Like Techgeist? Donate.
Need to Contact Us? Read This. Also, find out more about us on the About page.
Search
Advertisement
Highlights
Advertisement
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009

    • Google And Microsoft Squabble Over Chrome Frame

    By Michael Klurfeld on September 26, 2009

    chrome frame internet explorerThe Story

    After Google released the Chrome Frame plugin for Internet Explorer, Microsoft released a statement saying that the plugin makes the browser less secure. According to Microsoft, Chrome Frame has “doubled the attack area for malware and malicious scripts” in that it subverts security measures Microsoft developed for Internet Explorer 8.

    Now Google has come out and refuted those claims. For example, both IE7 and IE8 have sandboxing features similar to Chrome’s, but they only work in Windows Vista. To get these features at all in Windows XP requires Chrome Frame or a browser with those features.

    Google also stated that the best thing for users to do is to install and use a browser that isn’t Internet Explorer.

    While we encourage users to use a more modern and standards-compliant browser such as Firefox, Safari, Opera or Chrome rather than a plug-in, for those who don’t, Chrome Frame is designed to provide better performance, strong security features, and more choice … across all versions of Internet Explorer.

    What Microsoft Isn’t Saying

    Microsoft’s assertion that Chrome Frame doubles the attack area is a bit misleading. In a sense it does, but only in that it provides two browsers for hackers to go after. If you’re running Chrome Frame, you’re vulnerable to exploits for both Chrome and Internet Explorer. This is misleading because IE6 is far more exploitable than Chrome. To say that vulnerability has doubled is to suggest that Chrome is just as vulnerable.

    What Google Isn’t Saying

    This is a fun bit of analysis to do. Chrome Frame doesn’t make for a browser which is twice as exploitable. And yet Google chose to present new information rather than to call Microsoft’s bluff.

    The reason for doing this is because Google simply doesn’t want to say publically that yes, Chrome does have exploits. When Microsoft issued its statement, it used some very clever language which only acknowledges IE’s vulnerabilities in a very passive and ancillary way. But to deny Microsoft’s claim, Google would have to talk about Chrome’s weaknesses. In a lot of ways, that’s not wise.

    Despite all of this beating around the bush, at the end of the day, you’re better off running Chrome Frame in IE6 than just running IE6. But as Google says, just install a real browser like Firefox.

    Share
    Icons by chethstudios.
    You can comment either manually filling in your personal information, or you can use your Facebook Account to fill in the information for you. Just click the button below to sign into Facebook.
    Have Nothing To Say? Share this article with your friends using one of our share buttons above.

    Leave a Comment.

    Comments

    1. September 26, 2009 at 1:15 pm
      cgrymala

      The bottom line, though, is that still no one cares. If anyone is still using IE6, they obviously don’t care about security. Microsoft pushed IE8 out as a high-priority update because of the security flaws in IE6 and 7, but IE6 is still the most popular browser in the world (last I heard).

      As far as I can tell, they’re all just blowing smoke.

    Leave a Reply



    Copyright © 2009 NextTech Group.