[ksml]

This is really interesting. Prior to this, Firefox's isolation model was much weaker than Chrome's due to only having a pool of 8 content processes. If I'm reading the technical blog correctly [1], this will move to a process-per-site model without also doing process-per-tab as Chrome does, i.e. if you have several tabs open on the same site, they'd be in the same process. This seems much less resource intensive than Chrome's model while still delivering similar security properties.

[1] https://hacks.mozilla.org/2021/05/introducing-firefox-new-si...

[chimeracoder]

> process-per-tab as Chrome does

This is a common misconception. Chrome doesn't technically do process-per-tab.

Chrome's model can most succinctly be described as process-per-domain, although even then, there are rare instances where two tabs opened on different domains will actually share the same process.

[chrismorgan]

It’s a misconception that Google fostered right from the start.

They did advertise Chrome as process-per-tab: https://www.google.com/googlebooks/chrome/big_04.html, pages 6 and 7 also definitely agree. (I haven’t read all through it again now, but I should also note that the process in the very centre of https://www.google.com/googlebooks/chrome/big_38.html shows what appears to be two tabs under it, which supports it not necessarily being process-per-tab.)

But either it never actually was, or they abandoned it as impractical even before release (https://stackoverflow.com/q/42804 has answers agreeing it isn’t process-per-tab on the day after the first release). So either Google lied, or they released the comic including a glaring and rather significant factual error (even if it had been true when Scott first drew the pages).

It’s frustrating when parties pull these shenanigans, making big claims around things like security and performance predicated on points that are simply not true, but never retracting those points properly or repudiating them, so that the misconception persists.

[staticassertion]

It's "scheme + eTLD + 1", with a flag to set it to per origin.

[ComodoHacker]

Sadly, process-per-site also means memory usage will skyrocket, which linked post doesn't mention.

It's ridiculous to think that a budget laptop with 4 GB of RAM suddenly isn't enough to browse the Web comfortably. All thanks to Meltdown and Spectre.

[medstrom]

If browsers are careful not to use CPU and mem, web developers will just bloat their sites even more because there is room for it. Let browsers bloat, it will slow down website bloat.

[xuhu]

Let's steal everything we can grab, it will slow others from stealing.

Let's buy all the toilet paper, it will slow others from buying toilet paper.

[nextos]

Complementary to this, one can use the Temporary Containers addon to get isolation of e.g. cookies. I've set it up to run one container per domain, and it works really well. I hope they merge this into Firefox at some point.

[croutonwagon]

I ended up having to disable my containers plugin due to syncing issues and later...CPU usage. It wasnt terrible on a better processor (like 1-2 cores 50-100% consistent usage) but on my old core2duo thinkpad it was basically useless. And on any laptop that was unacceptable.

I like the idea of containers, and will probably revisit periodically to see if whatever was fubar on my account is resolved (theres none/if any logging, so its hard to really dig in)

[WhyNotHugo]

How did you set it up to use one container per domain?

I'm using Temporary Containers, but if I visit `somedomain.com`, close it, and come back later, I get a new temporary container.

[fragileone]

First Party Isolation is the native version of this (AKA Total Cookie Protection). Set Enhanced Tracking Protection to Strict to enable it.