Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Quietly Enables 'Site Isolation' Feature for 99% of Chrome Desktop Users (bleepingcomputer.com)

Posted by msmash on from the how-about-that dept.

Google has quietly enabled a security feature called Site Isolation for 99% of its desktop users on Windows, Mac, Linux, and Chrome OS. This happened in Chrome 67, released at the end of May. From a report: Site Isolation isn't a new feature per-se, being first added in Chrome 63, in December 2017. Back then, it was only available if users changed a Chrome flag and manually enabled it in each of their browsers. The feature is an architectural shift in Chrome's modus operandi because when Site Isolation is enabled, Chrome runs a different browser process for each Internet domain. Initially, Google described Site Isolation as an "additional security boundary between websites," and as a way to prevent malicious sites from messing with the code of legitimate sites.

8 of 70 comments (clear)

  1. 10% by phantomfive · · Score: 5, Informative

    10% memory usage increase, according to the article. Defends against spectre and meltdown somewhat.

    --
    "First they came for the slanderers and i said nothing."
    1. Re:10% by Z00L00K · · Score: 2

      But is the site isolation complete so that all cached info is now tied to the site you browse and third party cookies and cached data as well is living in total separation?

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  2. Is it just for the URL in the address bar? by dwywit · · Score: 4, Interesting

    Or does it cover each and every third-party domain, e.g. all the advertising domains pinged by landing on a web page?

    Those domains are just as dangerous, if not more so, than the domain shown in the address bar.

    --
    They sentenced me to twenty years of boredom
  3. Disabled by default? by iamagloworm · · Score: 5, Informative

    99% of users? I am on the latest chrome and it was disabled for me. Check at chrome://flags/#enable-site-per-process

    1. Re:Disabled by default? by Gavagai80 · · Score: 2

      Same for me, on Chrome 67. Perhaps it's only enabled for new installations for now?

      --
      This space intentionally left blank
    2. Re:Disabled by default? by onco_p53 · · Score: 2

      Yes off for me as well, thanks for the link to change the option.

  4. Re:Registered /.ers review of the Win64 model by nullbort · · Score: 3, Informative

    https://pi-hole.net/

  5. So the approved ads by AHuxley · · Score: 3, Funny

    really know the user is looking and only approved ads get displayed.

    --
    Domestic spying is now "Benign Information Gathering"