Get up to date Tech &Security related news and books to become a Hacker

Breaking

Saturday, December 9, 2017

Here's How to Enable Chrome "Strict Site Isolation" Experimental Security Mode

Google Chrome 63, which shipped yesterday evening, arrived with a new experimental feature called Strict Site Isolation that according to Google engineers is an additional security layer on top of Chrome's built-in sandboxing technology.

While Google engineers have not explained the intricate differences between the default Chrome sandbox and Site Isolation, according to Google, the Strict Site Isolation feature puts "even stronger security boundaries between websites than Chrome’s existing sandboxing technology."

This is how Google describes the Strict Site Isolation feature in a support page:

Google’s site isolation feature improves security for Chrome browser users. When you enable site isolation, content for each open website in the Chrome browser is always rendered in a dedicated process, isolated from other sites. This creates an additional security boundary between websites.

The feature is not enabled for all users by default. The reason is that Google is still working on improving Site Isolation, and says that if users turn it on in Chrome 63, they "will increase memory usage by approximately 10–20%."
If this is not an issue for some of our readers, these are the two easiest ways to enable Site Isolation right now.

Via a Chrome flag

Step 1: Type chrome://flags and press Enter.
Step 2: Scroll down the page and find "Strict site isolation" and press the Enable button. Alternatively, copy and access the following URL to take you to the Site Isolation flag directly: chrome://flags/#enable-site-per-process
Step 3: Restart the Chrome browser.

Enabling site isolation feature via Chrome flags

Via a command line flag

Step 1: Find your Google Chrome icon/shortcut and double-click on it.
Step 2: Select Properties from the drop-down menu.
Step 3: Select the Shortcut tab.
Step 4: In the Target field, add the following text "--site-per-process" at the end of the shortcut path and hit Save.

Adding a shortcut command-line flag for the Chrome site isolation feature

The Site Isolation feature is part of a larger set of features Google included in Chrome 63 specifically for its enterprise userbase. The other new enterprise-friendly Chrome features are:

◈ Domain admins can now whitelist or blacklist Chrome extensions based on the permissions they require. For example, a domain admin can issue a company-wide group policy to block all Chrome extensions that ask for the webcam permission during their installation and all of the company's Chrome browsers will refuse to install such extensions.
◈ Chrome 63 now supports the latest TLS 1.3 standard, which will be enabled for all outgoing connections.
◈ Chrome 63 supports the NTLMv2 authentication protocol.

No comments:

Post a Comment