Spectre and Meltdown are catastrophic vulnerabilities that affected all modern processors. They were so severe that Intel decided to pay out a $100,000 bug bounty. Software patches for it are available, but they impact system performance. Google is fixing the vulnerability for Chrome, but it will make it use more RAM than ever before.
The fix
Google is using something called site isolation to fix the bug. Site isolation is a significant change to Chrome’s behavior under the hood, but unfortunately, it takes about 10-13% more RAM than before.
Site isolation has been enabled for 99% of Chrome users on Windows, Mac, Linux, and Chrome OS. However, if you wish to opt-out of this, simply enable the flag: chrome://flags/#site-isolation-trial-opt-out.
What’s coming
Google is looking at expanding it to Android, but there are some issues currently. Google is offering cash rewards to researchers who submit security bugs through Google’s Chrome Vulnerability Reward Program.
Source: Chromium, Google Security
