Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Firefox Privacy

Firefox 'Site Isolation' Feature Enters User Testing, Expected Next Year (zdnet.com) 14

An anonymous reader shares a report: Site Isolation is a modern browser security feature that works by separating each web page and web iframes in their own operating system process in order to prevent sites from tampering or stealing with each other's data. The feature was first deployed with Google Chrome in mid-2018, with the release of Chrome 67. Although initially, Site Isolation was meant to be deployed as a general improvement to Chrome's security posture, the feature came just in time to serve as a protective measure against the Spectre vulnerability impacting modern CPUs. Seeing the feature's success, Mozilla also announced plans to support it with the Firefox browser in February 2019, as part of an internal project codenamed Fission.

For both Google and Mozilla, implementing Site Isolation was a time-consuming operation, requiring engineers to re-write large chunks of their browsers' internal architecture. The process took about two years for both Google and Mozilla. While Site Isolation is now a stable feature inside Chrome, this work is now nearing its completion inside Firefox. According to an update to the Project Fission wiki page, Site Isolation can now be enabled inside versions of Firefox Nightly, the Firefox version where new features are tested.

This discussion has been archived. No new comments can be posted.

Firefox 'Site Isolation' Feature Enters User Testing, Expected Next Year

Comments Filter:
  • by Evtim ( 1022085 ) on Thursday October 22, 2020 @01:17PM (#60636606)

    Somehow I stuck with Firefox all these years even when it had that terrible hit on performance and the HDD (I know, I'm old!) was scratching like mad...because it was easy to set adblocks and such like and I felt they did not deliberately obstruct my quest of not being harassed by ads...

    Well done.

    • Somehow I stuck with Firefox all these years even when it had that terrible hit on performance and the HDD (I know, I'm old!) was scratching like mad...because it was easy to set adblocks and such like and I felt they did not deliberately obstruct my quest of not being harassed by ads...

      Well done.

      I just recently gave up when they redesigned the mobile version to suck horribly. I'd been using Firefox since it first became a thing.

      • I hate the new interface, but for lack of alternatives I stuck with it. Somehow, they lost/dropped a lot of features yet again, so shortly after the new quantum engine. But geezus, it's fast! Feels like Slashdot pages load instantaneously. And it can finally remember my Slashdot login... It's not all bad, it's getting back to becoming usable again for me.
    • I agree. It's sad they couldn't have done their best work a decade ago, when they really needed to compete with Chrome on their merits. I'm afraid now it may be too late for them. Hopefully they can stay relevant. And just for once, I'd like to see them introduce significant new security features NOT first introduced by Chrome.

      At the very least, they're still ahead on general privacy.

  • that didn't think they were operating systems.
  • We need even more isolation. The only way to achieve that is to place each individual DOM object instance in its own unique Docker container, and have them communicate with each other solely via REST interfaces. Only then will the Web be truly safe from bad actors.

  • I'm interested in a different type of site isolation, which would stop advertisers etc. tracking you, without having to rely on a maintained list of tracking companies.

    The idea is, that when browsing a particular site, all cookies set (including third party cookies) are kept in storage specific to the site being browsed (i.e. the site matching the domain in the address bar). E.g. if I'm browsing ZDNet.com, and a Facebook cookie is set, it is still stored somewhere under ZDNet.com cookie storage. If I then

  • I know it isn't exactly the same thing, but I have ran Sandboxie for going on a couple of years now. I create a different sandbox for banking, one for things I login to all the time, and one for going to crap sites where I never login and never plan to. Sandboxie is free and open source now.

    I haven't had any more problems on my Windows machines than I had on my Linux system that I used for about a decade.

    (I still have a Linux server in my closet I can NX into and browse through it, as well).

    • Old post, I realise.

      But just wanted to state, you don't need sandboxie.
      Simply launch firefox with the flags: -profilemanager -no-remote
      To fire up a new instance of firefox and create separate profiles for each area of the web.

      e.g. I have profiles (and firefox processes) specific for emails, another for video sites, another just for atlassian/jira specifically (another rubbish "app" site which consumes gigs of ram), and one normal profile for general day-to-day browsing and news.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...