Monday, 22 October 2018
Latest news
Main » Google: Chrome now protects you from Spectre password-stealing attacks

Google: Chrome now protects you from Spectre password-stealing attacks

13 July 2018

Google is investigating how to extend Site Isolation coverage to Chrome for Android, where there are additional known issues.

The feature "generally" shouldn't break legitimate site behavior. You could also add a command line flag to start Chrome with -site-per-process, but that's a lot of work. Some of the performance hit can be offset by smaller and shorter-lived renderer processes.

Google announced this week that Chrome 67 now has a Site Isolation feature turned on by default that "does cause Chrome to create more renderer processes, which comes with performance tradeoffs", according to software engineer Charlie Reis. The remaining 1% of installations without Site Isolation is used as a control group to monitor performance and issues.

More news: North Koreans Miss Meeting About US Soldier Remains

Site Isolation was enabled by default on desktops with the release of Chrome 67, at the end of May, as previously reported. The feature offers protection against attacks that use the speculative execution features of most processors in order to get access to parts of the memory which aren't meant to be accessed.

Google said Site Isolation is a large change to Chrome's architecture, limiting each renderer process to documents from a single site.

Google explains that the objective of the fix is to prevent an attacker from getting more data from the user. Thus, https://google.co.uk would be a site, and subdomains like https://maps.google.co.uk would stay in the same process.

More news: Donald Trump slams Theresa May's Brexit negotiations in United Kingdom interview

To check whether this is enabled, or disable it should you choose (which we don't recommend), you can head to chrome://flags#enable-site-per-process in your location bar, and then set the toggle for Strict Site Isolation to either Enabled or Disabled. "As a result, a malicious website will find it more hard to steal data from other sites, even if it can break some of the rules in its own process". "This would allow a successful Spectre attack to read data (e.g., cookies, passwords, etc.) belonging to other frames or pop-ups in its process", explained Reis.

As long as you see the subframe processes, Site Isolation is enabled on your system.

When enabled, all navigations to cross-site documents cause a tab to switch processes and puts all cross-site iframes into a different process than their parent frame, using "out-of-process iframes".

More news: Trump lashes out at North Atlantic Treaty Organisation allies calling for increase in defence spending

"Splitting a single page across multiple processes is a major change to how Chrome works, and the Chrome Security team has been pursuing this for several years, independently of Spectre". "This significantly reduces the threat posed by Spectre".

Google: Chrome now protects you from Spectre password-stealing attacks