Site Isolation is a Chrome security feature that Google started developing to separate each website from each other, so bitter code running on one site/tab couldn’t steal data from other websites or tabs.
Google developed the Site Isolation feature to add an extra line of defense against Spectre and Meltdown-like side-channel attacks, and to prevent poisonous websites and attackers from stealing sensitive information, such as passwords and authentication cookies, stored in the browser. so the site separation ensured that different websites pages end up with different sandbox processed in the browser.
The tool was released just before Spectre and Meltdown flaws were uncovered. Even though the tool doesn’t help against flaws in the chip itself, it does eliminate the flaw from operating through the browser. Now, Google is expanding the tool to Android. Whoever has a smartphone with at least 2GB of RAM will be able to use the feature with the version Chrome77. When enabled, The expects of Site separation feature to use an additional 3-5 percent memory.
“Our initial launch targeted spirit -like attacks which could leak any data from a given renderer process,” Google engineers said in a blog post. Furthermore, they added,
“Site separation can now handle even severe attacks where the renderer process has fully come to terms via a security bug, such as memory corruption bugs or Universal Cross-Site Scripting (UXSS) logic errors.”
Keep following us for more updates #TeamBugNResearch.