Feeds

Microsoft howls as Google turns IE into Chrome

Internet Explorer dams Google Wave

Combat fraud and increase customer satisfaction

Updated Google is offering a new Internet Explorer plug-in that turns Microsoft's browser into a Google browser. And in predictable fashion, Microsoft is peeved.

As it prepares to grant widespread access to the preview version of Google Wave - its new-age communications platform - Google has fashioned an IE plug-in that equips Microsoft's future-challenged browser with the rendering and JavaScript engines at the heart of Google Chrome. Among other things, this introduces IE to the world of HTML5, the next generation hypertext markup language that Microsoft is, shall we say, rather slow to adopt.

That, in turn, will allow Internet Explorer to properly run Google Wave, which leans heavily on the still-gestating HTML5 standard and requires pretty hefty JavaScript and DOM (Document Object Model) performance. "Unfortunately, Internet Explorer, still used by the majority of the Web's users, has not kept up with such fairly recent developments in Web technology," reads a blog post from Wave founding father Lars Rasmussen and technical lead Adam Schuck.

"In the past, the Google Wave team has spent countless hours solely on improving the experience of running Google Wave in Internet Explorer. We could continue in this fashion, but using Google Chrome Frame instead lets us invest all that engineering time in more features for all our users, without leaving Internet Explorer users behind."

And by adding a new tag, other developers can run their web applications on Google's new turn-IE-into-Chrome plug-in.

Of course, Microsoft wants Internet Explorer to remain Internet Explorer - despite/because of its poor JavaScript performance and HTML5 lag. "With Internet Explorer 8, we made significant advancements and updates to make the browser safer for our customers," reads a canned statement from the company.

"Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts. This is not a risk we would recommend our friends and families take."

Microsoft may have a point that running a browser inside a browser expands the attack surface area. But it's a small one. "It sounds like the Microsoft spokesperson is suggesting that because plug-ins have a history of insecurity (as all software does), then Google Chrome Frame must also have the same problems," says Jeremiah Grossman, a web-application security expert and the CTO of WhiteHat Security.

"If so, that is a very shallow critique. Malware that targets Chrome is essentially unheard of due to an insignificant market share as compared to Internet Explorer, which is routinely targeted."

What's more, Microsoft has a certain interest in keeping Google Wave at bay. And that "friends and family" bit is priceless. And it's a tad ironic that Redmond is complaining about plug-ins as it clings to Silverlight while the rest of the major browser vendors push ahead with HTML5.

To be fair, Microsoft has finally joined the HTML5 discussion. And even Google admits that Redmond has restrictions that other browser makers don't have.

"I think Microsoft has a lot of constraints, as the vendor with the browser that has the largest share," Google engineering head Vic Gundtra said at the company's developer conference this spring. "They have to worry about issues that some of us don't have to. They have a huge enterprise usage, and enterprises have specialized requirements. Updating these browsers could break enterprise apps."

But in this case, Microsoft's FUD is chock-full of even more nonsense than the FUD it spewed over the Google plug-in that turned Microsoft Outlook into Gmail.

On another level, all this underscores why Google felt the need to build its own browser - and its own browser-based operating system. Under development for more than two years, Google Wave is a browser app designed to reinvent online communication, crossbreeding email with IM and document sharing. But it can't run on the world's most popular browser. Google is intent on replacing Windows, Office, and Outlook, but first, it must replace IE.

Next week, if you try to log-in to Google Wave with Internet Explorer 6, 7, or 8, you'll get a message that suggests you install Google Chrome Frame - or make the switch to Firefox, Safari, or (the real) Chrome. But there will be a small note at the bottom that says "If you want to continue at your own peril, go ahead."

So, it's a choice between your own peril and the safety of your friends and family. Or you can just ditch IE and switch to a better browser. If you're reading these words, chances are you've already made the switch. But you have to wonder how many will follow. And how quickly. ®

Update

After a request from The Reg, Google has responded to Microsoft's comments on its new plug-in. "Google Chrome Frame is an open source plug-in that is currently in an early developer release and was designed with security in mind from the beginning," says a Google spokesman."While we encourage users to use a more modern and standards compliant browser such as Firefox, Safari, Opera or Google Chrome rather than a plug-in, for those who don't, Google Chrome Frame is designed to provide better performance, strong security features, and more choice to both developers and users, across all versions of Internet Explorer.

"Accessing sites using Google Chrome Frame brings Google Chrome's security features to Internet Explorer users, providing strong phishing and malware protection (absent in IE6), robust sandboxing technology, and defenses from emerging online threats that are available in days rather than months. We invite all parties with thoughts about Google Chrome Frame to explore our code and provide feedback about this technology with the open source community."

3 Big data security analytics techniques

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.