Microsoft is experimenting with a new feature for the Edge browser called Super Duper Secure Mode. Before you get your hopes up, the name isn't final because it's too early for "something official."
Announced by Microsoft's Browser Vulnerability Research team, the new experiment disables JIT (Just-In-Time) compilations from the V8 rendering engine. According to a CVE (Common Vulnerabilities and Exposures) survey, nearly 49 percent of attacks took advantage of the pipeline within the V8 engine.
Over half of Chrome's exploits also abused a bug in JIT. The reason this compilation is not disabled by developers is because of the significant boost in browsing speeds it provides.
If one were shut the process down, it eliminates half of the bugs that are exploited in the wild. The tradeoff of course, will be performance. Microsoft says early testing so far has been positive and the team found that, "users with JIT disabled rarely notice a difference in their daily browsing."
The team also found that, "disabling the JIT does not always have negative impacts. Our tests that measured improvements in power showed 15% improvement on average and our regressions showed around 11% increase in power consumption."
The one thing to note however is that disabling JIT does lead to dramatically lower scores on Speedometer 2.0 in JavaScript tests.
If you want to test the new feature for yourself, you are going to need a preview build of Microsoft Edge and type in edge://flags/#edge-enable-super-duper-secure-mode in the address bar. You should now get a page that enables you to toggle the new feature.
Rohith Bhaskar, Moneycontrol
_________________________
0 facebook:
Post a Comment