Chrome RAM Usage Has Increased Because Of Spectre Fixes

Chrome 67 Site Isolation keeps Spectre attacks at bay

Chrome 67 protects against Spectre hacks but gobbles more RAM

The feature looked to improve stability, while making the internet browser more resistant to attacks such as Spectre. It's good news for security but as we've seen with other fixes, it'll cost you in terms of system resources. Google believes there's a 10 to 13 percent memory overhead compared to earlier versions since it'll need to run processes for each site. Some of the performance hit can be offset by smaller and shorter-lived renderer processes.

If you've noticed that Chrome on the desktop is using more RAM, you're not imagining it. Google has enabled a Site Isolation feature in Windows, Mac, Linux and Chrome OS to help mitigate against the Spectre vulnerability - and it's a bit memory-hungry. It has held back one percent to monitor performance. With Chrome 67, things just got even worse.

The mitigation is an impressive engineering feat that's created to lessen the damage of attacks that exploit a new class of vulnerability that came to light in January.

As you may recall, such attacks use the speculative execution features of most processors to access sections of memory that should be off-limits to a piece of code.

Following the disclosure of the Spectre and Meltdown vulnerabilities, browser vendors have been in the hard position of balancing mitigations for these hardware-level vulnerabilities with preserving browser performance.

Chrome has always had a multi-process architecture separated by tabs, but a single tab could render content from multiple domains by way of cross-site iframes or clever JavaScript. As a result, Reis notes, Chrome can rely on the operating system to prevent attacks between processes and between sites. Thus, https://google.co.uk would be a site, and subdomains like https://maps.google.co.uk would stay in the same process.

Canada extends leadership of North Atlantic Treaty Organisation battlegroup in Latvia for four years
According to the CBC, Canada will spend 1.23 percent of its GDP on defense in 2018, down from 1.36 percent a year ago . With all, Trump believes the U.S.is getting "ripped off" in an unfair marketplace.

Load chrome://flags/#enable-site-per-process in the browser's address bar. Threads used to render the page in one process can not interfere with nor snoop on, via speculative execution or crafty JavaScript, other sites, prevent malicious pages from lifting passwords and other secrets. As of yet, it remains disabled on Android, though is expected to be enabled in the future.

"This means all navigations to cross-site documents cause a tab to switch processes". The first uses of out-of-process iframes shipped previous year to improve the Chrome extension security model. "This significantly reduces the threat posed by Spectre".

Tip: Firefox supports a similar feature called First-Party Isolation. CORB tries to transparently block cross-site HTML, XML, and JSON responses from the renderer process, with nearly no impact to compatibility.

"Site Isolation is a significant change to Chrome's behavior under the hood, but it generally shouldn't cause visible changes", Google's Charlie Reis explains.

Spectre breaks the isolation between different applications and allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. To date, most others have disabled the same types of precise timers as Chrome.

Latest News