So, you can disable JIT to get a more secure browser, but what about the impact on performance? Microsoft noticed that the only major speedbump for its JIT disabled browser was in benchmarks like Speedometer 2.0. In reviewing anecdotal experiences, Microsoft found that “users with JIT disabled rarely notice a difference in their daily browsing.” Perhaps more importantly, in various tests of browser performance like memory use, page load and startup times, and power usage the picture was mostly positive. The worst stats seem to be with the potential of a ~17 per cent slowdown in complex page load times. However, depending on the content, page loads might be nearly 10 per cent faster.
Admittedly the balance of positives and negatives is quite complex, so Microsoft is testing this now, as are Insiders in the aforementioned programs. There are some further side-benefits to disabling Java JIT. The devs reveal that mitigation technologies such as Controlflow-Enforcement Technology (CET) from Intel, and Arbitrary Code Guard (ACG) couldn’t play nicely with JIT enabled – but without it, they can be toggled on to “make exploitation of security bugs in any renderer process component more difficult”.
SDSM is definitely still at an experimental stage, but shows encouraging signs. Microsoft is typically rather proud of the speed and responsiveness of Edge, so it will probably try and offer the best of both worlds with this new SDSM implemented, alongside optimizations to reduce/eliminate any JIT disabling impacts. Remember that security seems to be a renewed focus of the company with its Windows 11 minimum requirements.