Super Duper Secure Mode in Edge
The company announced the new security mode via an official post on its Microsoft Browser Vulnerability Research Blog. In the post, lead researcher Jonathan Norman explained that the team is working on a new feature for Edge that “challenges some conventional assumptions held by many in the browser community.” Following this, Norman went on to explain how web browsers struggle to deliver efficient performance while ensuring a secure browsing experience. He also stated that most of the cyber attacks on web browsers aim to leverage the JavaScript engine they use, especially the Just-In-Time (JIT) compilation, which is a complicated pipeline used to optimize the JavasScript code to deliver better performance. As per the Microsoft researcher, 45 percent of the security bugs that have been patched in the V8 JavaScript engine are related to the JIT compilations. The V8 JavaScript engine, if you are unaware, powers various popular web browsers in the market, including Chrome, Brave, Opera, Vivaldi, and of course, Microsoft’s Edge. So, the “Super Duper Secure Mode” in Edge will allow you to turn off JIT to reduce the amount security vulnerabilities. However, as JIT is responsible for better performance, you will see a significant degradation in the performance and power efficiency front.
Microsoft Edge Super Duper Secure Mode: Performance Hit?
During the initial test of the Super Duper Secure Mode in Edge, the VR team saw major performance-related issues. For instance, with JIT turned off, power usage increased by 11 percent, page load time increased by 17 percent, and power usage also increased by 2.3 percent. Overall, Microsoft Edge with the new mode turned on got a benchmark score that is 58 percent lower than the score with JIT turned on, which is a significant degradation of performance. Image Courtesy: Microsoft However, Jonathan points out that although the web browser scored such a low number in its benchmark test, users often do not notice this impact as the “benchmark tells only part of a larger performance story.” So, if Microsoft enables the Super Duper Secure Mode in the future, users will have to trade off performance for security. Now, coming to the availability of this security mode in Edge, the SDSM is currently an experimental feature. However, as per Norman, the VR team will be working on the said feature for the next few months to further refine it. Moreover, Norman thinks SDSM will lead to a way to “enable these mitigations intelligently based on risk and empower users to balance the tradeoffs.” If you want to try out the new Super Duper Secure Mode in Microsoft Edge, you can find it under edge://flags in the Edge Canary version, Dev as well as Beta versions.