Firefox security update looks to make getting online safer than ever
In addition to enhancing security, Site Isolation will make Firefox faster and stable as well
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Mozilla is currently testing a major new security feature for itsFirefox browserwhich will separate every website into its own process.
Site Isolation is designed to prevent Spectre-like side-channel attacks in the popularopen sourcebrowser.
In a blog post, Anny Gakhokidze, a Senior Platform Engineer at Mozilla working on Site Isolation, explains that it builds upon a new security architecture that extends current protection mechanisms of the browser by making it load each site in its ownoperating systemprocess.
We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.
Click here to start the survey in a new window«
“To fully protect your private information, a modern web browser not only needs to provide protections on the application layer but also needs to entirely separate thememoryspace of different sites—the new Site Isolation security architecture in Firefox provides those security guarantees,” writes Gakhokidze.
Shared processes
In the current scheme of things, upon launch Firefox starts a privileged parent process, which further spawns eight processes for web content, and a maximum of two additional semi-privileged web content processes, along with four utility processes for web extensions, GPU operations, networking, and media decoding.
Gakhokidze explains that while separating the content into eight processes is pretty secure in itself, this arrangement still makes it possible for a malicious site to be placed in the same process as another trusted site.
Since all websites inside a process share the same memory, the untrusted site will be able to read the contents of the shared memory. This gets particularly dangerous when you consider the fact that all online ads, and embedded pages are placed into the same process as the parent page.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Isolated silos
However, with Site Isolation, not only will all websites exist in their own process, each of the embedded elements that are not part of the same site will also be allocated their own processes.
Besides the security benefits of such an arrangement, Gakhokidze also lists a few other advantages as well.
For starters, using more processes to load websites will enable Firefox to efficiently use available resources by spreading work across differentCPUcores. Also, thanks to the siloed approach, tab crashes will not have any impact on websites loaded in different processes.
The Site Isolation feature is currently being tested in nightly and beta builds of the browser, and will make its way into the stable release when the developers consider it to be stable.
ViaZDNet
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Windows PCs targeted by new malware hitting a vulnerable driver
Dangerous Android banking malware looks to trick victims with fake money transfers
Black Friday sale preview at Walmart – the best deals I’d buy starting at just $10
