Sign in / up

back to article Google's ghost busters: We can scare off Spectre haunting Chrome tabs

Google is touting the benefits of a recently rolled out browser security feature called Site Isolation. Site Isolation has been gradually introduced to users of the Chrome browser over several months, and now Google has officially unveiled this important piece of tech. With Site Isolation is enabled, Chrome runs a different …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Mayday
    Black Helicopters

    Good idea :)

    One thing I've found rather annoying is each page/tab group in incognito mode is in the same "session" Hopefully this sorts it. One reason I've been playing with containers in Firefox lately (certainly for antisocial media).

    5 1 Reply
  2. Cavehomme_

    A bit more journalism please

    This is an interesting development but it appears to be a tarted up announcement from Google.

    A bit more journalistic work would have included a comparison and update of similar features for Firefox and Edge. Many of us have to manage such installations yet don’t have the deep knowledge to fully understand what specific features these other browsers have, if any yet, to mitigate the issues raised in this article.

    Can anyone kindly fill in for El Reg’s tardiness and update us please? Thanks in advance.

    6 11 Reply
    1. Cavehomme_
      Reply Icon

      Re: A bit more journalism please

      Thumbs down for asking for advice? Some of you lot must be like those grumpy bastards on some help desks, or those “helpful “ people on some Linux forums telling newbies to beggar off and go back to using Windows.

      Sigh.

      8 5 Reply
      1. pɹɐʍoɔ snoɯʎuouɐ
        Reply Icon
        Pint

        Re: A bit more journalism please

        i would assume the downvotes would be for the critiquing the quality of journalism from el reg.

        it is Friday after all and you want them to do additional work that 5 min on google will provide you with what you seek....

        but it is Friday, so you should be forgiven for not wanting to do some work at beer-o'clock

        4 0 Reply
        1. Cavehomme_
          Reply Icon
          Pint

          Re: A bit more journalism please

          I guess a beer at 21:37 last night is well deserved, but still, could do with knowing how Firefox and Edge compare to these latest improvements to Chrome. I hate Google, but I'll even stoop to using their browser if it's more secure than my favourite Firefox, and even that half attempt at a good browser called Edge.

          1 2 Reply
  3. _LC_
    Holmes

    I hate to be the one who pees in the coffee

    I hate to be the one who pees in the coffee, but Vladimir Kiriansky and Carl Waldspurger uncovered two more Spectre flaws in Intel processors. They have been labeled Spectre 1.1 and 1.2.

    From Tom's Hardware (https://www.tomshardware.co.uk/intel-arm-new-spectre-flaws,news-58807.html):

    "The researchers noted in their paper that currently no effective static analysis or compiler instrumentation can even detect or mitigate Spectre 1.1. They also added that Spectre v1 mitigations can stop only subset of the possible attacks against that flaw.

    ...

    ... hardware changes will be necessary for true long-term fixes that can stop Spectre flaws from appearing."

    The fact that browsers run JavaScript (and WebAssembly) will make fixing them close to impossible.

    We need to get the hardware fixed. Intel still releasing FULLY BOGUS new chips makes it obvious that they don't feel enough pressure. I hope the lawsuits make it through and change something, otherwise what remains is digging holes in the water.

    4 5 Reply
    1. David Taylor 1
      Reply Icon

      Re: I hate to be the one who pees in the coffee

      Perhaps you could make your entirely off-topic comment on the post about the new Spectre variants?

      1 3 Reply
      1. _LC_
        Reply Icon

        Re: I hate to be the one who pees in the coffee

        What is he trying to tell me?

        0 0 Reply
    2. Cuddles
      Reply Icon

      Re: I hate to be the one who pees in the coffee

      "I hate to be the one who pees in the coffee, but Vladimir Kiriansky and Carl Waldspurger uncovered two more Spectre flaws in Intel processors. They have been labeled Spectre 1.1 and 1.2."

      Given that El Reg reported on it earlier than the site you link, I'm not sure exactly whose coffee you think you're peeing in. I'm also not sure how you think mentioning variants on the same issue is particularly relevant to Google's work on avoiding the whole thing entirely in Chrome - there's nothing to suggest the new variants will break the mitigation, so they're really not relevant here.

      4 1 Reply
      1. _LC_
        Reply Icon

        Re: I hate to be the one who pees in the coffee

        "Given that El Reg reported on it earlier than the site you link, I'm not sure exactly whose coffee you think you're peeing in."

        They did, but somehow I can't find the more critical comments of the researchers in there. To me, The Register's version sounds overly positive.

        "I'm also not sure how you think mentioning variants on the same issue is particularly relevant to Google's work on avoiding the whole thing entirely in Chrome..."

        Oh, they did so? Have they turned off scripting entirely now?

        Which part of

        >> The researchers noted in their paper that currently no effective static analysis or compiler instrumentation can even detect or mitigate Spectre 1.1. <<

        do you not understand?

        1 2 Reply
        1. GnuTzu
          Reply Icon

          Re: I hate to be the one who pees in the coffee

          Well, I've lost track of all the variants--not that I'm trying very hard. So, maybe it's time for a round-up on this.

          3 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    Bad Morning

    Comment removed due to lack of coffee clouding judgement.

    1 1 Reply
  5. Ozzard
    Boffin

    Ooh, what a lovely DoS attack vector...

    Imagine a little bit of Javascript on a drive-by that creates a thousand invisible iframes on the page and points each one to a page from a different domain...

    4 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    I don't suppose if I end up being that 1% being deliberately held back...and I get pwned by something...I can sue Google for withholding fixes for a known security risk?

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like