What is Super Duper Secure Mode on Microsoft Edge and How it Works

Since being released a little over six years ago, Microsoft Edge has been releasing perioding updates that improve the look and feel of the browser. Thanks to the additions, Microsoft Edge is faster, more private, and more secure than many other browsers out there, which is certainly a feather in Microsoft’s cap. 

Today, we will be taking a look at one such worthy addition — a feature that is currently unique to Microsoft Edge and might improve the security aspect of the browser greatly. So, without further ado, let us check what Super Duper Secure Mode is on Microsoft Edge and how it ticks. 

Related: How to Change Themes on Microsoft Edge

What is Super Duper Secure Mode on Microsoft Edge? 

The Super Duper Secure Mode (SDSM) is a new experimental feature added to Microsoft Edge Insider browsers — Dev, Beta, Canary — that promises to drastically decrease security bug attacks related to Javascript. You will find the experimental option under edge://flags . There are no visual prompts to notify you of this feature but a restart is required to apply the changes.  

How does Super Duper Secure Mode work? 

The world of the internet runs on Javascript. By adding layers and complexity, you can truly make a website come alive, which pretty much every company strives to do. However, handling such complex commands demand a lot of resources and time.

To get rid of the problem, a performance technology called “Just-In-Time Compiler (JIT)” was introduced to browsers in 2008. JIT did exactly what it was supposed to do — improve the overall performance of websites. Sadly, it also made way for security bugs, which need to be patched through security updates every few days. These bugs are often exploited by attackers to gain access to sensitive information stored on your browser. 

Additionally, JITs intricate workflow makes it impossible for mitigation technologies — such as Controlflow-Enforcement Technology (CET) by Intel — to be implemented effectively.

Microsoft Edge’s Super Duper Secure Mode disables JITs right away, which makes the Microsoft browser a lot less vulnerable to security bug attacks. Additionally, it turns on CET, which improves security to a great extent.  Disabling JITs, such as TurboFan or Sparkplug, can affect overall browsing performance. However, Microsoft Remains confident about its chances. 

Related: How to Use Sync on Microsoft Edge: Getting Started and Tips

Is SDSM enabled by default?

At present, the stable build of the Microsoft Edge browser does not offer the Super Duper Secure Mode. You will have to download the Dev, Canary, or Beta build to get the option. And since it is an experimental feature, SDSM is not turned on by default. It is an opt-in feature, which you must enable by going into edge://flags

Should you turn on SDSM on Edge?

Super Duper Secure Mode on Microsoft Edge is certainly a step in the right direction. However, it might not be the perfect fit for all. Depending on the site you are visiting and the type of content that is on there, you might notice some dip in performance from time to time. If that is bothersome for you, you should reconsider turning it on. 

However, if top-notch security is your need of the hour, turning on SDSM should be a no-brainer. 

How does SDSM make Microsoft Edge different?

The new Super Duper Secure Mode of Microsoft Edge disables Just-In-Time compilers, which most web browsers use — including Chromium’s V8 engine — for increasing performances at the expense of security. With JITs gone more advanced exploit mitigations which are now a possibility in Microsoft Edge, when SDSM is turned on, which makes the browsing a lot safer, at least on paper. 

Can I browse safely using with SDSM on Microsoft Edge?

In general, Microsoft Edge is a safe browser. However, the overall safety of browsing is up to you — the user. New-age web browsers like Edge will warn you before opening any suspicious link. Going ahead even after the warning frees the browser of any liabilities. SDSM adds another layer of security on top of Microsoft Edge’s standard protection suite. By disabling JITs, SDSM considerably cuts down the bugs and security breaches caused by performances technology. So, yes, in theory, you should be safer with SDSM. However, it is best if you can avoid opening suspicious sites. 

SDSM does not deal with data storage in any shape or form. So, it is not up to Edge or SDSM to keep your private data safe. However, it will certainly help you deal with exploits manifesting from JITs.

Does Microsoft Edge prevent all access to malicious sources when safe browsing is enabled?

Unfortunately, there is no way to be 100% safe on the internet. Every browser tries to protect you from malicious content by warning you against suspicious sources and links. With the growth of cyber threats and security issues, malicious content is growing on the web, which looks for new vulnerabilities in your web browser. Thus, relying solely on Microsoft Edge for bulletproof browsing won’t be too wise. 

However, if you’re comparing Microsoft Edge in its standard form and one with Safe Browsing enabled, it’s definitely the latter that provides better coverage. 

How much security can the new SDSM of Microsoft Edge provide?

As of now, the SDSM of Microsoft Edge is still at a developmental stage. The developers took an innovative step by disabling the JIT feature, which has been highly popular over the years in web browsers. While disabling this feature might lower the Javascript benchmark score, the users would hardly feel any difference. Moreover, the developers have plans of incorporating further security protocols — Arbitrary Code Guard (ACG) for example — which aim to improve the overall security of the web browser.


Posted by

A mediocre engineer hoping to do something extraordinary with his pen (well, keyboard). Loves Pink Floyd, lives football, and is always up for a cup of Americano.

1 Comment

  1. Wow… It will help to create a safe desktop experience for users. A great Tip for IT Support

Comments are closed.