The entire tech industry was shaken after the discovery of Meltdown and Spectre, critical security bugs that were found in almost all modern computer processors, and the aftershocks are still being observed. Chrome is the newest victim of the collateral damage that these bugs have brought forth.
Reportedly, Google Chrome 67 has now enabled Site Isolation feature to protect users from Spectre but this has come at a big price. The browser will now be using 10 to 13% more RAM (as if it doesn’t use enough already) because that’s the requirement of the fix.
Spectre is basically a flaw in the way processors are designed and is present in every CPU currently available in the market. It exploits speculative execution related issues and can read memory easily, which otherwise the processor cannot access.
In order to fix this issue, Chrome 67 will by-default has Site Isolation feature enabled. It will substantially restrict the rendering process to a single site. This means you will have one chrome.exe process for hackread.com and another for yahoo.com, etc.
This segregation of processes would prevent direct reading of memory across processes and the Chrome will be able to make use of built-in OS protections against Spectre. Furthermore, all iframes, which usually are for advertisement purposes, are placed into separate processes instead of being put into the parent frame. This although would increase security but memory usage will be increased too.
According to a blog post by Charlie Reis from Google, Site Isolation feature creates “more renderer processes” and comes with some performance “tradeoffs”. However, the positive aspect is that every renderer process is smaller and short-lived, therefore, the internal contention is minimal. Reis further revealed that in real workloads, there is approx. a 10-13% total memory overhead because the processes are too many.
Google claims that the reason behind this step is to prevent an attacker from obtaining more information from the computer since Meltdown and Spectre can let hackers to steal user data without the knowledge or consent of the user. Site Isolation can prevent data to be loaded from multiple sites in a single process so if an infected web page attempts to launch the Spectre attack, other pages’ data won’t get compromised.
Site Isolation has now been released as default for over 99% of all Chrome users across all platforms including Windows, Linux, Chrome, and MacOS. So, those who like to open various tabs at ones will face issues from now on as this will increase memory usage tremendously. It is about time you get a tab manager extension installed.