Google Chrome Offers a Spectre Fix That Uses More Memory

Previously we discussed that a possible fix for a Spectre-like CPU flaw would slow machines down. Version 67 of the Chrome browser is now implementing the fix. It will indeed protect you against Spectre-based attacks, but it will also chew up ten to thirteen percent more system memory.

Google Chrome 67 enables “site isolation” to protect against Spectre-like bugs, but that makes it use more RAM.

Site isolation does cause Chrome to create more renderer processes which comes with performance tradeoffs,” explains Charlie Reis of Google.

On the plus side, each renderer process is smaller, shorter-lived, and has less contention internally, but there is about a ten to thirteen percent total memory overhead in real workloads due to the larger number of processes. Our team continues to work hard to optimize this behavior to keep Chrome both fast and secure.

news-chrome-spectre-fix-browser

Site isolation has been available experimentally since Chrome 63, but it’s now enabled by default for nearly all Chrome users.

Site isolation is a large change to Chrome’s architecture that limits each renderer process to documents from a single site,” continues Reis.

This means that even if a Spectre attack were to occur in a malicious webpage, data from other websites would generally not be loaded into the same process, and so there would be much less data available to the attacker. This significantly reduces the threat posed by Spectre.

On a technical aspect, if you own a high-end computer with plenty of RAM, and you are not opening hundreds of tabs at the same time, this probably won’t affect you much. On a Chromebook or older computer/phone, you might feel the effect after opening a few more tabs than necessary.

The Spectre-based CPU flaws can potentially be very damaging. It could damage firmware, your OS, software, etc. It’s not something to mess around with. While no one wants their browser to become significantly slowed down, the prospect of the damage Spectre could cause would be worse.

Chrome isn’t even the only browser hit, and all of the major browsers are working on updates to protect against Spectre.

news-chrome-spectre-fix-man

As soon as this was discovered at the beginning of the year, Microsoft issued a Windows security update for both Internet Explorer and Edge. It handled it by making it more difficult to access confidential information via timing delays in a device’s CPU. Firefox includes mitigation techniques and was working on additional ways to protect it by removing the leak closer to the source. Apple also instituted fixes in Safari to protect against these attacks, and did so without any immediate impact on performance.

But these browsers and OS have been constantly updated throughout the year as they continue to work on protecting against Spectre-like attacks. The most important advice for keeping all your data safe is to pay attention to updates. As long as you keep updating your OS and browser, no matter which it is, you can be sure you are employing the best ways to protect against the Spectre-like attacks.

Are your browsers and OS up to date? Do you notice that Chrome is more of a memory hog now that it’s protecting you against a Spectre-like attack? Let us know in the comments below.

Leave a Reply

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.