Chrome for Android Enables Site Isolation Security Feature [thehackernews]
After enabling ‘Site Isolation‘ security feature in Chrome for desktops last year, Google has now finally introduced ‘the extra line of defence’ for Android smartphone users surfing the Internet over the Chrome web browser.
In brief, Site Isolation is a security feature that adds an additional boundary between websites by ensuring that pages from different sites end up in different sandboxed processes in the browser.
Since each site in the browser gets its own isolated process, in case of a browser flaw or Spectre like side-channel vulnerability, the feature makes it harder for attackers or malicious websites to access or steal cross-site data of your accounts on other websites.
Site Isolation helps protect many types of sensitive data, including authentication cookies, stored passwords, network data, stored permissions, as well as cross-origin messaging that help sites securely pass messages across domains.
The feature gained attention in January 2018, when it was in the experimental zone and two critical CPU vulnerabilities were discovered, called Spectre and Meltdown, that allowed malicious websites to launch speculative side-channel attacks directly from the browser.
For more, click here.