Skip to main content

Google Chrome adds site isolation security measures to Android

(Image credit: Image Credit: CyberHades / Flickr)

Site Isolation, a Google Chrome feature which prevents malicious actors from stealing login credentials typed into the browser, has finally made it to the Android version of the browser.

The news was confirmed yesterday by Google, which added that not all Android-powered devices will be able to take advantage of the new feature just yet.

Site Isolation is a feature for Google Chrome which was developed and released last year. It’s a way to isolate one website from another, so that when a user types in their credentials in one website/tab, hackers wouldn’t be able to steal it from another one.

The tool was released just before Spectre and Meltdown flaws were uncovered. Even though the tool doesn’t help against flaws in the chip itself, it does eliminate the flaw from operating through the browser.

Now, Google is expanding the tool to Android. Whoever has a smartphone with at least 2GB of RAM will be able to use the feature with the version Chrome77. When enabled, Google said it expects the Site Isolation feature to use an additional 3-5 per cent memory.

At the same time, the desktop version of the feature has gotten an upgrade. Now, it is capable of defending against a wider array of possible attacks.

"Our initial launch targeted Spectre-like attacks which could leak any data from a given renderer process," Google engineers said in a blog post. "Site Isolation can now handle even severe attacks where the renderer process is fully compromised via a security bug, such as memory corruption bugs or Universal Cross-Site Scripting (UXSS) logic errors."

Also, it’s not just credentials that are being protected any more. Cookies, network data, stored data and permissions, as well as cross-origin messaging, these are all now under the protection of the Site Isolation tool.