Home Browsers Firefox previews site-isolation tech in move to catch up to Chrome

Firefox previews site-isolation tech in move to catch up to Chrome

343
10

Mozilla on Tuesday announced that a years-long effort to harden Firefox’s defenses can now be previewed in the browser’s Nightly and Beta builds.

Debuting as “Project Fission” in February 2019, the project was also linked to the more descriptive “site isolation,” a defensive technology in which a browser devotes separate processes to each domain or even each website, and in some cases, assigns different processes to site components, such as iframes, so they are rendered separately from the process handling the overall site.

The idea is to isolate malicious sites and components — and the attack code they harbor — so one site cannot exploit an unknown vulnerability or one still unpatched, then plunder the browser, or the device, or a device’s memory of crucial information. That information could include authentication credentials, confidential data, and encryption keys.

“Site Isolation builds upon a new security architecture that extends current protection mechanisms by separating (web) content and loading each site in its own operating system process,” senior platform engineer Anny Gakhokidze wrote in a May 18 post to Mozilla’s Hacks site. “To fully protect your private information, a modern web browser not only needs to provide protections on the application layer but also needs to entirely separate the memory space of different sites,” she continued.

Remember Spectre? How about Meltdown?

Site Isolation wasn’t new when Mozilla brought it up two years ago.

The term had been used by Google in late 2017, when it began talking about new defensive features it would add to Chrome and implementing the first iteration of the technology. Although the Mountain View, Calif. company had been working on site isolation for much of that decade, it added the technology to Chrome in late 2017 and waited until mid-2018 to switch it on for most users.

Fortuitously, site isolation was an answer to Spectre and Meltdown, entirely new classes of vulnerabilities that went public in early 2018. The flaws, which were found in a vast array of hardware, notably PC and server processors, as well as in software — particularly browsers — caused an instant sensation and an industry-wide mitigation effort on the part of everyone from Intel and Lenovo to Microsoft and Google, whose engineers had been the ones to uncover Spectre.

Mozilla, like other browsers not crafted by Google, was forced instead to create ad hoc defenses against Spectre and Meltdown. But it also pledged to follow Chrome’s lead to site isolation, even though that work would require it to “revamp the architecture of Firefox,” obviously a major undertaking.

Copyright © 2021 IDG Communications, Inc.

10 COMMENTS

  1. 200302 30563Aw, this was a very nice post. In concept I wish to put in writing like this moreover ?taking time and precise effort to make an superb post?but what can I say?I procrastinate alot and undoubtedly not appear to get one thing done. 956265

  2. 206659 90377I observe there is actually a lot of spam on this weblog. Do you want aid cleaning them up? I may well aid in between courses! 353924

  3. 327049 91127Im so happy to read this. This really is the type of manual that needs to be given and not the accidental misinformation thats at the other blogs. Appreciate your sharing this greatest doc. 6033

  4. 694664 283787I discovered your weblog web site on google and check several of your early posts. Proceed to keep up the excellent operate. I just extra up your RSS feed to my MSN News Reader. In search of ahead to studying extra from you in a while! 334410

  5. 283114 594Undoubtedly,Chilly spot! We stumbled on the cover and Im your personal representative. limewire limewire 881377

  6. 769456 136031hi, your web site is wonderful. I truly do numerous thanks for operate 217539

  7. 629149 129146A thoughtful insight and suggestions I will use on my site. Youve naturally spent some time on this. Congratulations! 837408

  8. 551974 835706Most reliable human being messages, nicely toasts. are already provided gradually during the entire wedding celebration and therefore are anticipated to be quite laid back, humorous and as nicely as new all at once. greatest man speech 700262

  9. На сайте https://sexvsochi.com подберите для себя интересную, красивую и привлекательную девушку для приятной интимной близости. Ее можно вызвать на несколько часов либо всю ночь, чтобы классно развлечься. Возможно, у нее есть симпатичная подружка, которую вы сможете пригласить для яркой интимной близости. Все девушки отличаются привлекательными формами, красивой внешностью, нежным взглядом и ласковыми руками. Они станцуют стриптиз, а также выполнят массаж. А за свои услуги возьмут немного. Они могут выехать на любой объект: в апартаменты, на квартиру, либо пригласят к себе.

LEAVE A REPLY

Please enter your comment!
Please enter your name here