Google Answers Microsoft Chrome Frame Security Criticisms

Google hit back late yesterday in response to Microsoft’s claims that Google’s Chrome Frame makes Internet Explorer less secure.

Google Chrome Frame is an early-stage open-source plug-in that brings Google Chrome’s open Web technologies, such as the HTML5 canvas tag and JavaScript engine, to Microsoft’s Internet Explorer (IE) browser. Google introduced Chrome Frame on 22 September, stating that it can be used with IE versions 6, 7 and 8.

In response, Microsoft accused Google of expanding the attack surface for IE. Google meanwhile got in a dig of its own as it touted the security of its Chrome browser.

“With Internet Explorer 8, we made significant advancements and updates to make the browser safer for our customers,” a Microsoft spokesperson said Sept. 24. “Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts. This is not a risk we would recommend our friends and families take.”

Part of the issue is that the plug-in seems to undo IE 8’s privacy features. According to Google, however, the plug-in was designed with security in mind from the beginning.

While encouraging users to use a more modern and standards-compliant browser such as Firefox, Safari, Opera or Google Chrome rather than a plug-in, a Google spokesperson said: “For those who don’t, Google Chrome Frame is designed to provide better performance, strong security features and more choice to both developers and users, across all versions of Internet Explorer.”

The spokesperson added that accessing sites with Chrome Frame brings the Chrome browser’s sandboxing and malware protection features to IE users. Microsoft, however, pointed to the results of a recent browser security test by NSS Labs as proof of IE’s security posture. The test was paid for by Microsoft as part of an internal company analysis of IE security. NSS Labs later posted the results for the public.

As the controversy continues, Google is encouraging public involvement in the development of Chrome Frame.

“We invite all parties with thoughts about Google Chrome Frame to explore our code and provide feedback about this technology [to] the open-source community,” the spokesperson said.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

US Finalises Billions In Awards To Samsung, Texas Instruments

US finalises $4.7bn award to Samsung Electronics, $1.6bn to Texas Instruments to boost domestic chip…

3 hours ago

OpenAI Starts Testing New ‘Reasoning’ AI Model

OpenAI begins safety testing of new model o3 that uses 'reasoning' process to ensure reliability…

3 hours ago

US ‘Adding Sophgo’ To Blacklist Over Link To Huawei AI Chip

US Commerce Department reportedly adding China's Sophgo to trade blacklist after TSMC-manufactured part found in…

4 hours ago

Amazon Workers Go On Strike Across US

Amazon staff in seven cities across US go on strike after company fails to negotiate,…

4 hours ago

Senators Ask Biden To Extend TikTok Ban Deadline

Two US senators ask president Joe Biden to delay TikTok ban by 90 days after…

5 hours ago

Journalism Group Calls On Apple To Remove AI Feature

Reporters Without Borders calls on Apple to remove AI notification summaries feature after it generates…

5 hours ago