Microsoft Edge Has an ‘Enhanced Security’ Mode That Disables the JIT
Sergiu Gatlan, writing for Bleeping Computer in 2021 (thanks to Kevin van Haaren):
Microsoft has announced that the Edge Vulnerability Research team
is experimenting with a new feature dubbed “Super Duper Secure
Mode” and designed to bring security improvements without
significant performance losses. When enabled, the new Microsoft
Edge Super Duper Secure Mode will remove Just-In-Time Compilation
(JIT) from the V8 processing pipeline, reducing the attack surface
threat actors can use to hack into Edge users’ systems.
Based on CVE (Common Vulnerabilities and Exposures) data
collected since 2019, around 45% of vulnerabilities found in the
V8 JavaScript and WebAssembly engine were related to the JIT
engine, more than half of all “in the wild” Chrome exploits
abusing JIT bugs.
“Super Duper Secure Mode” was a funner name, but they settled on “Enhanced Security Mode”.
This is why Apple considers BrowserEngineKit — which is complex and requires a special entitlement with stringent requirements to use — necessary for complying with the DMA’s mandate to allow third-party browser engines. JITs are inherently vulnerable. It’s not about known bugs — it’s the unknown bugs.
The anti-WebKit peanut gallery responded to my piece on JITs yesterday with a collective response along the lines of “Who’s to say WebKit’s JIT is any more secure than Chrome’s or Gecko’s?” That’s not really the point, but that answer is, Apple is to say. iOS is their platform and they’ve decided that it’s better for the platform to reduce the attack surface to a single browser engine, WebKit, the one they themselves control. And Apple isn’t saying WebKit as a whole, or its JavaScript JIT compiler in particular, is more secure than Chrome or Gecko. They’re saying, implicitly, that it’s safer to have just one that they themselves are fully responsible for. And that the safest way to comply with the DMA’s mandate to allow third-party rendering engines is via a stringent framework like BrowserEngineKit.
You might think it would be just fine for iOS to work just like MacOS, where you can install whatever software you want. But Apple, expressly, does not. iOS is designed to be significantly more secure than MacOS.
★
Sergiu Gatlan, writing for Bleeping Computer in 2021 (thanks to Kevin van Haaren):
Microsoft has announced that the Edge Vulnerability Research team
is experimenting with a new feature dubbed “Super Duper Secure
Mode” and designed to bring security improvements without
significant performance losses. When enabled, the new Microsoft
Edge Super Duper Secure Mode will remove Just-In-Time Compilation
(JIT) from the V8 processing pipeline, reducing the attack surface
threat actors can use to hack into Edge users’ systems.
Based on CVE (Common Vulnerabilities and Exposures) data
collected since 2019, around 45% of vulnerabilities found in the
V8 JavaScript and WebAssembly engine were related to the JIT
engine, more than half of all “in the wild” Chrome exploits
abusing JIT bugs.
“Super Duper Secure Mode” was a funner name, but they settled on “Enhanced Security Mode”.
This is why Apple considers BrowserEngineKit — which is complex and requires a special entitlement with stringent requirements to use — necessary for complying with the DMA’s mandate to allow third-party browser engines. JITs are inherently vulnerable. It’s not about known bugs — it’s the unknown bugs.
The anti-WebKit peanut gallery responded to my piece on JITs yesterday with a collective response along the lines of “Who’s to say WebKit’s JIT is any more secure than Chrome’s or Gecko’s?” That’s not really the point, but that answer is, Apple is to say. iOS is their platform and they’ve decided that it’s better for the platform to reduce the attack surface to a single browser engine, WebKit, the one they themselves control. And Apple isn’t saying WebKit as a whole, or its JavaScript JIT compiler in particular, is more secure than Chrome or Gecko. They’re saying, implicitly, that it’s safer to have just one that they themselves are fully responsible for. And that the safest way to comply with the DMA’s mandate to allow third-party rendering engines is via a stringent framework like BrowserEngineKit.
You might think it would be just fine for iOS to work just like MacOS, where you can install whatever software you want. But Apple, expressly, does not. iOS is designed to be significantly more secure than MacOS.