Skip to main content

How Chrome and other browsers came together to protect you from Spectre

Image used with permission by copyright holder

During the Google I/O developer conference, Chris Palmer from the Chrome security team talked about how Google and other browser developers scrambled to protect web surfers from Spectre-based attacks. Of the two processor vulnerabilities reported in January, Spectre can theoretically allow hackers to access sensitive data through a compromised website, requiring a different approach in how browsers must now render your favorite sites. 

As previously reported when Spectre was first revealed, part of a processor’s speed is based on predicting the quickest path to the current task’s end result. It tests the outcome using numerous “if/then” avenues, loading this data in local on-chip memory (aka cache). The problem in Spectre is that for all those avenues not taken, the data remains in the cache and can be seen across privilege levels, processes, and web page origins. 

Based on that leftover data, an attacker could insert code into JavaScript that runs in a loop and eventually gains access to “out of bounds” sensitive information. There were solutions available, but they severely hindered the processor’s performance. There were alternatives, but they required cooperation between browser developers that normally were at odds.

Working together for the safety of the web

The alternative method would require changing how web browsers would render a webpage — and this is where competing browser developers worked together to solve the problem. For instance, a webpage is typically comprised of different parts from different origins and rendered as a single page. But there could also be a “hostile” origin in the mix containing an element that can exploit the Spectre vulnerability using what are called “gadgets.” These gadgets can read data generated by the “safe” origins. 

Google’s first fix in Chrome was to turn off a feature called SharedArrayBuffer, so hackers couldn’t keep track of the timing used when data moves from the processor cache to the system memory. Palmer said this method was the easiest route to exploitation.  

“Other browsers did similar things, and we all collaborated to sort of figure out how we were going to do this in a way that doesn’t hurt the web so that we are all on the same page,” he said. “It’s kinda of a happy story that comes out of this is a really good collaboration between the security teams of a lot of different browser vendors. It’s been a great experience for all of us and I think we’re gonna come out with a much better web thanks to the help of everyone.” 

Image used with permission by copyright holder

Another “fix” was to turn off processor speculation on a micro-scale and change the way code is compiled to prevent speculation gadgets. This didn’t provide 100 percent protection but gave Google’s team “breathing room” to develop long-term fixes. 

Site isolation, shown above, was another useful tool against Spectre. It essentially isolates “good” from “bad” origins by assigning each origin with its own render process. Thus, origins are isolated from each other and protected against any origin that suddenly becomes evil. That evil origin can only read its own data. 

Unfortunately, site isolation and the accompanying cross-origin read blocking component will require 10 percent more system memory use, he said. 

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
How to protect your smartphone from hackers and intruders
Can cops and hackers track your phone

Having your smartphone hacked feels like someone robbed your house. Your smartphone doesn't just hold your valuables; it signals to intruders which of your valuables are the most important to you. If something is on the phone you always have with you, then by definition, it's meaningful. This massive invasion of privacy is a gross violation of your personal space, and it may take time to figure out what is missing.

Smartphones, small devices that are constantly online sending and receiving signals, are always a target for criminals. To keep your phone and its contents safe and secure, you need to develop a strategy for protecting your personal information. Here are some tips on how to protect your smartphone from hackers and intruders. The examples below are derived from an iPhone 12 Mini running iOS 14.3 and an LG V40 ThinQ running Android 10.
Update your OS and apps

Read more
I finally switched from Chrome to Mozilla Firefox — and you should too
mozilla firefox chrome review comparison 2020 mozillafirefoxcomentillustration

I have been in an on-and-off relationship with Mozilla Firefox for the past five years. Every time I’d get ecstatic over a major new Firefox update -- hoping to, at long last, break free from the hegemony of Google Chrome -- my hopes would be crushed as soon as I began browsing the web like I normally do.

Firefox's performance would fall noticeably short and struggle to keep up with my workflow, sending me scurrying back to Google Chrome after a few minutes of poking around. No matter how compelling the rest of Mozilla’s offerings were, they could never convince me to hit that "Yes" button whenever Firefox asked whether I’d like to set it as my default browser. Catching up to Chrome almost started to seem like a far-fetched goal for Firefox -- until recently.

Read more