Microsoft is working on a “Super Duper secure mode” for Edge

Internet privacy and security are sensitive subjects these days, with every tech company introducing new features to protect your data. Bfrom Microsoft is face the question with a little lightness. The company’s browser vulnerability research team is experimenting with a new feature in Microsoft Edge called “Super Duper Safe Mode.”

Super Duper Secure Mode – yes, it’s really called that right now – is currently in its infancy and works by disabling something called Just-In-Time (JIT) compilation in V8, Edge’s JavaScript engine. JIT is used to speed up browser performance by taking JavaScript and compiling it into machine code before it is needed. The gains are impressive, but it also creates a lot of vulnerabilities and is easily exploitable. In one BlogMicrosoft Edge Vulnerability Research Manager Johnathan Norman writes that in 2019 about 45% of common vulnerabilities and exposures were related to JIT. Norman also emphasizes Mozilla data showing that more than half of Chrome’s exploits in the wild were based on a JIT bug.

Disabling JIT “would remove about half of the V8 bugs that need to be fixed.” According to Norman, this would result in fewer security updates and emergency fixes. That said, no one really wants a lagging browser. Disabling JIT resulted in a significant drop in JavaScript benchmarks. However, in other benchmarks, Norman notes that most of Microsoft’s tests showed no changes or negligible changes when JIT was disabled, and users rarely noticed a difference in daily navigation.

For some people, better security and OK-but-not-browser speed is an acceptable compromise. This is especially true for journalists, activists, or others who may be working with sensitive material. You can try enabling Super Duper Safe Mode if you are using a beta version of Edge, however. there are some limits. You can find the functionality under edge: // flags in Edge Canary, Dev, and Beta.

As for the question that worries everyone … why Super Duper Secure Mode? According to Norman, the browser vulnerability research team plans to “have fun with this project,” which includes giving it a “slightly provocative name” because it’s funny and too early to give it a more nickname. “Official”. Fair! However, in a TweeterNorman also indicated that they are accepting suggestions on other names, as the name will likely have to change later. Boo. Hoping that the costumes at Microsoft loosen up a bit and allow everyone to have fun.