Starting with version 67, the Google Chrome browser for computers uses a new security mode called Site Isolation (site isolation). It neutralizes threats of the Specter class but increases the browser’s consumption of RAM by 10-13% depending on the device.
The essence of Site Isolation is very simple: each site is launched in a separate sandbox (isolated from each other). Although this seems to be a fairly simple solution, the implementation of this was extremely difficult – at least, according to the head of the security department of Chrome Justin Schuh (Justin Schuh). A visual representation of the isolation mode of sites is available in the image above.
According to Justin, Chrome developers have not yet been able to reduce the consumption of the new mode of RAM, because of what they cannot implement it in the mobile version of the browser. It remains to be hoped that experts from the “good corporation” will still be able to optimize Site Isolation and this mode will become standard for all versions of Chrome.
Recall that the vulnerabilities of the Specter class still pose a serious threat – in mid-July 2018, two enthusiasts discovered new security holes in Intel processors.