What is Super Duper Secure Mode in Microsoft Edge and How to Enable It

Microsoft is experimenting with a new feature for enhanced security while browsing the internet via Edge. The browser already provides three levels of privacy protection, including Basic, Balanced, and Strict. But now, Microsoft Edge is testing a new feature called Super Duper Secure mode for even better security. You will learn everything about this feature in this article. That includes what is Super Duper Secure mode in Edge, its pros and cons, and how to enable it to test the upcoming feature right now.

Use Super Duper Secure Mode in Microsoft Edge (2021)

Edge’s Super Duper Secure mode is currently available behind a feature flag in Canary, Dev, and Beta channels. If you use Edge on any of these channels, here’s how you can try it out ahead of the general release.

What is Super Duper Secure Mode in Microsoft Edge?

Super Duper Secure Mode (SDSM) is an experimental feature in Edge to improve the browser’s security. The name of this feature is currently a little…edgy, but Microsoft says it may change the name before it ships the feature to the stable version. And of course, since this is an experimental feature, there’s a chance that SDSM may never make its way to the stable Edge build.

So, what does Super Duper Secure mode do? Before getting to that, it’s important to understand how most modern JavaScript engines work. To ensure performance, JS engines use something called Just-In-Time (JIT) Compilation. With JIT, the compilation is performed during execution time. This approach has its benefits like optimization and faster overall performance.

However, JIT has a security problem. As Microsoft points out, almost 45 percent of the CVE (Common Vulnerabilities and Exposures) issued for the V8 JavaScript engine are related to JIT. A separate Mozilla analysis quoted by Microsoft highlights that a majority of vulnerabilities were related to JIT, as depicted in the chart below.

vulnerabilities by type
Image: Mozilla

To improve the security of the Microsoft Edge browser, what Super Duper Secure mode does is disable JIT (TurboFan/ Sparkplug). Instead, it enables Control-flow Enforcement Technology (CET), which is Intel’s hardware-based exploit mitigation system to protect PCs against common malware.  Microsoft hopes to add Arbitrary Code Guard (ACG) and Control Flow Guard (CFG) protection in the foreseeable future. The company also has plans to bring this feature to Android and Mac versions of Edge.

If you are interested to learn the pros and cons of the feature, check the next section.

Benefits of Microsoft Edge Super Duper Secure Mode

A core benefit of using this mode is increased security. According to Microsoft, enabling the feature would remove half of the V8 bugs since it disables JIT. It also results in a decreased demand for frequent security patches and emergency patches once a critical JIT-related vulnerability is spotted in the wild.

And because JIT doesn’t work well with CET, ACG, and other mitigation tools, disabling it will also help the user have a safer experience while browsing the web. “This reduction in attack surface kills half of the bugs we see in exploits, and every remaining bug becomes more difficult to exploit. To put it another way, we lower costs for users but increase costs for attackers,” says Microsoft.

Disadvantages of Microsoft Edge Super Duper Secure Mode

As for the disadvantages of this approach, the most obvious one is performance, now that JIT is not in action. However, according to Microsoft’s lab tests, most users are unlikely to notice the difference. Microsoft ran tests across different categories, including power, startup, memory, and page load.

number_of_tests

With the Super Secure mode enabled, the performance mostly remained unchanged in internal tests conducted by Microsoft. The company noticed a 15% improvement and 11% regression in power on average. The memory usage, on the other hand, had a 2.3% regression in negatively impacted tests, but on positive ones, the value stood at 4.6%. Page load times witnessed the most regression at 17% and a 9.5% improvement. Disabling JIT helped improve the startup time by 8.9%, which is a minor positive to come out of this change.

improvement_and_regression

The impact on overall performance also depends on your usage patterns. To address this, Microsoft is planning to give users more control and let them configure the feature based on their needs.

Another disadvantage is that SDSM in Edge doesn’t support Web Assembly just yet. However, the company promises to add Web Assembly support over the coming months.

Enable Super Duper Secure Mode in Microsoft Edge

Now that you know what Edge’s upcoming security mode is all about, here’s how to try it out right now. Follow the steps below to enable the SDSM Edge flag:

1. Open the Edge flags page (navigate to this address – edge://flags) and search for “Super Duper Secure Mode”. You can alternatively access the flag by pasting the following address into Edge:

edge://flags/#edge-enable-super-duper-secure-mode

Super Duper Secure Mode flag

2. From the dropdown menu next to the flag, choose “Enabled” and restart the Edge browser. You have now disabled JIT in Edge and can enjoy a safer browsing experience.

enable super duper secure mode edge

Browse Safely with Super Duper Secure Mode in Edge

So that’s all you need to know before trying out the new Super Duper secure mode in Microsoft Edge. While the name might differ at launch, the functionality is likely to stay the same, albeit with minor improvements. Will you consider using this feature for added online security? Share your thoughts in the comments section below. And for information on more Edge-related features, go through our article on the best Edge tips and tricks.

Leave a Reply