Security

With a 64-bit system it is possible to use ASLR that roughly protects against stack overflow (or buffer overflow) attacks. Thus preventing Cracker from jumping from an exploid to a direct function (IAT Hook or other hook types such as Detours can also be avoided with this). It facilitates the use of polymorphism that is widely used by malware but can also be used by common programs to not have a constant "signature" in their functions, and this is very useful, since most Hooks use a memory scan to find patterns, thus finding the address of a function for example.

Speed

Programs that run at 64 bits have faster access to the record (because it is a record other than 32 bits).More information

In addition to the advantages listed above, until today debugges (such as Ollyodbg and IDA) have difficulty reading 64-bit systems, this is not what will make the system safer, but it already prevents 80% of "common" crackers do something.

Simple class of polimorph Polychaos

Before quoting the topics you would like to understand, I would like to summarize by saying that x64 software takes advantage of what the x64 OS (operating system) provides, because x32 software in x64 OS is emulated, which ultimately does not take advantage of the maximum performance that the machine and OS are able to perform.

Speed

This is the same idea as the architecture of the processors that address more memory. x32 software can use up to 2 32 bits of memory addressing, while one of x64 stores up to 2 64 bits. In cases where the OS is x64 and the sofware is x32 an emulation process is done to avoid conflicts.

In quote on one of your links:

64-bit allows us to take more advantage of the compiler processor and optimizations, a more modern instruction set, and a call convention that allows more function parameters to be passed quickly to the records.

So, as I mentioned, it takes advantage of benefits that are only available on x64 architecture, which are lost when the processor is "obliged" not to use all of its memory addressing.

Another point we can mention is that the browser being x64 thus becomes fully compatible with x64 applications/plugins, such as flash player for example. This being possible to justify the part where they say:

As a result, speed is improved, especially in graphics and multimedia content, where we see an average improvement of 25% in performance.

Security

-> Use of ASLR for enhanced malware security

ASLR is a security feature that causes a program’s data locations to be randomly arranged in memory. Before ASLR, places where a program’s data in memory was stored could be predictable, which made attacks on a program much easier. With ASLR, an attacker (hacker) has to guess the correct memory location when trying to exploit a vulnerability in a program. An incorrect assumption may result in the "crash" of the program, so that the attacker will not be able to try again.

This security feature is also used in versions of Windows and other 32-bit operating systems, but is much more powerful in 64-bit versions of Windows. A 64-bit system has a much larger address space than a 32-bit system, making ASLR much more effective.

Even in one of the links posted has a part that speaks like this:

In addition, 64-bit Chrome can take advantage of more current Windows security features, such as ASLR (Address Space Load Randomization).

To better clarify regarding x32 software emulation on x64 OS:

Drawn from: http://tecnologiaurbana.com.br/2007/05/diferencas-entre-windows-x32-x64/

AMD64 and IA64T processors have 3 different operating modes

32-bit mode: It is possible to install a 32-bit operating system on these systems and run 32-bit programs, however, they will not be able to make use of the new unique 64-bit features such as actual memory addressing above 4GB or Gprs registers.

Compatibility mode: It is a full mode intermediate mode (full). To run in compatibility mode, you need to install a 64-bit operating system with 64-bit drivers. Compatibility mode with a 64-bit operating system makes it possible to run 32-bit programs without modifications. Each 32-bit program must be limited to a maximum of 4 GB of physical memory. However, this 4 GB limit is imposed at a pre-process level and not at a system level. This means that each 32-bit process in this system can have its own memory block of 4 GB of physical memory space (assuming you have enough physical memory installed).

Full (full) 64-bit mode: This mode is activated when 64-bit programs are run on 64-bit operating systems. In this mode, a program can have a virtual address space of up to 40 bits (about 1 TB of addressable memory). Programs that run in full mode will have access to all installed physical memory and expanded system Gprs. But it is important to understand that this mode of operation will only be active on a 64-bit operating system with 64-bit drivers running 64-bit programs.

Stability

This issue is a little more complicated, but from what I could understand in the case of Chrome, they had a lot of crash during rendering processes. As you may know rendering process uses a lot of computational capacity, even if researching will see several complaints about people complaining that Chrome used 100% CPU to render and then crashed, this ends up decreasing if Chrome has in his hands the chance to use more memory I believe.

As I mentioned, we can verify this issue by following what Intel said about the benefits of using x64:

More Access to Physical Memory

x64 native applications, combined with Windows Server x64 editions and the appropriate hardware, can access up to 2 terabytes (TB) of physical RAM, allowing the execution of memory-consuming server applications.

Remove Virtual Address Limitations

On 32-bit systems, connection-oriented applications require the operating system kernel to utilize a portion of their 2 gigabyte memory space. When applications, such as terminal servers, scale to support more users, this memory allocation limit can become an obstacle regardless of the physical RAM capacity of the system. Windows Server x64 editions provide a virtual address space of 8 TB for the kernel and for each system process.

Improved performance

While 32-bit applications perform similarly on Windows Server 32-bit editions and Windows Server x64 editions, native x64 applications can perform significantly better, particularly for applications with high processing demand.

------- Edit ----------

WOW64

Wow64 (Windows 32-bit on Windows 64-bit) is a Windows OS subsystem capable of running 32-bit applications and is included in all 64-bit versions of Windows.

This emulator has some dlls for this to happen:

• Wow64.dll provides the core emulation infrastructure and the subsurface, for the input point functions Ntoskrnl.exe.
• Wow64win.dll provides "thunks" for the Win32k.sys input point functions.
• Wow64cpu.dll is an interface library that abstracts host processor characteristics.
• (Intel Itanium Only) Ia32exec.bin contains x86 emulator software.
• (Intel Itanium only) Wowia32x.dll provides the interface between Ia32exec.bin and WOW64.

According to microsoft’s official topic, we can see that the company itself claims that running x32 software on x64 OS is not a perfect process: Link: http://msdn.microsoft.com/en-gb/library/windows/desktop/aa384219(v=vs.85). aspx

Instruction Emulation is performed on the chip. On the x64 processor, instructions are executed natively by the micro-architecture. Therefore, the running speed in the WOW64 in x64 is similar at its 32-bit Windows speed. On the Intel Itanium processor, more software is involved in emulation and the performance suffers as a result.

On the page of Wikipedia US, another important detail is cited: http://en.wikipedia.org/wiki/WoW64

According to Microsoft, 32-bit software running under WOW64 has a similar performance when executing under 32-bit Windows, but with Fewer threads possible and other overheads.

As imagined (even if not good), x32 native dlls are different from WOW64 dlls:

http://www.nynaeve.net/? p=131

If we look at the native x86 ntdll, we see the call expected by the Systemcallstub pointers in Shareduserdata:

0:000> u ntdll! Ntclose

ntdll Zwclose:

mov eax, 30h

edx mov, offset Shareduserdata! Systemcallstub

call dword ptr [edx]

Ret 4

However, an examination of Wow64 shows ntdll something different; a call is made through a field in the shift + C0 in the 32-bit TEB:

0:000> u ntdll! Ntclose

ntdll Zwclose:

eax mov, 0Ch

xor ecx, ecx

Lea edx, [esp +4]

call PTR DWORD Fs: [0C0h]

Ret 4

I still find it necessary to comment on a bug in WOW64 (Not yet fixed in Windows 7 according to information from blogs that explain the subject):

Bug: http://zachsaw.blogspot.com.br/2010/11/wow64-bug-getthreadcontext-may-return.html

Refers to: Trash collector Boehm (Boehm GC)

The answer is in the question link itself: The Chromiun Blog - Try out the new 64-bit Windows Canary and Dev Channels.

The speed increase is not only because it is 64 bits, but because the x86-64 processor architecture has had several other changes that have improved performance (i.e., not only larger registers, but also more registers and new instructions).

64-bit allows us to take more advantage of the compiler processor and optimizations, a more modern instruction set, and a call convention that allows more function parameters to be passed quickly in registers.

The call convention is how the program organizes the parameters for a function call. This is specific to the processor + operating system combination, and by having more registers an x86-64 has the possibility to pass more parameters on registers instead of putting on the stack, which tends to be slower.

especially in graphics and multimedia content

Graphics and multimedia apply a lot a repeated operation to multiple numbers (to transform pixels, for example), and for a long time processors have been gaining more instructions that help to do this, since the time of MMX, after SSE, SSE2, and 64-bit processors have even more SSE registers than 32-bit ones.

And on security, it has already been well explained there in Giovani’s post, with more bits for pointers, it is possible to allocate memory in a predictable way, avoiding that malignant code can predict where in memory was inserted some important data structure.