The internal Javascript compiler improves the performance in web browsers, but is repeatedly responsible for security problems. That’s why a Microsoft team tested their Edge browser without this compiler: And it is hardly noticeable in everyday life.
The JIT compiler (just-in-time compiler) accelerates Javascript code after it has been read by converting it into machine code and optimizing it. Javascript is then used when calculating prime numbers almost as fast as the C ++ programming language. But the compiler also brought a number of new bugs that can be exploited according to a certain pattern and are responsible for almost half of the security problems in the browser.
Is it worth it?
The JIT compiler in the Javascript engine V8 of the Microsoft Edge developer version can be switched off with an option. As a result, the performance in Javascript speed tests decreased by almost 60%. But this does not seem to be noticeable in daily surfing behavior: “From our own experience we know that users who have deactivated JIT hardly notice any difference in their daily surfing”, Microsoft writes in the analysis.
According to Microsoft, there were hardly any negative effects in the everyday tests.
(Image: screenshot)
The Microsoft team tested websites in normal operation. Any repetitive code slowed down, but there were also positive effects. They were able to determine an average improvement of 15% lower power consumption, which leads to longer battery life in notebooks.
For fun, the team named this experiment Super Duper Secure Mode in Microsoft Edge. It can be activated in the Canary, Dev or Beta versions. The option is on the internal side about:flags at Super Duper Secure Mode set.
Less complexity, improved security
Trying to get to the root of common security problems is not new. In the anonymization browser Tor, the JIT compiler is deactivated in the “secure” Javascript setting.
The Tor browser is based on Firefox, the JIT compiler can also be switched off in Firefox. On the configuration page in about:config the following switches should be on false be set: javascript.options.baselinejit, javascript.options.ion and javascript.options.asmjs.
This fun project from Microsoft could initiate a first rethink. Instead of adding more and more code to improve performance and then fixing many critical bugs, one tries to remove functions that are responsible for many security problems.
(how)
