Following the disclosure of the Spectre and Meltdown vulnerabilities, browser vendors have been in the difficult position of balancing mitigations for these hardware-level vulnerabilities with preserving browser performance. Chrome’s Site Isolation feature was added with the release of Chrome 63 in December 2017, but it was disabled by default—users could manually change a flag to enable the feature, though under normal circumstances, few users ever encounter the chrome://flags settings page where the option was hidden.
Now, Google has remotely enabled the feature for users of Chrome 67 on Windows, Linux, macOS, and Chrome OS. As of yet, it remains disabled on Android, though is expected to be enabled in the future.
While websites are generally not able to access stored data from other websites in the browser due to Chrome’s Same Origin policy, the Site Isolation feature strengthens this protection by putting pages from different websites into different processes, which are sandboxed to limit what that process is capable of doing. According to Google, this “also [makes] it possible to block the process from receiving certain types of sensitive data from other sites. As a result, a malicious website will find it more difficult to steal data from other sites, even if it can break some of the rules in its own process.”
SEE: System update policy (Tech Pro Research)
This had not been enabled by default prior to now, as enabling Site Isolation results in roughly 10-13% higher RAM use in Chrome 67, though this is an improvement over the initial implementation in Chrome 63. Additionally, enabling Site Isolation results in some changed behaviors to frames, as Google notes that hidden cross-site frames will no longer register clicks, though they believe this to be “relatively uncommon in practice,” likewise, printing websites with cross-site subframes is unlikely to work. Some clicking / scrolling issues present in Chrome 67 with Site Isolation enabled have been patched in Chrome 68, which is expected later this month.
Enabling Site Isolation allows Google to roll back other protections that were put in place immediately following the disclosure of Spectre and Meltdown, as they are made redundant by Site Isolation. Foremost among them are support for high-resolution timers and SharedArrayBuffer, which can be used to create high-resolution timers of similar function and had been disabled by browser vendors in the wake of the vulnerability disclosure.
This mitigation was considered necessary as Spectre and Meltdown, as side-channel attacks, require precise observation and manipulation of timers in order to be successfully exploited. Enabling high-resolution timers will make it easier for developers to create web apps that work with real-time data.
The big takeaways for tech leaders:
- Google has remotely enabled Site Isolation for users of Chrome 67 on Windows, Linux, OS X, and Chrome OS.
- Site Isolation results in roughly 10-13% higher RAM use.