Bolstering Edge security, if you’re willing to sacrifice a bit of performance
Why it matters: Microsoft’s Edge vulnerability researchers are interested in testing a rather unconventional idea that could improve the security of Chromium-based browsers for people that are willing to sacrifice a bit of performance. It’s been called “Super-Duper Secure Mode” and is mostly a fun experiment at this point, but it could turn into a real feature if there’s enough user interest.
After moving the Edge browser to the Chromium engine, Microsoft finally landed a browser that many people are willing to use and switch to permanently. My personal experience has been that Edge runs without any major headaches ever since the first developer and canary builds arrived for Windows 10. Since then, Microsoft has been adding a slew of features such as sleeping tabs, a password generator, vertical tabs, and more.
Google last year stopped warning people about supposed security risks of Edge, and the two companies have since committed to working together in fixing the biggest pain points in cross-browser compatibility for the modern web.
Edge doesn’t have perfect security, but like most browsers it does have some features that keep you as protected as you can be without becoming a headache. For instance, Microsoft’s browser lets you automatically block “potentially unwanted app” downloads, but the company is now testing a more aggressive security feature called “Super Duper Secure Mode.”
After running some automated tests for power, startup, memory usage and page load times, the researchers found that turning off JIT led to improvements in some cases and slightly lower performance in others. Memory usage doesn’t change that much, while startup times improve around 9 percent. As for page load times, the worst case observed is that they’re almost 17 percent slower while in best case scenarios they actually improve up to 9.5 percent. Power usage is a similar story, with some tests showing an 11.4 percent increase with JIT turned off and some tests showing a 15 percent improvement in power efficiency.
In synthetic benchmarks like Speedometer 2.0, turning JIT off led to a result that was 58 percent worse than with JIT turned on. However, the difference in performance was much less noticeable in actual use, which matters a lot more for users than a specific number achieved in a benchmark.
SSDM is an experimental feature for now, but if you’re willing to test it yourself you can do so by enrolling in the Edge Insider program. It doesn’t matter whether you’re in the Canary, Dev, or Beta ring, to enable the feature go to edge://flags and turn on the one named “edge-enable-super-duper-secure-mode.” It’s also worth noting Web Assembly (WASM) doesn’t work in this mode, so proceed with caution.