Google recently rolled out its new browser security feature for Chrome that will help with spectre attacks that are haunting the Chrome tabs. The feature is called Site Isolation; it enables Chrome to run on its own browser process for each internet domain.
Google describes its new security feature as an “additional security boundary between websites” which will prevent malicious web pages in a tab from compromising the information on other tabs and iframes displaying pages from other domains. The security mechanism is a necessity to defend against data leaking Spectre CPU flaws. Websites could earlier use the data extracted by Spectre to steal data or login information from other websites that are open in the browser.
This feature has been introduced gradually over a few months time. The cybersecurity feature is available on Windows, Mac, Linux and Chrome OS. Site Isolation has been available as an experimental enterprise policy since Chrome 63 but now it is fully available for better application.
Charlie Reis, a Google Software Engineer said in his blog post, “We're also working on additional security checks in the browser process, which will let Site Isolation mitigate not just Spectre attacks but also attacks from fully compromised renderer processes.”