Version 67 of Google’s Chrome browser for Windows, Mac, Linux, and Chrome OS now includes a new security feature called Site Isolation. This new component protects web surfers against Spectre-based attacks on the internet but for a price: 10 to 13 percent more system memory consumption.
Spectre — along with Meltdown — is a design flaw in modern processors that enable hackers to gain access to data stored in memory. This data is supposedly off limits, but the method processors use to predict the outcome of their current task leaves that data exposed. Hardware and software manufacturers have scrambled to fix these flaws since their initial reveal in January.
Although all major web browsers include “some mitigations” to prevent Spectre-based attacks, Google believes Site Isolation is the best approach. Prior to version 67, Chrome relied on a multi-process architecture that allowed each tab to have its own web page rendering process. The problem is that many websites use frames (aka iframes) to compile different web-based components together into a single page: Components that are used across multiple sites. The page may even display cross-site pop-ups too.
With Site Isolation, pages aren’t rendered in a single process. Instead, the website’s mainframe has its own render process while all other cross-site components have their own individual “out of process” rendering. This is why the browser’s memory consumption increased up to 13 percent.
According to Google, splitting a single page across multiple processes is a major change to how Chrome displays a single page.
“The Chrome Security team has been pursuing this for several years, independently of Spectre,” states Google’s Charlie Reis. “Site Isolation is a significant change to Chrome’s behavior under the hood, but it generally shouldn’t cause visible changes for most users or web developers.”
Although Site Isolation is baked into Chrome 67 for Windows, Mac, Linux and Chrome OS, only 99 percent of those installs will actually have the feature running in the background. The remaining one percent will stay inactive as Google monitors and improves performance.
Does that mean the team will trim off Chrome’s 10 to 13 percent added memory consumption? Time will tell, and given that Chrome already gobbles memory like a kid on Halloween, the extra Spectre-based consumption could be an unwanted setback for machines with low amounts of system memory.