Chrome 63 offers even more protection from malicious sites, using even more memory -

Chrome 63 offers even more protection from malicious sites, using even more memory

Credit: arstechnica.com

  • Dec 07 2017 22:10About: 4 days ago
  • 10 views

To further increase its enterprise appeal, Chrome 63—which hit the browser's stable release channel yesterday—includes a couple of new security enhancements aimed particularly at the corporate market.

The first of these is site isolation, an even stricter version of the multiple process model that Chrome has used since its introduction. Chrome uses multiple processes for several security and stability reasons. On the stability front, the model means that even if a single tab crashes, other tabs (and the browser itself) are unaffected. On the security front, the use of multiple processes makes it much harder for malicious code from one site to steal secrets (such as passwords typed into forms) of another.

Chrome's default model is, approximately, to use one process per tab. This more or less ensures that unrelated sites are kept in separate processes, but there are nuances to this set-up. Pages share a process if they are related through, for example, one opening another with JavaScript or iframes embedding (wherein one page is included as content within another page). Over the course of a single browsing session, one tab may be used to visit multiple different domains; they'll all potentially be opened within a single process. On top of this, if there are already too many Chrome processes running, Chrome will start opening new pages within existing processes, resulting in even unrelated pages sharing a process.

Chrome 63 introduces a new mode called "Site Isolation." In Site Isolation mode, this sharing is eliminated and the browser applies a much stricter policy to ensure that individual sites remain in separate processes. Even pages that were formerly "related" (and hence eligible for a shared process) will be separated, and a long browsing session within a tab that spans several different sites will get a new process each time a new domain is visited. The process sharing due to having a large number of processes is also disabled with this mode.

Google has had to update Chrome to enable this mode. One of the reasons that sharing was used initially is that some pages are allowed to communicate with one another, using certain JavaScript mechanisms. Originally, these mechanisms only worked when the different pages used the same process. In Chrome 63, that communication can cross between processes. Similarly, embedded iframes can use a different process for the parent than for the child.

Naturally, this greater use of multiple processes incurs a price; with this option enabled, Chrome's already high memory usage can go up by another 15 to 20 percent. As such, it's not enabled by default; instead, it's intended for use by enterprise users that are particularly concerned about organizational security.

The different blockable extension permissions.
Enlarge / The different blockable extension permissions.

The other new capability is the ability for administrators to block extensions depending on the features those extensions need to use. For example, an admin can block any extension that tries to use file system access, that reads or writes the clipboard, or that accesses the webcam or microphone.

Additionally, Google has started to deploy TLS 1.3, the latest version of Transport Layer Security, the protocol that enables secure communication between a browser and a Web server. In Chrome 63, this is only enabled between Chrome and Gmail; in 2018, it'll be turned on more widely.



Follow Us on Twitter

Google gives Administrators ways lock down browser.

Related stories with Chrome 63 offers even more protection from malicious sites, using even more memory

Ubisoft Has No Plans To Remove Russia From Steep Expansion After Olympic Ban -World News
Ubisoft Has No Plans To Remove Russia From Steep Expansion After Olympic Ban 4 days ago
Two days ago, the International Olympic Committee barred Russia from the 2018 Winter Olympics for a widespread doping scandal, preventing all competitors and officials who wear a Russian flag from participating in the Pyeongchang, South Korea games.
Libya says pushing to be removed from Trump travel ban list -World News
Libya says pushing to be removed from Trump travel ban list 4 days ago
TRIPOLI: Libya's internationally recognised government has appealed to the United States to drop or ease a travel ban imposed on its citizens by U.S. President Donald Trump, the Foreign Ministry said on Thursday. "The Libyan Foreign Ministry, through its
Tulsa Woman Arrested In Claremore For False Impersonation -World News
Tulsa Woman Arrested In Claremore For False Impersonation 4 days ago
A Tulsa woman who was arrested earlier this year for child neglect and animal cruelty was taken into custody Wednesday night after being located in Claremore. 
Re: Saudi offers Abu Dis as future capital of Palestine -World News
Re: Saudi offers Abu Dis as future capital of Palestine 4 days ago
A Saudi proposal for a peace initiative between Israelis and Palestinians offers the village of Abu Dis as the future capital of Palestine instead of East Jerusalem, stirring widespread anger. Acti...
Overwatch's Winter Wonderland event returns next week with a new Mei-themed mode -World News
Overwatch's Winter Wonderland event returns next week with a new Mei-themed mode 4 days ago
Overwatch's festively themed Winter Wonderland event will return next week, Tuesday December 12th, Blizzard has announced.Winter Wonderland debuted last year, and its return promises a mix of the familiar and new. There'll be both old and new holiday them
Re: Saudi offers Abu Dis as future capital of Palestine -World News
Re: Saudi offers Abu Dis as future capital of Palestine 4 days ago
A Saudi proposal for a peace initiative between Israelis and Palestinians offers the village of Abu Dis as the future capital of Palestine instead of East Jerusalem, stirring widespread anger. Acti...
Re: Saudi offers Abu Dis as future capital of Palestine -World News
Re: Saudi offers Abu Dis as future capital of Palestine 4 days ago
A Saudi proposal for a peace initiative between Israelis and Palestinians offers the village of Abu Dis as the future capital of Palestine instead of East Jerusalem, stirring widespread anger. Acti...
Re: Saudi offers Abu Dis as future capital of Palestine -World News
Re: Saudi offers Abu Dis as future capital of Palestine 4 days ago
A Saudi proposal for a peace initiative between Israelis and Palestinians offers the village of Abu Dis as the future capital of Palestine instead of East Jerusalem, stirring widespread anger. Acti...
Re: Saudi offers Abu Dis as future capital of Palestine -World News
Re: Saudi offers Abu Dis as future capital of Palestine 4 days ago
A Saudi proposal for a peace initiative between Israelis and Palestinians offers the village of Abu Dis as the future capital of Palestine instead of East Jerusalem, stirring widespread anger. Acti...
Santa's here from Lapland to meet needy kids -World News
Santa's here from Lapland to meet needy kids 4 days ago
Thirty-three underprivileged children enjoyed an early yuletide treat at Gardens by the Bay yesterday morning. They met a special Santa who had flown in from Lapland, Finland - billed as the unofficial home of Santa Claus. The children from Hope Ce
Every WWE NXT Call-Up In 2017: Ranked From Worst To Best -World News
Every WWE NXT Call-Up In 2017: Ranked From Worst To Best 4 days ago
Booms, busts, and everything in between.
Various News: Alexa Bliss & Kane Battle Over a Camel, Impact Talent Set For Saturday’s WrestlePro Event, Preview For Tonight’s Impact -World News
Various News: Alexa Bliss & Kane Battle Over a Camel, Impact Talent Set For Saturday’s WrestlePro Event, Preview For Tonight’s Impact 4 days ago
– Alexa Bliss and Kane were in the office at The National today while in Abu Dhabi. They played a game of who knew the[.........] The post Various News: Alexa Bliss & Kane Battle Over a Camel, Impact Talent Set For Saturday’s WrestlePro Event