Google Chrome 63, which shipped yesterday evening,
arrived with a new experimental feature called Strict Site Isolation
that according to Google engineers is an additional security layer on
top of Chrome's built-in sandboxing technology.
While Google engineers have not explained the intricate differences between the default Chrome sandbox and Site Isolation, according to Google, the Strict Site Isolation feature puts "even stronger security boundaries between websites than Chrome’s existing sandboxing technology."
This is how Google describes the Strict Site Isolation feature in a support page:
The feature is not enabled for all users by default. The reason is that Google is still working on improving Site Isolation, and says that if users turn it on in Chrome 63, they "will increase memory usage by approximately 10–20%."
If this is not an issue for some of our readers, these are the two easiest ways to enable Site Isolation right now.
The Site Isolation feature is part of a larger set of features Google included in Chrome 63 specifically for its enterprise userbase. The other new enterprise-friendly Chrome features are:
While Google engineers have not explained the intricate differences between the default Chrome sandbox and Site Isolation, according to Google, the Strict Site Isolation feature puts "even stronger security boundaries between websites than Chrome’s existing sandboxing technology."
This is how Google describes the Strict Site Isolation feature in a support page:
Google’s
site isolation feature improves security for Chrome browser users. When
you enable site isolation, content for each open website in the Chrome
browser is always rendered in a dedicated process, isolated from other
sites. This creates an additional security boundary between websites.
The feature is not enabled for all users by default. The reason is that Google is still working on improving Site Isolation, and says that if users turn it on in Chrome 63, they "will increase memory usage by approximately 10–20%."
If this is not an issue for some of our readers, these are the two easiest ways to enable Site Isolation right now.
Via a Chrome flag
Step 1: Type chrome://flags and press Enter.
Step 2: Scroll down the page and find "Strict site isolation" and press the Enable button. Alternatively, copy and access the following URL to take you to the Site Isolation flag directly: chrome://flags/#enable-site-per-process
Step 3: Restart the Chrome browser.
Step 2: Scroll down the page and find "Strict site isolation" and press the Enable button. Alternatively, copy and access the following URL to take you to the Site Isolation flag directly: chrome://flags/#enable-site-per-process
Step 3: Restart the Chrome browser.
Via a command line flag
Step 1: Find your Google Chrome icon/shortcut and double-click on it.
Step 2: Select Properties from the drop-down menu.
Step 3: Select the Shortcut tab.
Step 4: In the Target field, add the following text "--site-per-process" at the end of the shortcut path and hit Save.
Step 2: Select Properties from the drop-down menu.
Step 3: Select the Shortcut tab.
Step 4: In the Target field, add the following text "--site-per-process" at the end of the shortcut path and hit Save.
The Site Isolation feature is part of a larger set of features Google included in Chrome 63 specifically for its enterprise userbase. The other new enterprise-friendly Chrome features are:
◈ Domain admins can now whitelist or blacklist Chrome extensions based on the permissions they require.
For example, a domain admin can issue a company-wide group policy to
block all Chrome extensions that ask for the webcam permission during
their installation and all of the company's Chrome browsers will refuse
to install such extensions.
◈ Chrome 63 now supports the latest TLS 1.3 standard, which will be enabled for all outgoing connections.
◈ Chrome 63 supports the NTLMv2 authentication protocol.
◈ Chrome 63 now supports the latest TLS 1.3 standard, which will be enabled for all outgoing connections.
◈ Chrome 63 supports the NTLMv2 authentication protocol.
No comments:
Post a Comment