The threats we face on the internet are more advanced than ever before. This is why it is always a good idea to keep your apps up to date and install the latest security patches when available. If you’re on Android 16, Google has a new Advanced Protection feature for Chrome, which the company has detailed in a new blog post.
Chrome Advanced Protection on Android
According to Google, there are three main Advanced Protection features on Chrome for Android. This includes the “Always use secure connections”. This will notify users when it attempts to load a website that still uses an HTTP connection instead of HTTPS.
Note that websites that use an HTTP connection aren’t necessarily shady or malicious. However, Chrome will notify users and ask for permission to load the website. This gives users the choice if they know what they’re doing. You can check if the feature is enabled by going to Advanced Protection from Chrome Settings > Privacy and security > Always use secure connection.
JavaScript optimizations
The next feature is optimizing JavaScript compilers inside V8. This is designed to prevent a variety of exploits, which is a good thing.
Google says, “The optimizing compilers in V8 make certain websites run faster, however they historically also have been a source of known exploitation of Chrome. Of all the patched security bugs in V8 with known exploitation, disabling the optimizers would have mitigated ~50%.”
However, the company points out that disabling the optimizer can cause performance issues for some websites.
Site Isolation
Last but not least, Advanced Protection lets users load each website in its own rendering OS process in memory. It’s called Site Isolation, which prevents a potentially malicious website from accessing data or code from another website.
According to Google, “This means that different websites, even if loaded in a single tab of the same browser window, are kept completely separate from each other in memory. This isolation prevents a malicious website from accessing data or code from another website, even if that malicious website manages to exploit a vulnerability in Chrome’s renderer—a second bug to escape the renderer sandbox is required to access other sites.”
The feature is available on desktop by default. But due to possible memory constraints on Android, it only works on devices with 4GB of RAM or higher. However, Google says that there are instances it will trigger without Advanced Protection. For instance, if users attempt to log into the website or submit a form.
RELATED POSTS
View all
