When someone fixes your crap for you, you thank them. And Google Chrome Frame is basically a copy of Chrome, sans, er... the chrome. It uses the same automatic, silent update system as Chrome. Any security flaws can literally be fixed for all users within 24 hours. You have no argument left Microsoft. Get your act together and instead of scaremongering, fix your crap.

Mod me down, linux fanboys, but...

Mod me down, linux fanboys, but Microsoft is technically right.

Adding a third-party plugin, especially something that replaces the core browsing engine, does make IE less secure. With this plugin, IE can be compromised due to a security issue in IE code -or- Chrome's code. If a security flaw is found in Chrome's javascript rendering engine, any version of IE running this plugin will be vulnerable.

The same thing can be said about other plugins. Installing the Adobe Flash player plugin to IE or Firefox will make both less secure, since you are introducing additional code.

Microsoft is right because adding any plugin that expands software functionality will introduce new code that can potentially cause additional security problems.

Did Microsoft consider this before forcing a .NET add-on to be installed to Firefox via Windows Update? Certainly not.

Is this a marketing gimmick by Microsoft to scare people from using the plugin of one of their biggest competitors? Probably.

Is Microsoft wrong in saying this? No, they are technically correct.

Mod me down, linux fanboys, but Microsoft is technically right.

"Mod me down, linux fanboys, but...

"Mod me down, linux fanboys, but...

"[q]Mod me down, linux fanboys, but...

and get a free $1 calculator and your life's problems are solved. Or, just freaking enjoy what you have.

The same thing can be said about other plugins. Installing the Adobe Flash player plugin to IE or Firefox will make both less secure, since you are introducing additional code.

Unfortunately, FUD from Microsoft is likely to be at least somewhat effective. The less technically-inclined are likely to actually listen to what Microsoft says, and if they do and they have the say as to what plugins get installed on their corporate network, then lo and behold, Chrome Frame won't get installed on their corporate network, and Microsoft won that small piece of the battle. Anyone who really pays attention and actually knows anything about the issue will know that it's pure FUD, but unfortunately, FUD still affects what people think - especially when the people doing the listening aren't all that well-informed. So, this move may very well look stupid, but from Microsoft's point of view, it's likely better to spout FUD than admit that Google is actually helping to clean up Microsoft's mess.

When someone fixes your crap for you, you thank them. And Google Chrome Frame is basically a copy of Chrome, sans, er... the chrome. It uses the same automatic, silent update system as Chrome. Any security flaws can literally be fixed for all users within 24 hours. You have no argument left Microsoft. Get your act together and instead of scaremongering, fix your crap.

The less technically-inclined are likely to actually listen to what Microsoft says.

Um, dude, Chrome doesn't "fix your crap for you." Chrome has an abysmal security record.

After that though, Google made sure to stay on top of things, and it has paid off. In March 2009, for example, Chrome was the only browser left standing after day one of the famous Pwn2Own contest, where security researchers competed to exploit vulnerabilities in web browsers, while Firefox, Safari, and Internet Explorer were all successfully compromised. Microsoft argues that Chrome only remained unscathed because nobody attempted to exploit it, but the fact remains that none of the researchers had vulnerabilities for Chrome in mind before going into the contest.

Everyone with half a brain can see it for what it is.

Chrome has an abysmal security record.

Hopefully they can get this right next time around now that the've been shown a lesson.

Microsoft got one thing right - I would never, ever recommend any of my friends and family to use IE. Using IE is the worst fate, that even my enemy should be spared from.

Even though this plug-in has obvious benefit to some it is going to allow a lot of el cheap-o companies to extend the life of their Windows 2000 workstations.

What I'd really like to understand is the meaning of "crap" in this context. Microsoft was criticized for IE6 stagnation, so it re-formed the team and got to work. It was criticized for not having tabs, so it did tabs. Then it was criticized for not being perfectly standards compliant, since IE5/6 predated the standards. So it worked on standards. And then it was criticized for that not being the default, so it broke IE5/6 compatibility - a huge leap in the dark - and shipped IE8, which gave everyone what they wanted, and struggled to gain any users in the process. Now IE is just "crap." Not a good analysis of a clear deficiency, just "crap." I don't work on IE, but I feel really bad for those guys right now. They've tried hard to give people what they want, and the result is just dismissive, unconstructive criticism. Really, if you, the reader, want to see further standards compliance in IE, the best thing you can do is use IE8 to send a clear message that if Microsoft embraces standards, you will embrace Microsoft.

Here is a short list where IE falls short: http://en.wikipedia.org/wiki/Acid3#Standards_tested IE8 incorporates only about 20% of that lot. Google Chrome Frame incorporates 100%. The reason why IE does NOT incorporate those standards? It is pretty simple, really. If IE incorporated those standards, there would be no need for Silverlight (or Flash for that matter).

"Here is a short list where IE falls short: http://en.wikipedia.org/wiki/Acid3#Standards_tested IE8 incorporates only about 20% of that lot. Google Chrome Frame incorporates 100%. The reason why IE does NOT incorporate those standards? It is pretty simple, really. If IE incorporated those standards, there would be no need for Silverlight (or Flash for that matter).

Microsoft previously got itself into trouble with IE4/5/6, trying to support things not fully standardized, ultimately resulting in a perception of non-standards compliance afterwards when the standards arrived. They are trying not to repeat a past mistake.

SVG 1.1 became a W3C Recommendation on January 14, 2003.

Other browsers are taking a different approach. FireFox 3.5 implements HTML5 video, for example, and did so before it was decided which codec(s) to use. A standard tag without a standard codec is not terribly useful. Obviously in the coming years we'll discover whether FireFox implemented video support "correctly" or not. This example is not isolated. Firefox, Chrome and Safari have all implemented standards that are not yet standards. It will be interesting to see what the state of things will be five years from now; it's very unlikely that all of these implementations will be conformant with the final standard.

Do try to keep up with things.

"Do try to keep up with things.

Which they could have done anyway by installing another browser such as Firefox,

Your theory is possible, although the official stance of the IE team is that Acid3 includes requirements that are not yet defined standards (HTML5, CSS3, etc.)

You claim that Microsoft doesn't follow standards but you are aware that IE8 renders strict W3C standards by default, don't you?

So don't you mean that while they support current W3C standards you feel they should support more?

What you should have specifically said is that IE8 doesn't pass the Acid 3 test,

which contains draft CSS3 elements that may in fact be changed or removed in the final proposal.

Standards tested

The following standards are tested by Acid3:

* DOM Level 2 Traversal (subtests 1â€"6)
* DOM Level 2 Range (subtests 7â€"11)
* Content-Type: image/png; text/plain (subtests 14â€"15)
* handling and HTTP status codes (subtest 16)
* DOM Level 2 Core (subtests 17, 21)
* DOM Level 2 Events (subtests 17, 30â€"32)
* CSS Selectors (subtests 33â€"40)
* DOM Level 2 Style (subtest 45)
* DOM Level 2 HTML (subtest 60)
* DOM Level 2 Views
* ECMAScript GC (subtests 26â€"27)
* Unicode 5.0 UTF-16 (subtest 68)
* Unicode 5.0 UTF-8 (subtest 70)
* HTML 4.0 Transitional (subtest 71)
* HTML 4.01 Strict
* SVG 1.1 (subtests 74, 78)
* SVG 1.1 Fonts (subtests 77, 79)
* SMIL 2.1 (subtests 75â€"76)
* ECMAScript Conformance (subtests 81-96)
* Data URI scheme (subtest 97)
* XHTML 1.0 Strict (subtest 98)
* HTTP 1.1 Protocol

Here we have people calling IE "crap" for not following draft standards that may not even be part of a proposal that in itself is merely a suggested guideline.

Funny how that is rarely noted.

Of course why bother stating the details when you are ideologically driven and just want people to use something other than IE.

Why not just state that you just plain don't want an MS browser to be dominate? It's intellectually honest at least and you'll find plenty of support.

Google Chrome Frame replaces the crap Trident rendering engine and their 1999 JavaScript engine with WebKit and V8.

Sorry, but there is no CSS3 tests there, the only CSS tests are CSS 2.1.

Since I have supplied the details, don't you look more than a little silly now?...I don't suppose I am ever going to get an apology from you, am I? Oh well, c'est la vie.

" Chrome has an abysmal security record.

"Which they could have done anyway by installing another browser such as Firefox,

Well I think you have learned a lesson in not putting too much faith in wikipedia.

Funny how your post was modded up and mine down even though the Acid 3 test clearly contains CSS3 elements:
http://www.webstandards.org/action/acid3

Interesting how your position has gone from "doesn't embrace standards" to "supports a subset" in a few paragraphs.

Since IE8 supports HTML 4.01 strict please tell me what you mean by IE only supports a subset.

IE8 incorporates only about 20% of that lot.

There are a very few tests in the acid3 suite that are not yet finalised W3C standards.

However, if one were to make a browser that passed only the acid3 subtests for standards that have been established for over, say, five years ... then one would still socre over 90 on the acid3 tests.

Right, but if there is even one vulnerability in WebKit, it is a vulnerability that would not have been there had the WebKit plugin not been installed. That is the genius of Microsoft's statement. It doesn't matter that WebKit makes IE more secure than it is now.

Google barks back at Microsoft over Chrome Frame security
Defends plug-in, says it makes IE more secure, not less.

Google hit back at Microsoft today, defending the security of its new Chrome Frame plug-in and claiming that the software actually makes Internet Explorer (IE) safer and more secure.

Microsoft shills are on the way.

Interesting how the first posts never see such stupid and beside-the point-replies from Microsoft shills.
I guess they have a list which news outlets they have to shill first. Slashdot gets shilled first (has probably higher number of readers), and only after some time osnews is "worked on".