Latest Chrome update brings Spectre fix for Android

Google Chrome team has just released new versions of the browser for Desktop and for Android. The PC variant brings “Not Secure” for all HTTP pages, while the mobile version comes with a fix against the Spectre vulnerability. The smartphone browser also gets a horizontal tab switcher that looks like the Android P Recent menu.

The Spectre fix works quite simply. The update brings an enterprise policy, enabled by default, called Site Isolation that renders pages in separate processes to prevent malicious websites from getting any sensitive information like passwords, cookies, and additional data. It can be turned on and off manually with the “chrome://flags/#enable-site-per-process” flag.

Chrome started by introducing “Not Secure” notification in the Omnibar back in February, and now after a report that 76% of the traffic is secured, the developers decided to go along and mark all http pages as insecure. When you enter the page, the warning will sit next to the URL in the address bar, but if you try to type in any info, including sensitive data like emails or passwords, the Omnibar will show the “Not Secure” tab in red.

Source