Chrome Frame browser plug-in for Internet Explorer seems to have kicked off a war of words between Google and Microsoft. When it comes to security, who do you trust more - Microsoft or Google?
In case you haven't been keeping up with developments, Chrome Frame is a plug-in developed by Google for IE that brings the performance and standards compatibility of the Chrome browser to IE users. To put it another way, Google came out with a plug-in that dramatically improves IE.
But Microsoft isn't taking this lying down. Yesterday the Redmond software giant claimed that Chrome Frame put IE users at risk by expanding the attack surface available to hackers:
"With Internet Explorer 8, we made significant advancements and updates to make the browser safer for our customers. Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts. This is not a risk we would recommend our friends and families take."
Later Google hit back:
"While we encourage users to use a more modern and standards-compliant browser such as Firefox, Safari, Opera or Google Chrome rather than a plug-in, for those who don't, Google Chrome Frame is designed to provide better performance, strong security features and more choice to both developers and users, across all versions of Internet Explorer."
Google is even going as far as to suggest that if you don't trust the code, check it out for yourself:
"We invite all parties with thoughts about Google Chrome Frame to explore our code and provide feedback about this technology [to] the open-source community."
So, who do you trust with your security?
The way I look the Chrome Frame situation right now, I think that it's an interesting idea. Sure, there will be security concerns, but since we're talking about IE here anyway, I'm not sure that I'm falling for the whole "won't someone please think of the children" thing. Other than by installing Flash Player onto a system, it's hard to see a way to make IE any less secure to be honest. And if we're going to go down that whole "friends don't let friends do insecure stuff" then I'm pretty sure that friends don't encourage friends to use IE at all ...
My guess is that Chrome Frame might be just the encouragement that Microsoft needs to make IE better (much better) than it is at present. Given how it fares when it comes to performance, compatibility and security, that shouldn't be too hard.