Feeds

Mozilla sides with Microsoft against Google IE

A web less knowable

Choosing a cloud hosting partner with confidence

Mozilla has joined Microsoft in questioning the logic of a new Google plug-in that turns Internet Explorer into Google Chrome. But unlike Redmond, the open source outfit actually presents a well-reasoned argument.

Last week, Google released a plug-in that equips Internet Explorer with the rendering and JavaScript engines at the heart of its very own Chrome browser. Known as Google Chrome Frame, the plug-in significantly boosts JavaScript speeds, while introducing Microsoft's market-dominating browser to HTML5, a still-gestating update to the web's hypertext markup language.

In a Monday night blog post, Mozilla vice president of engineering Mike Shaver said that, like Google, he longs for a world where IE runs more like Chrome, Safari, Firefox, and Opera. But he's adamant that Chrome Frame isn't the way to get there.

"Running Chrome Frame within IE makes many of the browser application’s features non-functional, or less effective," he says. "These include private browsing mode or their other security controls, features like accelerators or add-ons that operate on the content area, or even accessibility support."

Shaver's view was buttressed by a second post from Mozilla chief Mitchell Baker, who sees Google's plug-in splintering the web rather than pulling it together. "The overall effects of Chrome Frame are undesirable," she writes. "I predict positive results will not be enduring and - to the extent it is adopted - Chrome Frame will end in growing fragmentation and loss of control for most of us, including web developers."

Though Microsoft has finally joined the HTML5 effort in earnest, IE has yet to adopt the proposed standard. And that's a problem for Google as it prepares to expand access to the preview version of Google Wave, a new-age communications platform that leans so heavily on HTML5.

When Internet Explorer users visit the new Google Wave preview release - due out Wednesday - Google will suggest they either install the new Chrome Frame plug-in or switch to another browser. What's more, Mountain View has encouraged other developers to rejigger their web applications so that they too will run inside Chrome Frame.

Predictably, Microsoft released a statement badmouthing the plug-in, but it was short on particulars - and long on FUD. "Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts. This is not a risk we would recommend our friends and families take," it said.

Mozilla's Mike Shaver avoids the scare tactics, arguing that Chrome Frame will not only sidestep security tools built into Internet Explorer, but also muddle the way users think about security. "As a side-effect, the user’s understanding of the web’s security model and the behaviour of their browser is seriously hindered by delegating the choice of software to the developers of individual sites they visit," he says.

"It is a problem that we have seen repeatedly with other stack-plugins like Flash, Silverlight and Java, and not one that I think we need to see replayed again under the banner of HTML5."

Mitchell Baker sees such confusion spreading even further. "If you end up at a website that makes use of the Chrome Frame, the treatment of your passwords, security settings, personalization all the other things one sets in a browser is suddenly unknown," she says. "Will sites you tag or bookmark while browsing with one rendering engine show up in the other? Because the various parts of the browser are no longer connected, actions that have one result in the browser you think you’re using won’t have the same result in the Chrome browser-within-a-browser."

Then she envisions a world where others follow the Google lead. "Imagine having the Google browser-within-a-browser for some sites, the Facebook browser-within-a-browser for Facebook Connect sites, the Apple variant for iTunes, the mobile-carrier variant for your mobile sites - all injected into a single piece of software the user thinks of as his or her 'browser,'" she continues.

"The result is a sort of browser-soup, where a given user action serves up some sort of response, but it’s not clear what the result will be... This makes the web less knowable, less understandable, and certainly less manageable."

Google has yet to respond to our requests for comment on the Mozilla posts. But in an earlier note to The Reg, it at least defended the security of the plug-in itself. "Accessing sites using Google Chrome Frame brings Google Chrome's security features to Internet Explorer users, providing strong phishing and malware protection (absent in IE6), robust sandboxing technology, and defenses from emerging online threats that are available in days rather than months," a company spokesman says.

But for Mozilla, this isn't about the plug-in's security. It's about the plug-in itself. Turning a Microsoft browser into a Google browser, Mozilla argues, is inherently a bad idea.

But it may be a stretch to say that the open source outfit has sided with Redmond. "It would be better for the web if developers who want to use the Chrome Frame snippet simply told users that their site worked better in Chrome, and instructed them on how to install it," Shaver says. "The user would be educated about the benefits of an alternate browser, would understand better the choice they were making, and the kudos for Chrome’s performance would accrue to Google rather than to Microsoft." ®

Providing a secure and efficient Helpdesk

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
'People have forgotten just how late the first iPhone arrived ...'
Plus: 'Google's IDEALISM is an injudicious justification for inappropriate biz practices'
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.