Thursday, September 11, 2008

The second browser war GOOG vs MSFTie

"Chrome amounts to a declaration of war—albeit a pre-emptive one, in Google’s mind—against Microsoft. So far, Google has been coy about admitting the rivalry (whereas Microsoft, especially its boss, Steve Ballmer, is obsessed with it). In web search and advertising, Google dominates—roughly as Microsoft does in operating systems and office applications. To the extent that Google has challenged Microsoft’s core business, it is through Google Docs, its online word-processing, spreadsheet and presentation applications. But these, so far, have few users.
Google’s fear has always been that Microsoft might use its grip on people’s computers and browsers to tweak the default settings so that Google’s search engine and other services were disadvantaged. This, after all, is how Microsoft behaved in the 1990s, when it crushed Netscape, an early pacesetter in the browser business. "


Anonymous said...

Let's start with the issue of speed: My first impression was that Chrome was about as fast as Firefox and maybe just a hair faster than Internet Explorer. In a sense that's true - at least on my PC. I can't operate a stopwatch fast enough to measure the performance difference between Chrome and the two other popular browsers, but Chrome does seem snappier.

Using a browser today reminds me of using PCs back in the days when hard drives and processors were slower. Sometimes you'd have to wait three, four or five seconds for something to happen and felt good when you could reduce that to a second or two.

It's not as if those few seconds made any real difference in your day, it's just the psychological aspect of getting instant gratification rather than having to wait even a short time. We can all relate to that when we're stuck at a traffic light that slows us down a tiny bit - not enough to make us late but enough to make us feel frustrated and held back.

One very cool aspect of Chrome that's gotten little attention is the way it respects screen real estate. In addition to keeping the interface simple and clean and devoid of too many icons, tool bars and even menus, the browser allows you to move tabs from the main window to separate windows and then move them back. At first I didn't appreciate that feature, but now find it awesome.

When using Firefox or Microsoft's Internet Explorer, there are times when I decide to open a page in a new window instead of a new tab because I want to be able to see it and another page at the same time. Typically, I then move away from that page and forget it's there, which results in lots of windows cluttering my screen. With Chrome you can open a new page in a tab and - if you later want it in a separate window - you can drag it away. And you can later drag it back to consolidate it with other tabs.


Anonymous said...

TWeb browser acts as a keylogger through its OmniBox.

Chrome's EULA (end-user licensing agreement) gives Google a perpetual, irrevocable, worldwide, royalty-free, and nonexclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content which [users] submit, post, or display on or through the Services [meaning the browser]"

Anonymous said...

tough act to follow....

Anonymous said...

Yesterday, I wrote about the war -- more like the Armageddon -- that's on the verge of eruption in the mobile space. Given how critical third party software developers are to the strategic success of any platform ecosystem, we can fully expect Apple, Google (NSDQ: GOOG), RIM (NSDQ: RIMM), Sun (with Java), the Symbian Foundation, Adobe (NSDQ: ADBE) and others to fight tooth and nail for every mobile developer on the planet. More than one will succeed. But not all. Or, might it not matter? The answer could very much depend on how exactly Google plays its cards with Android, Chrome, and Gears. Consider this.

For those of you who are deeply familiar with Android, Chrome, and Gears, here's the punchline so you won't have to read any further: By offering mobile developers an alternative way for making their mobile applications run on handsets, even when no wireless connection exists, Google is paving the way for developers to build browser-based applications that can run on any mobile platform as opposed to having to build separate versions of their applications in order to support those same mobile platforms.

Simply put, software developers want access to volume markets. Given the fragmentation in the mobile platform market, it's not as easy as it was in the original desktop days to pick one platform that can get you access to the majority of the market's volume.

Anonymous said...

I've tried Chrome and am not impressed.

I've heard they have stopped providing late-night dinners.

Anonymous said...

my 2 cents.

feeble attempt to transform a market they can't penetrade

Anonymous said...

Where is Yahoo's innovation?

Anonymous said...

As a security guy, I wondered how well Chrome would prevail against malicious misuse. One of Chrome’s benefits is that it is relatively smaller, code-wise, than its nearest competitors (Internet Explorer, Firefox, Safari, Opera, and so on). Less code could mean less potential exploit vectors and bugs. It will be a year or so before we can see how well it fares overall, but it isn't off to a stellar start.

here were at least three announced Chrome exploits in the first two days. The first exploit showed that Chrome could be tricked into silently downloading executables to local user locations. After this exploit was announced came the expected rash of novice defenses stating that just because something is downloaded to a user's desktop doesn't mean it is executed, and therefore the user is safe. Yeah, right. Apparently you're new to computing and haven't learned that stage one of the exploit (the hardest part) is always followed by stage two, where someone else teaches us how to silently execute that code.

The other shoe that dropped was an exploit discovered by security researcher Aviv Raff. This exploit tricks Chrome into downloading multiple files ("carpet bombing") the user's desktop and automatically launches a JAR (Java Archive) file. Raff claims this is possible because Chrome is running an unpatched version of a browser component called WebKit, taken from Apple's Safari.

You can see a harmless demo of Raff's exploit online. It requires two mouse clicks to kick off, but those sorts of things are pretty easy to do using basic social engineering. Apple patched the WebKit exploit in July of this year, by which time it was already two months old.

A slightly less important DoS attack was announced by Rishi Narang. The proof-of-concept code will crash the entire Chrome browser, all tabs, which is not supposed to happen. According to Google’s Chrome security summary, "each tab [is] in an isolated 'sandbox'… to prevent one tab from crashing another and provide improved protection from rogue sites."

What will another few days bring, when the fuzz testers and Mountain Dew-energized hackers are finished with their analysis?

This is not to pick on Google. Chrome is an interesting browser and making a secure Internet browser is a tough thing to do. Just ask the other major competitors. Having a popular Internet browser means wearing a virtual "kick me" (or, really, "hack me") sign all day long. And the more secure you claim to be, the harder hackers will try to exploit you.

I gave up on perfectly secured browsers after Lynx was hacked a few times. Lynx is an open source, minimalist browser that can do little beyond displaying text. And if hackers can hack that browser, any other browser is going to get exploited. Just to pile on, 20 plus years ago, hackers were able to malform ASCII text files that could manipulate your keyboard and reformat your hard drive after simply viewing the text file. There were called Ansibombs.

If hackers can exploit text files, it is highly likely that they can hack anything more sophisticated. And that is why I never trust new browsers that say they are the "more secure alternative."