It has been a few months since Mozilla introduced its site isolation security architecture. It's a design overhaul that addresses several security concerns. Essentially, this new architecture separates the process address space for different sites and provides safety measurements against malicious websites.

Mozilla has worked on this new design for a few years now and finally caught up with Google. Note that site isolation has been a hot feature in Chrome since 2018.

How Does the Site Isolation Architecture Work?

Site isolation works by separating sites at the process level. It restricts one website from accessing another site's memory space, which was possible in the previous architecture. What this means is, when you fire up a new website, your system will spawn a new OS process to load it.

Each of these processes is independent and doesn't share any memory. It prevents harmful websites from accessing the information of other sites. The new model provides safeguards against the following threats.

  • Hijacking cross-site cookies
  • Stealing HTML, XML, and JSON data
  • Stealing passwords saved in the browser
  • Exploiting permissions granted to another site
  • Exploiting DOM elements of another site

How Site Isolation Differs From the Existing Security Model

In the earlier model, Firefox spawned a fixed number of processes. It used to invoke eight processes for web contents, two for semi-privileged contents, and four for graphical tasks, media, and networking. This allowed two different sites to end up in the same process space. So, there was a possibility of malicious sites exploiting another site's data.

firefox site isolation architecture
Image Credit: Mozilla

However, the site isolation model takes care of this issue by separating processes at runtime. This means even if you load a harmful web page, it can no longer bypass its own process space and access data from another site.

Enable Firefox Site Isolation to Protect Against Hackers and Scammers

You can enable site isolation on Firefox Nightly by going to about:preferences#experimental and then checking the Fission (Site Isolation) checkbox. If you're using a beta or release version instead, navigate to about:config and set fission.autostart pref to true. Restart Firefox to apply the changes.

Since site isolation is still in the early stages, Firefox may require extra CPU resources and become a little slow. Luckily, you can easily tweak Firefox for increased performance and browsing speed.