Site Isolation, the optional security feature added to Chrome 63 late last year to serve as protection against Spectre information disclosure attacks, has been enabled by default for all desktop Chrome users who upgraded to Chrome 67.
How Site Isolation mitigates risk of Spectre attacks
Site Isolation limits each renderer process to documents from a single site, so that attacks between sites (i.e., domains) are prevented.
“This means all navigations to cross-site documents cause a tab to switch processes. It also means all cross-site iframes are put into a different process than their parent frame, using “out-of-process iframes,'” Reis added.
Site Isolation has also been designed to include a feature called Cross-Origin Read Blocking (CORB), which tries to transparently block cross-site HTML, XML, and JSON responses from the renderer process, so that an attacker’s page can’t access and leak information from cross-site URLs by requesting them as subresources (e.g., images or scripts).
This change in Chrome architecture is pretty substantial, and comes, for the moment, with a 10-13% total memory overhead in real workloads due to the larger number of processes.
But, aside from that, users shouldn’t even notice that the feature is working under the hood.
Site Isolation has been enabled for 99% of users on Windows, Mac, Linux and Chrome OS, but not for users of Chrome for Android (for performance reasons).
Google is also trying to motivate bug hunters to search for vulnerabilities in Site Isolation by temporarily increasing reward amounts for those specific bugs.