Feeds

Mozilla sides with Microsoft against Google IE

A web less knowable

Choosing a cloud hosting partner with confidence

Mozilla has joined Microsoft in questioning the logic of a new Google plug-in that turns Internet Explorer into Google Chrome. But unlike Redmond, the open source outfit actually presents a well-reasoned argument.

Last week, Google released a plug-in that equips Internet Explorer with the rendering and JavaScript engines at the heart of its very own Chrome browser. Known as Google Chrome Frame, the plug-in significantly boosts JavaScript speeds, while introducing Microsoft's market-dominating browser to HTML5, a still-gestating update to the web's hypertext markup language.

In a Monday night blog post, Mozilla vice president of engineering Mike Shaver said that, like Google, he longs for a world where IE runs more like Chrome, Safari, Firefox, and Opera. But he's adamant that Chrome Frame isn't the way to get there.

"Running Chrome Frame within IE makes many of the browser application’s features non-functional, or less effective," he says. "These include private browsing mode or their other security controls, features like accelerators or add-ons that operate on the content area, or even accessibility support."

Shaver's view was buttressed by a second post from Mozilla chief Mitchell Baker, who sees Google's plug-in splintering the web rather than pulling it together. "The overall effects of Chrome Frame are undesirable," she writes. "I predict positive results will not be enduring and - to the extent it is adopted - Chrome Frame will end in growing fragmentation and loss of control for most of us, including web developers."

Though Microsoft has finally joined the HTML5 effort in earnest, IE has yet to adopt the proposed standard. And that's a problem for Google as it prepares to expand access to the preview version of Google Wave, a new-age communications platform that leans so heavily on HTML5.

When Internet Explorer users visit the new Google Wave preview release - due out Wednesday - Google will suggest they either install the new Chrome Frame plug-in or switch to another browser. What's more, Mountain View has encouraged other developers to rejigger their web applications so that they too will run inside Chrome Frame.

Predictably, Microsoft released a statement badmouthing the plug-in, but it was short on particulars - and long on FUD. "Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts. This is not a risk we would recommend our friends and families take," it said.

Mozilla's Mike Shaver avoids the scare tactics, arguing that Chrome Frame will not only sidestep security tools built into Internet Explorer, but also muddle the way users think about security. "As a side-effect, the user’s understanding of the web’s security model and the behaviour of their browser is seriously hindered by delegating the choice of software to the developers of individual sites they visit," he says.

"It is a problem that we have seen repeatedly with other stack-plugins like Flash, Silverlight and Java, and not one that I think we need to see replayed again under the banner of HTML5."

Mitchell Baker sees such confusion spreading even further. "If you end up at a website that makes use of the Chrome Frame, the treatment of your passwords, security settings, personalization all the other things one sets in a browser is suddenly unknown," she says. "Will sites you tag or bookmark while browsing with one rendering engine show up in the other? Because the various parts of the browser are no longer connected, actions that have one result in the browser you think you’re using won’t have the same result in the Chrome browser-within-a-browser."

Then she envisions a world where others follow the Google lead. "Imagine having the Google browser-within-a-browser for some sites, the Facebook browser-within-a-browser for Facebook Connect sites, the Apple variant for iTunes, the mobile-carrier variant for your mobile sites - all injected into a single piece of software the user thinks of as his or her 'browser,'" she continues.

"The result is a sort of browser-soup, where a given user action serves up some sort of response, but it’s not clear what the result will be... This makes the web less knowable, less understandable, and certainly less manageable."

Google has yet to respond to our requests for comment on the Mozilla posts. But in an earlier note to The Reg, it at least defended the security of the plug-in itself. "Accessing sites using Google Chrome Frame brings Google Chrome's security features to Internet Explorer users, providing strong phishing and malware protection (absent in IE6), robust sandboxing technology, and defenses from emerging online threats that are available in days rather than months," a company spokesman says.

But for Mozilla, this isn't about the plug-in's security. It's about the plug-in itself. Turning a Microsoft browser into a Google browser, Mozilla argues, is inherently a bad idea.

But it may be a stretch to say that the open source outfit has sided with Redmond. "It would be better for the web if developers who want to use the Chrome Frame snippet simply told users that their site worked better in Chrome, and instructed them on how to install it," Shaver says. "The user would be educated about the benefits of an alternate browser, would understand better the choice they were making, and the kudos for Chrome’s performance would accrue to Google rather than to Microsoft." ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Nexus 7 fandroids tell of salty taste after sucking on Google's Lollipop
Web giant looking into why version 5.0 of Android is crippling older slabs
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
SLURP! Flick your TONGUE around our LOLLIPOP – Google
Android 5 is coming – IF you're lucky enough to have the right gadget
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.