By adding new compartmentalization technology, Google’s Chrome browser has taken a step to keep websites from stealing sensitive data.
Since Google first released it publicly in 2008, Chrome has divided work among multiple computing processes. That approach helps keep one tab’s work from interfering with what’s happening in another. Google has been testing a stricter variation of this sort of partitioning to protect against Spectre, a new type of attack that Google and other researchers revealed in January.
Google released the new security feature, called site isolation, to a limited number of Chrome users starting with the Chrome 67 release in May. Now it’s “enabled for 99 percent of users on Windows, Mac, Linux and Chrome OS,” Chrome team member Charlie Reis said in a blog post on Wednesday.
The move shows just how complicated Spectre and the related Meltdown attacks are to thwart. Tech companies that make processors, operating systems and browsers all scrambled to block attackers from using the vulnerabilities to snatch sensitive data like passwords or encryption keys. The problem is severe enough to have risen to the US Congress, where senators griped on Wednesday that they hadn’t heard about Spectre sooner.
Uses more memory
Google’s site isolation feature is a major change to Chrome. It affects a core part of the browser called the renderer, which turns website programming code into actual pixels on your phone or laptop screen. With site isolation, Chrome splits renderers into separate computing processes more often to wall off data better.
Unfortunately, that means Chrome needs more memory. The increase is about 10 to 13 percent for people with lots of tabs open, Google said in a project document. The good news, though, is that site isolation lets Google relax earlier restrictions on monitoring precise timing of browser actions it had adopted to make Spectre attacks harder.
“Our team continues to work hard to optimize this behavior to keep Chrome both fast and secure,” Reis said in the blog post. And it’s also working to bring site isolation to Chrome for Android, he said.
Site isolation, a ten-year project
Reis has been working on the site isolation technology for a decade, starting with his Ph.D. research, and the Chrome team began about six years ago, Chrome security leader Justin Schuh tweeted.
Eric Lawrence, a former Chrome security team member who now works on Microsoft’s rival Edge browser, called the move “an extremely impressive achievement.”
This is an extremely impressive achievement.
Google invested many engineer-years in a feature that initially seemed hopelessly out of whack from cost/benefit POV. And then, suddenly, it wasn’t just a nice-to-have DiD, but instead an essential defense against a class of attack.Justin Schuh @justinschuhReplying to @justinschuh
I want to tweet more, because this is just such a big event. It’s the culmination of a 6-year effort (or for Charlie Reis, 10 years, starting with his Ph.D. thesis) where the team took a groundbreaking idea from the bleeding edge of academic research and made it a reality.