posted by Thom Holwerda on Thu 24th Sep 2009 19:17 UTC
IconEarlier this week, Google launched Chrome Frame, a plugin for Internet Explorer 6/7/8 which replaces the Trident rendering engine with Chrome's rendering and JavaScript engine for better performance and superior standards compliance. Microsoft has responded to this release, claiming it makes Internet Explorer less secure. Note: What database category do I put this in? Internet Explorer? Google? Choices, choices!

Google Chrome Frame is not a replacement for the Trident engine, but rather an opt-in plugin; web developers can add a meta tag to their web pages which makes sure the pages in question will be rendered with the Chrome engine instead of Trident. Using some JavaScript magic, web developers can prompt users to install Chrome Frame.

It's a very cheeky move by Google. We all know that while Internet Explorer has made some strides in the standards compliance and speed areas of browser development, it still lags behind considerably compared to the competition. No HTML5, an outdated JavaScript engine, and not even things like CSS3. Since Microsoft isn't particularly quick with updates, this is a nice intermediary solution - albeit a bit convoluted.

As was to be expected, Microsoft isn't all too pleased. They decided to use the ol' scare-'m tactic, and claim it makes Internet Explorer less secure. "With Internet Explorer 8, we made significant advancements and updates to make the browser safer for our customers," a Microsoft spokesperson told Ars Technica, "Given the security issues with plugins in general and Google Chrome in particular, Google Chrome Frame running as a plugin has doubled the attach area for malware and malicious scripts. This is not a risk we would recommend our friends and families take."

This statement needs some explaining, especially the part where Microsoft says Google Chrome "in particular" has security issues. According to Ars, they are referring to when Chrome was first released, and it contained a few widely publicised security issues, which were quickly fixed. These days, Chrome is quite secure, was the only browser left standing in the pwn2own contest (for whatever that's worth), and security experts claim the sandboxing technology is hard to break out of.

The part about plugins being a security issue are of course true, as stuff like Flash has often seen extensive exploits. However, there are not a whole lot of Chrome exploits out there, and even if there are, those are for Chrome - not Chrome in conjunction with Internet Explorer. In addition, what about Silverlight? Flash? Those are plugins too.

All in all, Redmond had to say something, so they decided to take this route. I personally doubt Chrome Frame will make much of a real-world splash, but I also believe that's not really what Google was after; this is a publicity issue, a public slap in the face of Microsoft.

And I like it. This is how you compete.

e p (2)    74 Comment(s)

Technology White Papers

See More