[zetafunction]

There are three separate attacks.

Site isolation mitigates variant 1 of Spectre, which allows same-process reads.

It doesn't protect against variant 2 of Spectre, which could allow cross-process reads. While this is believed to be much harder to exploit than the first variant, there are several mitigations in development:

- Reduce the reliability of timing gadgets from JS

- Compiler defenses like LLVM's -mretpoline

- Intel's IBRS microcode update

As you mentioned, site isolation also won't help against Meltdown, which allows disclosure of kernel memory: this requires the kernel page table isolation patches.

[floil]

This is correct.

[zzzcpan]

So, suggesting Site Isolation as a mitigation is a security theater from Google to calm down some users, but it doesn't actually help anyone. The real mitigation is disabling javascript by default, which Google can never suggest.

[Certhas]

No.

- If you have an AMD CPU or run a Kernel with KPTI you are protected from Meltdown.

- If you have an AMD CPU or compile the browser with retpoline you are protected from the second variant of Spectre (branch misprediction).

- If you have site isolation you are protected from the first variant of Spectre (bound check).

Thus, as it stands (and my understanding is that more variants will inevitably be found), this feature alone mitigates the known attacks on AMD hardware.

Of course the real mitigation is to air-gap your computer and only run code you have proven to be secure by hand. But Google can never suggest that. /s

[dralley]

Not true, the second variant of Spectre is harder to exploit on AMD, but possible.

AMD is pushing microcode updates to close those holes, too.

[kllrnohj]

https://www.amd.com/en/corporate/speculative-execution

"Variant Two

Branch Target Injection

Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date."

And although Project Zero had multiple AMD test machines they did not make any claims that AMD was also vulnerable to variant 2. Can you link to any PoC that has gotten variant 2 to work on AMD?

[rst]

Site isolation mitigates variant 1 of Spectre, which would otherwise allow hostile JS (served, e.g., from an ad server) to read the contents of web pages in other tabs (or anything else in browser memory -- passwords, etc.). Google has a PoC exploit for this.

[floil]

It's not just other tabs: because of iframes, a single page can be composed of content from arbitrarily many sites. Without a browser architecture that allows documents embedded via iframe to be rendered out of process, each tab's process needs access to passwords, etc for every site.

Once you have support for out of process iframes, you can lock down each process so that it doesn't have access to data for sites other than the one it was created to render documents for. That lockdown is what can prevent Spectre variant 1 from being used to steal data cross-site: the data is no longer in the process to steal.