by Martin Brinkmann on July 12, 2018 in Google Chrome – No comments
Google integrated the Site Isolation, or Strict Site Isolation, security feature in Chrome 63 but did not enable it by default until it released Chrome 67.
The company revealed today that it has enabled Site Isolation in 99% of all Chrome installations for the desktop as of Chrome 67. The remaining 1% of installations without Site Isolation is used as a control group to monitor performance and issues.
Google plans to enable Site Isolation in Chrome for Android but has yet to reveal the version it plans to turn the security feature on by default.
Enterprise users may use policies to enable Site Isolation starting in Chrome 68 for Android, and there is also a manual option to turn the feature on right now.
Site Isolation separates a site’s render process from others which improves security and provides mitigation against Spectre-class vulnerabilites like the recently discovered Spectre 1.1 and 1.2.
Enable Site Isolation in Chrome for Android
Android users who run Chrome on the device may enable Site Isolation in the browser.
Note that Site Isolation increases the memory usage of the browser and that Google mentioned that it has to address known issues that still exist. Google did not reveal what those issues are that are specific to Chrome on Android. It is easy enough to turn off Site Isolation should you run into these issues.
So, here is how you enable the security feature in Chrome for Android:
- Open Google Chrome on the Android device.
- If you are not sure about the version of Chrome, check it with taps on Menu > Help & Feedback > Menu > Version Info.
- Load chrome://flags/#enable-site-per-process in the browser’s address bar.
- Set the status of the feature to enabled.
- Activate the restart option that is displayed.
Site Isolation is enabled in Chrome for Android after the restart. You can turn the feature off again by setting the flag to disabled and restarting Chrome. It is best to use Chrome as you normally would to make sure all sites and services work as expected.
There is no blacklist functionality available which means that your only option is to disable Site Isolation if you run into critical errors.
Tip: Firefox supports a similar feature called First-Party Isolation.
Site Isolation increases the memory usage of Chrome as it makes use of more processes. Google’s own benchmarks saw memory usage increase by about 10%-13% on the desktop with Site Isolation enabled.