Fix For Meltdown And Spectre
First question, if you’re vulnerable or not. Most probably, Yes. The flaws are in all modern CPUs so you’re most likely affected by it.
Several recently-published research articles have demonstrated a new class of timing attacks (Meltdown and Spectre) that work on modern CPUs. Our internal experiments confirm that it is possible to use similar techniques from Web content to read private information between different origins…
Firefox and Chrome have also confirmed that they’re working on the patch. Chrome will release Meltdown protected version on January 23. So will you (Chrome users) have to wait that long? Yes, but here is a quick solution as well.
Enable Site Isolation To Protect Browsers Against Meltdown And Spectre
Besides waiting for Chrome to release the Meltdown protected version, Chrome/Chromium users can also use the solution that is already there. It’s called Site Isolation. In chrome or Chromium, users can enable site isolation. Enabling Site Isolation, the content of every website is always rendered in a dedicated process and isolates from other websites. It makes the content not readable for other websites. In case you visit a malicious website which runs code on your browser, it won’t be able to see data of other websites.
To enable Site Isolation in Chrome/Chromium, copy the following URL in URL bar –
Now you can see the highlighted option is Strict site isolation. Enable it. Now you’re done. Restart your web browser and the site isolation is working.
Site Isolation For Firefox Users
I also tried searching for an alternative solution for Firefox and only found First-Party Isolation. I’m not sure if it will work against these vulnerabilities because First-Party isolation separates cookies and make it not accessible by other websites. I’m not sure if it separates the entire website content from other websites. Though I’ve given instructions below to enable FPI in Firefox. So you can try your luck.
To enable First-Party Isolation, type about:config in the url bar. Search for site isolation and you’ll get the following options –