Google, stop sticking your Chrome Frame in my IE!

December 17, 2017 by  Filed under: Computer 
 

In September, Google announced they were developing a plugin for InternetExplorer that would provide the ability to render a page with Google Chrome ifit contains a tag from the web developer noting their desire for you to use it.Why would developers choose to do this?

Google argues it drags Internet Explorer kicking andscreaming into the future by enabling a faster JavaScript rendering engine,HTML 5, and better CSS and layout handling.  As I began to look into the technological underpinningsof this move alarm bells sounded deep within the security center of my brain.Pagesthat use this tag will bypass add-ons designed to consume content from the IErendering engine.Viewing pages through Chrome Frame effectively disablesadd-ons like our Sophos Web Content Scanning add-on that are designed to securea users browsing experience.  I wasnt theonly one concerned, as a lot of press mentioned Microsofts reaction, and evenbrowser rival Mozillas two cents.Immediately we began to receive inquiries fromcustomers as well.  Colin Coulter fromanimation company Aardman contacted us requesting we add Chrome Frame to ourcontrolled applications list.John Stringer, our product manager who overseesour application list, has notified me that we will in fact be adding thisplugin to our controlled applications in next months release.  Colins reaction to Chrome Frame adds anotherdimension to the discussion of its impact for IT administrators.In Colins emailhe states: It makes our job as a support department that much more difficult.Thethought of a browser running a sub browser via a plug-in! Imagine trying tosupport that if/when it goes wrong?  Thewebification of applications, standards that are evolving at a breakneck pace,and users increasing mobility are creating a very difficult environment foradministrators.We dont need to provide even more ways of increasing the attacksurface and creating nightmare support scenarios.I agree with Mozillas MikeShaver when he suggests users who want access to a fast browser and cuttingedge content should just be encouraged to use a better browser.  Mozilla itself was a victim of this problemwhen Microsoft installed two insecure plugins into Firefox early this yearwithout notice or approval from users.Browsers hijacking browsers? Really? Thesimpler our networks are the easier they are to secure.Google, please stopintroducing more complexity.We expect better of you.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!


You must be logged in to post a comment.

Prev Post:
Next Post: