Firefox's Project Fission: better security and more processes
Mozilla is working on a new process model for the Firefox web browser to enable full site isolation in the browser once rolled out.
Firefox's current process model runs the browser user interface and web content in separate processes. Web content is further divided into several processes and you can check out how many by loading about:support in the browser's address bar.
Firefox's current system limits web content processes so that content from different sites may end up in the same process. Cross-site iframes loaded in a tab use the same process as the parent currently.
Mozilla's Project Fission, the codename for the new process model, aims to change that by separating cross-site iframes from their parent to improve security and stability. What that means is that Firefox will create processes for any iframe loaded on a site in individual processes.
Mozilla follows Google's implementation. Google introduced site isolation in Google Chrome last year to limit render processes to individual sites. Google concluded back then that site isolation would improve security and stability of the browser. The downside to using site isolation was that Chrome would use more memory. Initial tests revealed that Chrome used about 20% more memory with site isolation fully enabled in the browser.
Mozilla wants to reach milestone 1 in February 2019; the organization has not set a target for inclusion in stable versions of Firefox as it is a mammoth project that requires effort from nearly any Firefox engineering team.
Milestone 1 lays the groundwork for full site isolation in the Firefox web browser. Firefox users interested in the progress that Mozilla makes in this regard may head over to [email protected] to follow development closely.
Project Fission, full site isolation, protects Firefox from new Meltdown or Spectre CPU flaws that may be discovered in the future. Mozilla patched Firefox to protect against discovered flaws but under Firefox's current architecture, Mozilla would have to adjust Firefox each time a new flaw would be discovered.
With site isolation, Firefox would block any future exploits that may be discovered and improve security and stability generally as well. The trade-off is that Firefox will use more memory once full site isolation launches in the browser. It is too early to tell by how much memory usage will increase; if you assume that it will be in Google's 20% ballpark, it could very well become a problem for some configurations.
Now You: What is your take on Project Fission / full site isolation?Advertisement