Firefox “Site Isolation” Will Protect Users From Spectre-style Attacks
Mozilla has announced an overhaul of Firefox with Project Fisson, which will protect the browser form Spectre-class attacks.
Mozilla's Project Fission includes a technology called “site isolation” that works by splitting Firefox code in isolated OS processes. This means that each website has its own computer process.
The project will help in protecting users from Spectre and Meltdown attacks that steal highly sensitive data (passwords and encryption keys) from the browser. Additionally, the attacks also exploit the computer processors and operating systems; site isolation will not let the attacks spread over the entire PC.
"We aim to build a browser which isn't just secure against known security vulnerabilities, but also has layers of built-in defense against potential future vulnerabilities," said Nika Layzell, a Firefox platform engineer. "To accomplish this, we need to revamp the architecture of Firefox and support full Site Isolation. We call this next step in the evolution of Firefox’s process model "Project Fission. While Electrolysis split our browser into Content and Chrome, with Fission, we will "split the atom", splitting cross-site iframes into different processes than their parent frame."
The Firefox team is expecting the roll out by the end of the month.
Google Chrome introduced a similar effort back in May 2018.
Layzell did not mention how Firefox with Fission will impact your System's memory. Site Isolation brought up the same issue in Google Chrome as well.