Internet: what’s the new “Super Duper Secure Mode”

Much of the Web sites we browse every day use potentially dangerous JavaScript code, Microsoft has found a way to increase security.

The goal of Microsoft Edge: to become even more secure. It has been jokingly christened "Super Duper Secure Mode" (SDSM), a name that sounds similar to "Super-Mega Security Mode", the feature that in the future could solve some big and small problems of the browser made in Redmond, but also of all other browsers based on the code of Chromium (the free open source version of Chrome).

Introducing the feature with a post published on the program's official blog, Vulnerability Research area team leader Johnathan Norman explained some key details of "Super Duper Secure Mode" and delved into some of the technical aspects the group of researchers relied on for development. In particular, the importance of JavaScript, a programming language widely used in the creation of sites and applications available on the web, and of JIT compilation, an acronym that stands for "just-in-time" and indicates a type of operation that is carried out during the execution of the program in use in favor of the computer's performance, was the focus of the meeting.

Super Duper Secure Mode, how it works

The way "Super Duper Secure Mode" works is precisely by disabling JIT compilation from the processing pipeline (i.e. the cascading flow of software components) operating on the Edge. This would bring an enormous advantage, since - as explained by Microsoft - it would lead to a reduction in the opportunities for hacker attacks that can compromise the security of the browser and, starting from the browser, cascading also of the entire operating system.

Although JIT compilation shows advantages in terms of performance, the block made by SDSM does not particularly affect the speed of the software, a thesis confirmed by the various tests carried out. The benefit of the deactivation would be instead the bug resolution: in a single stroke about half of the dangerous security bugs in the V8 JavaScript engine used by Edge would disappear.

There are also advantages from the point of view of the technical commitment, given the lower number of updates and emergency patches required to plug the security holes that are identified over time and that, thanks to the SDSM in practice are unusable by hackers.

Super Duper Secure Mode, when will it arrive?

According to what Norman himself confirmed, the feature is in an experimental phase. In fact, there are many critical points that the team will have to deal with before officially releasing Super Duper Secure Mode for those who use Edge on their device.

However, there are those who can already begin to see, in advance of the general public, the effects of the new security mode. Those who are subscribed to the Canary, Dev and Beta channels dedicated to the browser; by downloading the releases of their respective programs, users can activate it by entering the string edge://flags/#edge-enable-super-duper-secure-mode in the address bar and clicking on the toggle that appears on the page.