Chrome 63 Offers Even More Protection From Malicious Sites, Using Even More Memory

An anonymous reader quotes a report from Ars Technica: To further increase its enterprise appeal, Chrome 63 -- which hit the browser's stable release channel yesterday -- includes a couple of new security enhancements aimed particularly at the corporate market. The first of these is site isolation, an even stricter version of the multiple process model that Chrome has used since its introduction. Chrome uses multiple processes for several security and stability reasons. On the stability front, the model means that even if a single tab crashes, other tabs (and the browser itself) are unaffected. On the security front, the use of multiple processes makes it much harder for malicious code from one site to steal secrets (such as passwords typed into forms) of another. [...]

Naturally, this greater use of multiple processes incurs a price; with this option enabled, Chrome's already high memory usage can go up by another 15 to 20 percent. As such, it's not enabled by default; instead, it's intended for use by enterprise users that are particularly concerned about organizational security. The other new capability is the ability for administrators to block extensions depending on the features those extensions need to use. For example, an admin can block any extension that tries to use file system access, that reads or writes the clipboard, or that accesses the webcam or microphone. Additionally, Google has started to deploy TLS 1.3, the latest version of Transport Layer Security, the protocol that enables secure communication between a browser and a Web server. In Chrome 63, this is only enabled between Chrome and Gmail; in 2018, it'll be turned on more widely.

Chrome 63's memory usage is lower than Firefox 57

I've been using Chrome 63 and I've found its memory usage to be much lower than Firefox 57's.

I find that Chrome 63 performs a lot better than Firefox 57 does, too. This is strange, because Firefox 57 is supposed to be faster, from what I've been hearing, but I really didn't notice any difference.

What I did notice is that Firefox 57 broke nearly all of my extensions! Some of them I can't even replace, because the authors have given up and aren't bothering to port them to Firefox 57, or worse, they can't even port them because WebExtensions is too crippled.

I started evaluating Chrome after Firefox 57 broke my extensions, and I think I'll be sticking with Chrome. I find it so much faster, and I find it uses less memory. Firefox's extensions used to be a big win for it, but now that those are gone I find that Firefox has no advantage over Chrome, and really all it has now is a lot of disadvantages.

SO?

Who cares about Chrome? It's spyware and shouldn't be used.

Re:Dunno, more memory?

[erapert]

64 bit only gives you 2x 32 bit

Incorrect. I'll take your nerd badge now. Security will see you out and we will mail your things to you next week. Don't let the door hit you in the ass on your way out.

Memory

[ArchieBunker]

Memory is there to be used. I'm not talking about bloat or inefficiency either. Why not take advantage of system resources?

Re:Memory

[dremon]

Memory is there to be used ... Why not take advantage of system resources?

This appears to be the greatest motivational slogan for most of the modern software developers.

Re:Memory

[thegarbz]

Memory is not there to "be used" it is there to speed up the system. Using memory inefficiently defeats that purpose. That's not to say security isn't a valid purpose, it most certainly is. Just be careful with the blanket statements.

Re:Memory

[tlhIngan]

Why bother even wasting power on your unused memory then? Might as well unplug it and sell it for a few bucks. If it uses those extra unused gigs to display pages faster then who cares? People brag about how much ram they own then bitch when something actually uses it.

It's there to be used, but not wasted. Just because my PC has 64 gigs of RAM, doesn't mean Chrome can use all 64 gigs. In fact, I want Chrome to behave itself - to use as much memory as it needs, but no more. And to be well behaved enough in its memory access patterns than should it get swapped out, it doesn't have to swap everything in just to become responsive again. (Firefox was bad at this - if even a little bit of Firefox got swapped out, it became unresponsive until it was completely swapped back in).

Lots of things on my machine use lots of RAM. Enough that there's no "free" RAM - if Chrome isn't using it, it's being used by something else - a VM, another application, etc.

Extra Chrome memory usage isn't a problem, provided if it gets swapped out, it can be relatively performant by not requiring everything be swapped back in. Even if Chrome needs 32GB of RAM, if it still performs great when the OS cuts it down to 2GB of RAM (rest in swap), then Chrome is good. But if Chrome requires the OS to swap in 8+ GB in order to respond to a click on a tab, then it's using too much RAM>

Re:Memory

[nashv]

The cost of memory efficiency during development at this time beats the cost of memory itself by far at this time point.

An average software developer charges what at least 30$ an hour ? An how much time does it take to improve efficiency in large complex programs ? 1 working day at least ?

For those 300$ I can have 16 GB of DDR4 RAM delivered tomorrow. Sorry, I want to care, but I just can't.

Re:Memory

[Entropius]

People run browsers on laptops, some with soldered-in memory.

My laptop doesn't have soldered-in memory, but only has 8GB; it was a pretty high-spec Dell XPS 13 when I bought it. I don't have swap enabled, since when I got the machine it only had a 128gb SSD, and while I've upgraded that since then I've not bothered to make a swap partition.

I would really prefer my web browser behave itself and not chew up three-quarters of that unless it is absolutely necessary; I'm running Opera at the moment and it seems to behave itself.

Re:Memory

[nashv]

I use Chrome on a Chromebook with 4GB RAM , and at the same time a 32 GB Dell XPS 15 too. Never ran into a memory issue.

Re:Patronizing Douche Nozzles!

[sims+2]

I jumped to chrome when it was released because it was much faster at the time. At the time it meant giving up a lot of things that I used all the time like adblocking and a lot of site compatibility.

Then there was firefox's memory leaks.

Stuff worked with firefox not so much with chrome.

Today there's not nearly as much of a difference in speed but there's not really much reason for me to switch back either I don't like what firefox has become but I still miss a few of the addons.

Whatever, not enabled, but what about new freezes?

[RhettLivingston]

Ever since my Chrome updated yesterday, a lot of mainstream sites such as news sites have been freezing on me. After a few minutes the mouse pages no longer respond to the mouse in any way (can't even select text) forcing me to reload them. I run on Ubuntu with more than enough memory (32GB) to not care and rarely see my CPU top 10%. Anyone else experiencing this?

Re: Dunno, more memory?

[Zero__Kelvin]

If you're professing to understand math you should understand units. It is 64 bits of address space, not 64 bits of memory.

Ahh, web browsers...

[phozz+bare]

The web browser: the glorified terminal emulator of the 21st century. Where every kilobyte of input takes a megabyte of RAM. Or fifty. How can it be considered remotely plausible that maintaining the state of 15 tabs (mostly text, some images, no video) requires 5 GB? Surely it must be one of the great mysteries of modern computing.

Should one trust nonfree SW w/ said access?

[jbn-o]

The other new capability is the ability for administrators to block extensions depending on the features those extensions need to use. For example, an admin can block any extension that tries to use file system access, that reads or writes the clipboard, or that accesses the webcam or microphone.

In this description one is clearly supposed to trust a nonfree program (Google Chrome) to vet other software's access to the file system, clipboard, webcam, and microphone. But one has no good reason to call Chrome trustworthy. Users have no idea what the Chrome code is doing when it runs because that program is nonfree software. No matter how capable the user is, no matter how willing they are to research and fix problems, Chrome users are not allowed to help themselves by reading the complete Chrome source code, modifying said source code, or help others in the community by distributing Chrome code (whether modified or not). The only users allowed to do these things are the people one ought not trust because they're the proprietor. As a side issue that proprietor happens to be a spy organization. So one should wonder if administrators can block Google Chrome's access to these things too or perhaps that is best addressed by not running Google Chrome in the first place.

Re:Better idea to secure Chrome

[theweatherelectric]

As in, they put their own code into it.

Cool, where can I download it? It is hosted on GitHub?

Chrome better watch out.

[ShamblerBishop]

Firefox has almost caught up with Chrome - it's at 57 now, and will overtake it soon...

Re: Dunno, more memory?

[K.+S.+Kyosuke]

I know what you're talking about, but "math" doesn't have address spaces. And 64 bits are still 2x 32 bits, which *can* be a problem in pointer-heavy software (think trees, not float matrices). Which means you may have to use more memory cells to do exactly the same thing. Or use a smarter environment than C/C++ that doesn't try to waste space in 64 bit fields when it doesn't need it, but then I'd be demanding too much from most programmers...

Re: Dunno, more memory?

[Zero__Kelvin]

You clearly know nothing about C, C++, or hardware architectures. A good rule of thumb is to know what you are talking about if you are planning an attempting to condescend. You have violated that rule.

Re: Dunno, more memory?

[K.+S.+Kyosuke]

Yeah, I clearly know nothing about this, having programmed in C for only a quarter century and having only done 6510, 8051 and 8086 assembly programming. :-p

Re: Dunno, more memory?

[Zero__Kelvin]

That's correct. If you don't know that C and C++ give you complete control over data sizes and allow you to use the hardware optimally, and that it is literally impossible to create a language that does better than that, you know nothing about it. There are plenty of C programmers who are clueless about the underlying details. You have shown yourself to be one of them by your absurd statements.

Re: Dunno, more memory?

[K.+S.+Kyosuke]

If you don't know that C and C++ give you complete control over data sizes and allow you to use the hardware optimally

No, they don't. Just look at DataDraw to see what hoops you have to jump through to get over the limitations of C/C++ overspecification that prohibits major memory optimizations. C can't see the forest for the trees, hence major opportunities are hidden from it and only available either through tedious hand-holding or through building tools above that see further. The mention of C++ I will treat with silent contempt.

Re: Dunno, more memory?

[Zero__Kelvin]

I'm not going to waste my time, but if you give an example of what you think C can't do I'll be glad to explain why you are wrong.