Google’s updated Chrome 67 web browser includes a crucial new security feature, but will consume considerably more memory as a result.
Chrome 67 for Windows, macOS, Linux and Chrome OS is out now and features a new Site Isolation tool enabled by default. The new feature promises to shield against highly-publicised system exploits like Spectre and Meltdown.
Google explains that Site Isolation is “a large change to Chrome’s architecture that limits each renderer process to documents from a single site” that’ll close the loopholes exploited by the attackers.
On its security blog Google explains that, as a result, Chrome will be able to rely on the operating system to prevent the “attacks between processes, and thus, between sites.”
Within the post, Charlie Reis of the Chrome team explained that the browser had a multi-process architecture, meaning that different tabs were able to use different renderer processes. However, this enabled an attacker to read data that belonged to other tabs. That ends with Site Isolation.
Reis writes: “When Site Isolation is enabled, each renderer process contains documents from at most one site. This means all navigations to cross-site documents cause a tab to switch processes.”
Unfortunately for Chrome users, this peace of mind comes with a more stressed-out PC or Mac. The new feature will use 10-13% more RAM because of the increased number of processes running in real time.
Reis writes: “Site Isolation does cause Chrome to create more renderer processes, which comes with performance tradeoffs: on the plus side, each renderer process is smaller, shorter-lived, and has less contention internally, but there is about a 10-13% total memory overhead in real workloads due to the larger number of processes. Our team continues to work hard to optimize this behavior to keep Chrome both fast and secure.”
Are these added protections worth slowing down your PC considerably? Answer “yes” or “ummmm duh!” @TrustedReviews on Twitter.