobile
Will this be coming to mobile chrome (Android specifically)? I have had my email inbox open in a old tab for a week with dozens of other open tabs, it ended up getting hacked (along with my Amazon/steam/rockstar social club) by some Ukrainian lol.
Just updated the Firmware on
Just updated the Firmware on my HP Probook(Ivy Bridge Mobile CPU) for the 2nd time this year and more new Intel Spectre nasty bugs are just found that are needing to be fixed. I just wonder when Intel will get all this fixed in their CPU hardware and close up more fully these side channel cockups without haveing the system performance suffer.
I’m waiting for more Laptops(Business laptops) to appear that make use of AMD’s Raven Ridge Pro SKUs and hopefully HP will be updating their new Probooks with some Raven Ridge Pro Options.
So this means PCs really need to offer more memory and maybe for laptops 16GB will be possible on more offerings. How much is all this extra protection/process isolation going to cost in system performance.
No thank you. this better
No thank you. this better stay an option.
Site isolation is a long time
Site isolation is a long time coming. Even firefox is trying to get there. Spectre really exposed the need to kill off shared processes and memory. If we hadn’t started sharing memory and cache, we’d have much better security with regard to buffer overflows and timing attacks.
Totally needed in hindsight and certainly forecasted by security experts.
This is very useful for the
This is very useful for the scam industry: Put 500 iframes into a scam site – which will cause their pc to freeze from all the ram usage – and tell them to call one of them microsoft scam numbers to fix issue!
Why not tell AMD and Intel to delete their ME (management engine) and PSP (platform security processor) and fix their intentional “performance features” (speculative execution) and put SECURITY in the same place as CORRECTNESS instead of treating performance first because muuuuh Crysis?