Security is a game of cat and mouse. Attackers will continue to innovate attack methods, and browser vendors are also adopting new defensive measures to stay ahead. Chrome continues to build a more powerful multi-process architecture on the basis of the sandbox and website isolation. Through the integration of fuzzy processing, a stronger security line of defense is built for users. But this main line of defense has reached its limit, and Google can no longer rely solely on this strategy to defeat brutal attacks.
Chrome software engineers pointed out in a report released on May 23 last year that 70% of serious security vulnerabilities came from memory security issues. More importantly, half of the security flaws in the Chrome browser are use-after-free vulnerabilities. These security problems come from the incorrect management of the memory pointer, which makes the Chrome browser further attacked.
Sacrificing performance in exchange for safety
Today, the Chrome security team announced their solutions to browser memory security issues, one of which involves performance at the expense. The Google Chrome security team consists of Andrew Whalley, Dana Jansens, Adrian Taylor, and Nasko Oskov. The team further enumerated the mentioned statistics of security vulnerabilities from memory security flaws.
The three options include
- Check whether the pointer is correct by compile-time to make C++ safer
- Checking whether the pointer is correct through runtime makes C++ more secure
- Research the use of memory-safe languages in some codes in the codebase
Therefore, in order to cope with the common errors in browser memory management, the developers of the Chrome browser proposed the idea of making it more secure by adding runtime checks. Although runtime checking makes Chrome’s C++ language more secure than ever, and not affected by memory security vulnerabilities, it also has some performance costs. The security team further wrote: Checking the correctness of the pointer is an infinitely small cost in terms of memory and CPU time. But for millions of pointers, it will increase.
In other words, the repair of memory defects may be at the cost of some memory and CPU time. Therefore, the overall performance of the browser is affected. For users of the Chrome browser, this trade-off becomes more obvious, because their devices do not have the highest performance CPU and lack memory. Therefore, additional runtime checks may cause the performance of web browsing to slow down slightly.
However, the Chrome security team still pointed out that it is willing to experiment with safer but slower options. But the team is also working hard to write a different language for the browser without additional runtime.
