Microsoft howls as Google turns IE into Chrome

Internet Explorer dams Google Wave


Updated Google is offering a new Internet Explorer plug-in that turns Microsoft's browser into a Google browser. And in predictable fashion, Microsoft is peeved.

As it prepares to grant widespread access to the preview version of Google Wave - its new-age communications platform - Google has fashioned an IE plug-in that equips Microsoft's future-challenged browser with the rendering and JavaScript engines at the heart of Google Chrome. Among other things, this introduces IE to the world of HTML5, the next generation hypertext markup language that Microsoft is, shall we say, rather slow to adopt.

That, in turn, will allow Internet Explorer to properly run Google Wave, which leans heavily on the still-gestating HTML5 standard and requires pretty hefty JavaScript and DOM (Document Object Model) performance. "Unfortunately, Internet Explorer, still used by the majority of the Web's users, has not kept up with such fairly recent developments in Web technology," reads a blog post from Wave founding father Lars Rasmussen and technical lead Adam Schuck.

"In the past, the Google Wave team has spent countless hours solely on improving the experience of running Google Wave in Internet Explorer. We could continue in this fashion, but using Google Chrome Frame instead lets us invest all that engineering time in more features for all our users, without leaving Internet Explorer users behind."

And by adding a new tag, other developers can run their web applications on Google's new turn-IE-into-Chrome plug-in.

Of course, Microsoft wants Internet Explorer to remain Internet Explorer - despite/because of its poor JavaScript performance and HTML5 lag. "With Internet Explorer 8, we made significant advancements and updates to make the browser safer for our customers," reads a canned statement from the company.

"Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts. This is not a risk we would recommend our friends and families take."

Microsoft may have a point that running a browser inside a browser expands the attack surface area. But it's a small one. "It sounds like the Microsoft spokesperson is suggesting that because plug-ins have a history of insecurity (as all software does), then Google Chrome Frame must also have the same problems," says Jeremiah Grossman, a web-application security expert and the CTO of WhiteHat Security.

"If so, that is a very shallow critique. Malware that targets Chrome is essentially unheard of due to an insignificant market share as compared to Internet Explorer, which is routinely targeted."

What's more, Microsoft has a certain interest in keeping Google Wave at bay. And that "friends and family" bit is priceless. And it's a tad ironic that Redmond is complaining about plug-ins as it clings to Silverlight while the rest of the major browser vendors push ahead with HTML5.

To be fair, Microsoft has finally joined the HTML5 discussion. And even Google admits that Redmond has restrictions that other browser makers don't have.

"I think Microsoft has a lot of constraints, as the vendor with the browser that has the largest share," Google engineering head Vic Gundtra said at the company's developer conference this spring. "They have to worry about issues that some of us don't have to. They have a huge enterprise usage, and enterprises have specialized requirements. Updating these browsers could break enterprise apps."

But in this case, Microsoft's FUD is chock-full of even more nonsense than the FUD it spewed over the Google plug-in that turned Microsoft Outlook into Gmail.

On another level, all this underscores why Google felt the need to build its own browser - and its own browser-based operating system. Under development for more than two years, Google Wave is a browser app designed to reinvent online communication, crossbreeding email with IM and document sharing. But it can't run on the world's most popular browser. Google is intent on replacing Windows, Office, and Outlook, but first, it must replace IE.

Next week, if you try to log-in to Google Wave with Internet Explorer 6, 7, or 8, you'll get a message that suggests you install Google Chrome Frame - or make the switch to Firefox, Safari, or (the real) Chrome. But there will be a small note at the bottom that says "If you want to continue at your own peril, go ahead."

So, it's a choice between your own peril and the safety of your friends and family. Or you can just ditch IE and switch to a better browser. If you're reading these words, chances are you've already made the switch. But you have to wonder how many will follow. And how quickly. ®

Update

After a request from The Reg, Google has responded to Microsoft's comments on its new plug-in. "Google Chrome Frame is an open source plug-in that is currently in an early developer release and was designed with security in mind from the beginning," says a Google spokesman."While we encourage users to use a more modern and standards compliant browser such as Firefox, Safari, Opera or Google Chrome rather than a plug-in, for those who don't, Google Chrome Frame is designed to provide better performance, strong security features, and more choice to both developers and users, across all versions of Internet Explorer.

"Accessing sites using Google Chrome Frame brings Google Chrome's security features to Internet Explorer users, providing strong phishing and malware protection (absent in IE6), robust sandboxing technology, and defenses from emerging online threats that are available in days rather than months. We invite all parties with thoughts about Google Chrome Frame to explore our code and provide feedback about this technology with the open source community."


Other stories you might like

  • Zuckerberg sued for alleged role in Cambridge Analytica data-slurp scandal
    I can prove CEO was 'personally involved in Facebook’s failure to protect privacy', DC AG insists

    Cambridge Analytica is back to haunt Mark Zuckerberg: Washington DC's Attorney General filed a lawsuit today directly accusing the Meta CEO of personal involvement in the abuses that led to the data-slurping scandal. 

    DC AG Karl Racine filed [PDF] the civil suit on Monday morning, saying his office's investigations found ample evidence Zuck could be held responsible for that 2018 cluster-fsck. For those who've put it out of mind, UK-based Cambridge Analytica harvested tens of millions of people's info via a third-party Facebook app, revealing a – at best – somewhat slipshod handling of netizens' privacy by the US tech giant.

    That year, Racine sued Facebook, claiming the social network was well aware of the analytics firm's antics yet failed to do anything meaningful until the data harvesting was covered by mainstream media. Facebook repeatedly stymied document production attempts, Racine claimed, and the paperwork it eventually handed over painted a trail he said led directly to Zuck. 

    Continue reading
  • Florida's content-moderation law kept on ice, likely unconstitutional, court says
    So cool you're into free speech because that includes taking down misinformation

    While the US Supreme Court considers an emergency petition to reinstate a preliminary injunction against Texas' social media law HB 20, the US Eleventh Circuit Court of Appeals on Monday partially upheld a similar injunction against Florida's social media law, SB 7072.

    Both Florida and Texas last year passed laws that impose content moderation restrictions, editorial disclosure obligations, and user-data access requirements on large online social networks. The Republican governors of both states justified the laws by claiming that social media sites have been trying to censor conservative voices, an allegation that has not been supported by evidence.

    Multiple studies addressing this issue say right-wing folk aren't being censored. They have found that social media sites try to take down or block misinformation, which researchers say is more common from right-leaning sources.

    Continue reading
  • US-APAC trade deal leaves out Taiwan, military defense not ruled out
    All fun and games until the chip factories are in the crosshairs

    US President Joe Biden has heralded an Indo-Pacific trade deal signed by several nations that do not include Taiwan. At the same time, Biden warned China that America would help defend Taiwan from attack; it is home to a critical slice of the global chip industry, after all. 

    The agreement, known as the Indo-Pacific Economic Framework (IPEF), is still in its infancy, with today's announcement enabling the United States and the other 12 participating countries to begin negotiating "rules of the road that ensure [US businesses] can compete in the Indo-Pacific," the White House said. 

    Along with America, other IPEF signatories are Australia, Brunei, India, Indonesia, Japan, South Korea, Malaysia, New Zealand, the Philippines, Singapore, Thailand and Vietnam. Combined, the White House said, the 13 countries participating in the IPEF make up 40 percent of the global economy. 

    Continue reading
  • 381,000-plus Kubernetes API servers 'exposed to internet'
    Firewall isn't a made-up word from the Hackers movie, people

    A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse.

    Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network.

    "While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up. "They also allow for information leakage on version and build."

    Continue reading
  • A peek into Gigabyte's GPU Arm for AI, HPC shops
    High-performance platform choices are going beyond the ubiquitous x86 standard

    Arm-based servers continue to gain momentum with Gigabyte Technology introducing a system based on Ampere's Altra processors paired with Nvidia A100 GPUs, aimed at demanding workloads such as AI training and high-performance compute (HPC) applications.

    The G492-PD0 runs either an Ampere Altra or Altra Max processor, the latter delivering 128 64-bit cores that are compatible with the Armv8.2 architecture.

    It supports 16 DDR4 DIMM slots, which would be enough space for up to 4TB of memory if all slots were filled with 256GB memory modules. The chassis also has space for no fewer than eight Nvidia A100 GPUs, which would make for a costly but very powerful system for those workloads that benefit from GPU acceleration.

    Continue reading
  • GitLab version 15 goes big on visibility and observability
    GitOps fans can take a spin on the free tier for pull-based deployment

    One-stop DevOps shop GitLab has announced version 15 of its platform, hot on the heels of pull-based GitOps turning up on the platform's free tier.

    Version 15.0 marks the arrival of GitLab's next major iteration and attention this time around has turned to visibility and observability – hardly surprising considering the acquisition of OpsTrace as 2021 drew to a close, as well as workflow automation, security and compliance.

    GitLab puts out monthly releases –  hitting 15.1 on June 22 –  and we spoke to the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, about what will be added to version 15 as time goes by. During a chat with the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, The Register was told that this was more where dollars were being invested into the product.

    Continue reading

Biting the hand that feeds IT © 1998–2022