Mitigating Spectre with Site Isolation in Chrome

Discussion in '[H]ard|OCP Front Page News' started by cageymaru, Jul 12, 2018.

  1. cageymaru

    cageymaru [H]ard|News

    Messages:
    18,629
    Joined:
    Apr 10, 2003
    The Google Security Blog has showcased a newly enabled Chrome feature that helps to protect against speculative execution side-channel attacks like Spectre. Site Isolation limits each renderer process to documents from a single site. To put this in context, previously Chrome allowed cross-site popups and iframes to access and stay in the same process as the page that created them. The cost of this enhanced security is 10% to 13% more memory usage.
    It is good to see enhanced security features being enabled in Chrome, but I've been fighting the extra memory usage while doing the news. I'm glad to see that the Google Chrome development team is optimizing this new feature and porting it to Android.

    In January, Google Project Zero disclosed a set of speculative execution side-channel attacks that became publicly known as Spectre and Meltdown. An additional variant of Spectre was disclosed in May. These attacks use the speculative execution features of most CPUs to access parts of memory that should be off-limits to a piece of code, and then use timing attacks to discover the values stored in that memory. Effectively, this means that untrustworthy code may be able to read any memory in its process's address space.
     
  2. Z3r0k3wl

    Z3r0k3wl [H]Lite

    Messages:
    110
    Joined:
    Feb 13, 2014
    Glad I went with 32GB of ram on my new build.
     
  3. M76

    M76 [H]ardness Supreme

    Messages:
    7,439
    Joined:
    Jun 12, 2012
    Doggie doggie what now? The whole problem with speculative execution is that processes could access memory outside their address space, no? If all it took to mitigate the risk is to isolate the process in it's own memory, then we wouldn't need all these microcode upgrades would we?
     
  4. cageymaru

    cageymaru [H]ard|News

    Messages:
    18,629
    Joined:
    Apr 10, 2003
    I think that we've just begun with Spectre / Meltdown patches and mitigation. I like the idea of placing things into their own container within the browser. But I feel as if it is just a matter of time before the octopus figures out how to climb out of one tank and enter into another with all the tasty fish in it.
     
  5. dgz

    dgz [H]ardness Supreme

    Messages:
    4,460
    Joined:
    Feb 15, 2010
    cageymaru likes this.
  6. Shikami

    Shikami Gawd

    Messages:
    562
    Joined:
    Apr 5, 2010
    It is always mentioned Chrome 67 has it enabled by default instead of mentioning the major.minor.patches. I have Version 67.0.3396.99 (Official Build) (64-bit) and if i check it is disabled. The way some give information can be pissy, at times. Like, for example, with Chrome 67.shit.spyedition.1b, which is now released and will update on all systems, has this now enabled by default. Would that not be more (properly) informative?
     
  7. katanaD

    katanaD [H]ard|Gawd

    Messages:
    1,508
    Joined:
    Nov 15, 2016
    one could always not visit questionable websites...

    :rolleyes:
     
  8. Chupachup

    Chupachup Limp Gawd

    Messages:
    440
    Joined:
    Jan 12, 2014
    The current build of Chrome (67.0.3396.99) broke in-video pop ads for YouTube. I watched several videos last night only to realise that where the should be an ad popping, only an broken link, report and close icons were visible. This is NOT a complaint! :ROFLMAO: