
Chrome 63: Site Isolation, extension blocking and TLS 1.3 - gabrielbrangers
https://chromeunboxed.com/news/chrome-63-site-isolation-extension-blocking-administrators
======
saurik
> The current method of Multi-process rendering generally uses one process per
> tab but when an event in that tab triggers an action that opens a new page,
> those pages now share the same, singular process. Likewise, if multiple
> domains are visited within a single browser page, the one process is shared
> among all the events. Site Isolation will eliminate this sharing process.

Finally. Chrome's multi-process architecture is insanely great because it
separates rendering from UI from networking from graphics from... etc., but
people always incorrectly talk about how it protects one website from another
by separating them into different processes, when this isn't actually how it
works (particularly if you are actually _using_ the tab feature, in which case
you have so many tabs that Chrome constantly shares processes).

The reality is that not only do I already have a tab associated with my one
critical service--email--in every single renderer process, but attackers can
pretty trivially force a tab with any website they want to end up in their
process. The way this feature is understood by random people--and the way it
is often marketed (which is a big reason people believe this version of how it
works)--is finally going to match reality.

------
dmarlow
Does it still consume infinity GB of RAM to have a dozen websites open at
once? I would love to understand if this is because of the site I have open vs
chrome being a hog.

~~~
natecavanaugh
According to the blog post, this will actually increase RAM usage by 10-20%,
but luckily, it's disabled but default. I'd be super okay with the RAM usage,
if there was a way to keep every tab from loading when opening Chrome. Right
now I have 80 tabs, and restarting my computer or Chrome just gives me a minor
cringe thinking of having to wait while the CPU gets pegged while every tab
loads. Sure, I'm not the common case, but I wish there was an extension for
this, or that it was doable with the extension API, like it is in FF.

------
robbypayne
Looks dope!

