Google Chrome is often criticised as a RAM hog and the problem is about to worsen. In an effort to mitigate any future security threats posed by the Spectre vulnerability, Google is implementing a technology that will increase Chrome’s RAM usage by over 10%, a number that is significant for many low-end systems.
In an official blog post, Google has announced that it has implemented a new security feature called Site Isolation that will attenuate the risks posed by speculative execution side-channel attacks that are facilitated by vulnerabilities such as Spectre. But the downside is, users will have to trade increased RAM consumption and performance slowdown for some added security
“Site Isolation does cause Chrome to create more renderer processes, which comes with performance tradeoffs: on the plus side, each renderer process is smaller, shorter-lived, and has less contention internally, but there is about a 10-13% total memory overhead in real workloads due to the larger number of processes”, read Google’s blog post.
Google has enabled the Site Isolation security feature on Chrome for Windows, Mac, Linux and the Chrome OS platform, however, the feature has been available as an experimental enterprise policy since Chrome 63. Google claims that Site Isolation is one of the most effective mitigation techniques which can thwart data theft in case an attack like Spectre occurs.
Google began the rollout of Chrome 64 for desktop, which introduced basic mitigation for Meltdown and Spectre (Variant 2) in form of a refreshed JavaScript engine which claimed to block any malicious codes that are eyeing your CPU’s secrets. However, the feature has been available as an experimental enterprise policy since Chrome 63, but it is only now that the feature has been widely available to all Chrome users.
Google has now enabled Site Isolation for 99% of Chrome users on all platforms, with the 1% reserved for monitoring its net impact and effect on performance. Moreover, the feature will be available on an experimental basis in Chrome 68 for Android, and will also make its way as a stable security feature on Chrome for Android to handle similar security threats.