Microsoft is working on a new Microsoft Edge security feature called Super Duper Secure Mode. One of the core abilities of the tool is it can disable JavaScript just-in-time (JIT) compiler. This provides the benefit of adding several new security services to the Edge browser.
Jonathan Norman, the head of Microsoft Edge Vulnerability Research, announced the feature in a blog post. However, Super Duper Secure Mode is currently just an experiment running in Edge preview builds for select users.
And, yes, the name is a little ridiculous. I hope it is just a fun placeholder and Microsoft will change it officially on full launch. Norman says the majority of vulnerabilities that happen in V8 JavaScript come from JIT.
This happens because the compiler is a “remarkably complex process that very few people understand and it has a small margin for error”.
Edge Without JIT
When JIT is turned off, Microsoft Edge can add protections that have previously been unavailable for the compiler. Norman points out this was a problem because the engine runs content that is not always secure:
“This is unfortunate because the renderer process handles untrusted content and should be locked down as much as possible,” Norman says.
“By disabling JIT, we can enable both mitigations and make exploitation of security bugs in any renderer process component more difficult.
“This reduction in attack surface kills half of the bugs we see in exploits and every remaining bug becomes more difficult to exploit. To put it another way, we lower costs for users but increase costs for attackers.”
Importantly, Super Duper Secure Mode does not seem to be a major hog on Edge performance without JIT.
“Our tests that measured improvements in power showed 15% improvement on average and our regressions showed around 11% increase in power consumption. Memory is also a mixed story with negatively impacted tests showing a 2.3% regression, but a larger gain on the tests that showed improvements,” Norman adds.
“Page Load times show the most severe decrease with tests that show regressions averaging around 17%. Startup times, however, have only a positive impact and no regressions.”
Tip of the day: Do you often experience PC freezes or crashs with Blue Screens of Death (BSOD)? Then you should use Windows Memory Diagnostic to test your computers RAM for any problems that might be caused from damaged memory modules. This is a tool built into Windows 10 which can be launched at startup to run various memory checks.
Last Updated on February 14, 2022 8:22 pm CET by Luke Jones
