tex: add stuff on site isolation

tex/references.bib

@@ -383,4 +383,12 @@ institution = {International Organization for Standardization}
 	year = 2010,
 }
 
+@misc{siteisolation,
+	author = {{The Chromium Projects}},
+	year = 2023,
+	title = {{Chromium Security -- Site Isolation}},
+	howpublished = {[online]},
+	note={{Available from: \url{https://www.chromium.org/Home/chromium-security/site-isolation/} [viewed 2023-05-24]}}
+}
+
 % =========================================================================== %

tex/text.tex

@@ -462,6 +462,24 @@ can guide or alter the behaviour of software reading it. For instance a
 to signify that the client can store certain resources for some time before
 needing to re-fetch them, if they are not \emph{expired}.
 
+\n{3}{Site Isolation}
+
+Modern browsers such as Firefox or Chromium come with a security focus in mind.
+Their developers are acutely aware of the dangers that parsing untrusted code
+from the internet, which is the websites, the stylesheets and the scripts,
+poses. This is reflected in the way these programs are architected: instead of
+the main browser process running everything, the main privileged process spawns
+de-privileged child processes for each website. This extra line of defence
+makes it ``harder for untrustworthy websites to access or steal information''
+from user accounts or other websites~\cite{siteisolation}, as even if the
+misbehaving website manages to ``break some rules'' withing its own process, it
+should find it more difficult to steal data from other sites. Firefox's version
+of Site Isolation is called Project Fission
+(\url{https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/})
+but the two are very similar in both architecture and what they try to achieve.
+Some Chromium users have been complaining in the past on its high memory usage,
+which is partially due to Site Isolation features enabled.
+
 
 \n{2}{Cross-site scripting}\label{sec:xss}