Teacher
Professional
- Messages
- 2,669
- Reaction score
- 829
- Points
- 113
Mozilla is testing a new feature in beta versions of Firefox that will allow the browser to separate each site into a separate process from the operating system's point of view. In essence, this is the famous "Site Isolation" that Chrome developers implemented more than three years ago.
To date, Firefox opens a privileged parent process at startup, eight processes for web content, about two additional processes for content, and four processes for extensions, GPU operations, and network activity.
In other words, the Internet browser has a certain number of processes, which is not very good from the point of view of user security. In this case, a malicious site can get into a process that is already occupied by a legitimate resource, as a result of which they will share memory between two people.
Using attacks like Spectre (through third-party channels), malicious site administrators can gain access to data from another resource that takes up the same process. Of course, this principle opens up both passwords and other important user data for possible compromise.
If browser developers use so-called site isolation, each site will receive a personal process, and even the built-in elements of a third-party resource will be allocated to a separate process. This principle helps protect your memory from unauthorized access to malicious web resources.
"The potential attack vector allows a malicious site to embed a frame on a legitimate resource, which will lead to a leak of confidential information. With site isolation, Firefox will effectively prevent such cyberattacks, " Mozilla developers write in a blog post.
