Microsoft is testing a new protection feature in its Edge browser, which jokingly goes by the name of “Super Duper Secure Mode“. The developers have chosen the designation, which is very likely not final, in order to underline the experimental status. Under edge: // flags / # edge-enable-super-duper-secure-mode you can activate the Super Duper Secure Mode in the pre-release versions of Edge (Beta, Developer, Canary).
The documentation for this can be found on GitHub. The new security mode deactivates the Javascript Just-in-Time Compiler or JIT for short, but according to the developers, there should not be any noticeable loss of performance. Disabling JIT prevents attackers from using one of the numerous bugs it contains as a gateway for an attack.
Another feature is the support of Intel’s Control-flow Enforcement Technology or CET for short. In the coming months, they want to integrate more technologies and also support web assembly, which is currently still missing. The ambitious goal of this experiment is to permanently change the exploit landscape and to gain a head start in the eternal race with the hackers that cannot be caught up so quickly, the developers write. Despite the serious issue, one really wants to have fun with this experiment.
Users of the trial versions of Edge are asked to activate the Super Duper Secure mode and provide feedback.
Leave a Reply