Monday, September 28, 2009

Microsoft believes Google Chrome Frame lowers security of IE

ms_masthead_ltr Google's recent release of Google Chrome Frame wasn't entirely expected, though that's not to say it wasn't welcome. Some people questioned the usefulness of it, whilst others were overjoyed. Regardless of public opinion, it was to be expected that Microsoft wouldn't be entirely pleased about the whole idea, and they've just given their official thoughts on the software, according to the lads at Ars Technica.

To give you a quick overview of Google Chrome Frame, the aim is for it to give Internet Explorer the rendering and javascript engines of the Chrome browser, which is of benefit to web developers and obviously users also. However, with great power comes great responsibility, and in this case, Microsoft believes that the security of its web browser has been compromised. In an email to Ars Technica, Microsoft stated, "With Internet Explorer 8, we made significant advancements and updates to make the browser safer for our customers. Given the security issues with plugins in general and Google Chrome in particular, Google Chrome Frame running as a plugin has doubled the attach area for malware and malicious scripts. This is not a risk we would recommend our friends and families take."

In short, Microsoft believes that the Chrome Frame doubles the risk to a user when browsing the Internet. This is, quite simply, a bit ridiculous. Ars Technica said, "Somehow we doubt there is a significant amount of malware specifically targeting Chrome, and for whatever exists, we're pretty sure most would fail when encountering IE + Google Chrome Frame. These Web attacks would be written to be able to circumvent Chrome's security measures and would simply not expect Internet Explorer's security layers," which makes sense. To add to that, Google is constantly updating its browser with security updates and other features, to ensure that it stays secure for those who use it.

There are many reasons as to why Chrome Frame isn't as big of a security risk as Microsoft makes it out to be, though no software is perfect. It will be interesting to see if Google has anything further to say on the matter, but they'll probably keep quiet from this point on.

 

source: www.neowin.net

No comments: