Daniel Eran Dilger
Random header image... Refresh for more!

Google sneaks WebKit HTML 5 support into Internet Explorer

Chrome Frame install option

Prince McLean, AppleInsider

Rather than waiting for Microsoft to implement HTML 5, Google has released a plugin for Internet Explorer 8 that injects its own WebKit rendering engine, resulting in a ten fold performance boost for JavaScript.

Google sneaks WebKit HTML 5 support into Internet Explorer
.
A report by Gregg Keizer in Computerworld said that installing Google’s plugin resulted in an average speed improvement that was 9.6 times faster than IE 8 alone, based on SunSpider JavaScript benchmarks.

Google recommends the new IE plugin, called Chrome Frame, to any users who aren’t able to install an alternative browser. With the plugin installed, IE’s own Trident rendering engine continues to render web pages until it either encounters HTML 5 or is manually prompted by the user to render like the native Chrome browser.

In addition to being much faster at executing JavaScript, Chrome Frame’s WebKit rendering engine also provides IE with support for new HTML 5 features, which are required to run an emerging crop of advanced web applications. WebKit also powers Apple’s Safari browser and the mobile version of Safari used on the iPhone and iPod touch.

One example of an advanced HTML 5 web app is Google Wave, a collaboration toolkit for building dynamic browser apps that enable rich communication features between users. Google Wave invites IE users to download the Chrome Frame plugin, or alternatively download a browser than can render HTML 5 natively, including the full version of Chrome, Safari 4, or Firefox 4.

Chrome Frame install option

Google has worked closely with Apple, Mozilla, and Opera to flesh out HTML 5 as a detailed specification that any browser developer can use to build support for rich Internet apps based on web standards that don’t require additional middleware such as Adobe Flash or Microsoft’s Silverlight.

Google recently commended Microsoft for initiating constructive participation in the HTML standard, but clearly wants to widen adoption of HTML 5 as rapidly as possible. By offering a plugin for IE, Google can deliver its own HTML 5 support within the browser right now.

In a Google blog posting, Wave developers explained, “Google Wave depends on strong JS and DOM rendering performance to provide a desktop-like experience in the browser. HTML5’s offline storage and web workers will enable us to add great features without having to compromise on performance. Unfortunately, Internet Explorer, still used by the majority of the Web’s users, has not kept up with such fairly recent developments in Web technology. Compared with other browsers, the JavaScript performance is many times slower and HTML5 support is still far behind. Likewise, the many different versions of IE still in use — each with its own set of CSS quirks and layout limitations — further complicates building rich Web applications.

”In the past, the Google Wave team has spent countless hours solely on improving the experience of running Google Wave in Internet Explorer. We could continue in this fashion, but using Google Chrome Frame instead lets us invest all that engineering time in more features for all our users, without leaving Internet Explorer users behind.“

IE 8 families at risk

Microsoft responded to the release of Chrome Frame by claiming that Google’s new plugin makes IE 8 less secure. In a comment made to Ars Technica, Microsoft said that installing the plugin ”is not a risk we would recommend our friends and families take.“

Despite a variety of Microsoft-sponsored research that has recently declared IE 8 the most secure browser (exclusively in terms flagging suspect URLs a user decides to visit), most IE users are still using IE 6, followed by IE 7, both of which are know to expose users to more serious security issues that any modern competitors. That means most IE users will enhance their relative security by either installing the Chrome Frame plugin or downloading Chrome 3, Safari 4, or Firefox 4 to use instead.

Users of IE 8 will have to weigh the value of Microsoft’s security mechanisms designed to protect them from (mostly) overt phishing attacks or (the rare) vulnerability exploits in the wild against the benefits of HTML 5 and Google’s 10 times faster JavaScript performance.

Additionally, since HTML 5 is designed to replace Flash and Silverlight, any studies recommending a web browser solely on the basis of security will need to factor in all of the security vulnerabilities in Flash and Silverlight against using a browser that does not need them to render rich web applications. The reports Microsoft cites in favor of IE 8 do not.

  • http://eliteconceptual.com JasonBee

    There’s been a lot of positive and negative chatter on this topic all over the place. While I’ve not looked into the “security” complaints in any great details (MS Claims it introduces new holes and widens the exploit surface), I think it’s a brilliant idea and forces MS’s hand: either put up or shut up. Google is forcing MS to comply with agreed upon standards by offering to bypass their rendering engine on participating sites.

    If IE can score 90+ on the ACID3 tests and at least pretend to work with modern standards, perhaps we’ll all be better off.

    These day’s I can’t be bothered by any browser that doesn’t score high on the main standards verification tests out there.

  • http://crankyoldnutcase.blogspot.com/ The Mad Hatter

    Of course the question is, do you trust Microsloth on security? If you do, you’re a fool. An excellent (if somewhat profane) article about Internet Exploder 8 can be found here. Do not read it while you are drinking.

  • http://crankyoldnutcase.blogspot.com/ The Mad Hatter

    Oh, and as an aside, we keep hearing about the test that was done which showed that Microsoft Internet Explorer, Mozilla, Firefox,
    and Opera
    were less stable than Internet Exploder. What everyone forgets to mention is:

    1) This test was done in 2004.
    2) The browser versions were not mentioned (which is suspicious).
    3) The wording used sounded like a troll

    Anyway, mention of this test keeps popping up here and there so regularly, you have to wonder if Microsloth is paying for it.

  • http://eliteconceptual.com JasonBee

    I think you have a point, but it has no bearing nor any impact on the current reality. IE in all it’s glory rules the roost for what it’s worth because there are so many PCs out there.

    We’re in a post-OS world to some degree. Noone *really* cares what they’re using on the desktop when they use the web. They just want their YouTube to work G*Dammit! When Google Wave hits…I’ll be saying the same thing. I work on everything…Windows (Work), Mac (Consulting and Work), and all the Linuxes and Unixes I get the invitation to look at. Can’t it just work? Security is a commodity issue. Stop highlighting Microsoft’s failure and just let them deal with it or fade away. All that hot air just perpetuates the positions.

    BTW, I am a senior systems admin type for a large government operation, and our windows users in my own area number over 250. Our at-large unit’s count is ~1300, and they reside within a larger Active Directory+Novell eDirectory integrated pool of upwards of 20’000 PCs. IE is the *defacto* browser in this organization and it is not easy to make any changes BECAUSE of the fact that so many web apps and intranet sites rely on the particular tools suited to IE 6. Not IE 5 or IE 7, IE 6. It’s a major issues that no amount of bitching will change, and if you think it’s easy to make such changes you are are like you say, a fool. Large boats make big changes slowly and at great cost.

    Our only security issues have to to with our AV vendors missing a virus here or there and finding that they’ve run amok internally every 4 or 5 months undetected. All of our security is manage at the firewall and gateway. We don’t just need IE goofing up to run into those issues when there are other vectors to worry about. I agree that trusting anyone is silly, but I suppose you know exactly how many issues that Linux, the Cisco OS, Solaris and AIX may have relative to their installed base? Perhaps we can launch into a complicated discussion on the relative merits of a windows based architecture and how easy it is to hire cheap and easy to find staff to man that ship? If you build a corporation from scratch you may find that dollar for dollar you would end up with windows too! You have to hire labour to run the place, my friend.

    There’s more to the argument of moving off of IE than there is room to discuss here. What is really interesting is that Google has found a simple, and important way of bypassing the argument of browser ‘X’ vs ‘Y’ in one fell swoop. They’ve just sliced the Gordian knot in two.

    As such perhaps everyone can stop arguing the whys and wherefors of various platforms…which is to say we can stop playing the role of fanboys and merely move on. Id like to see a fanboy matchup between SMTP, IM, and Google Wave proponents. Let’s move onto the next phase of cloud computing and watch the neat new stuff come into being. With a concrete method to have IE clients get access to HTML5 capabilities I can GUARANTEE you we will be looking at installing this plug-in enterprise-wide once it passes muster.

    We still “trust” Microsoft, but we’re practical and look at all options. try that hat on! It’ll save us some bile.

  • gus2000

    Oh. How embarrassing. It’s like filling Pepsi bottles with Coke, and having it sell better.

    I think IE is sliding into irrelevancy. I don’t use it anymore, ever, even though I’m chained to a WinPC at work.

  • http://crankyoldnutcase.blogspot.com/ The Mad Hatter

    I think you have a point, but it has no bearing nor any impact on the current reality. IE in all it’s glory rules the roost for what it’s worth because there are so many PCs out there.

    In that case why do we see complaints out there about websites that don’t support Internet Exploder?

    We’re in a post-OS world to some degree. Noone *really* cares what they’re using on the desktop when they use the web. They just want their YouTube to work G*Dammit! When Google Wave hits…I’ll be saying the same thing. I work on everything…Windows (Work), Mac (Consulting and Work), and all the Linuxes and Unixes I get the invitation to look at. Can’t it just work? Security is a commodity issue. Stop highlighting Microsoft’s failure and just let them deal with it or fade away. All that hot air just perpetuates the positions.

    Actually it’s necessary to explain Microsloth’s failures, since so many people don’t know about them. For example have you ever noticed that articles about Virii never mention that the only operating system affected is Windows?

    BTW, I am a senior systems admin type for a large government operation, and our windows users in my own area number over 250. Our at-large unit’s count is ~1300, and they reside within a larger Active Directory+Novell eDirectory integrated pool of upwards of 20′000 PCs. IE is the *defacto* browser in this organization and it is not easy to make any changes BECAUSE of the fact that so many web apps and intranet sites rely on the particular tools suited to IE 6. Not IE 5 or IE 7, IE 6. It’s a major issues that no amount of bitching will change, and if you think it’s easy to make such changes you are are like you say, a fool. Large boats make big changes slowly and at great cost.

    I would expect the cost of maintaining the system to be more than the cost of replacing it.

    Our only security issues have to to with our AV vendors missing a virus here or there and finding that they’ve run amok internally every 4 or 5 months undetected. All of our security is manage at the firewall and gateway. We don’t just need IE goofing up to run into those issues when there are other vectors to worry about. I agree that trusting anyone is silly, but I suppose you know exactly how many issues that Linux, the Cisco OS, Solaris and AIX may have relative to their installed base? Perhaps we can launch into a complicated discussion on the relative merits of a windows based architecture and how easy it is to hire cheap and easy to find staff to man that ship? If you build a corporation from scratch you may find that dollar for dollar you would end up with windows too! You have to hire labour to run the place, my friend.

    Linux, OSX, and Unix don’t have the same problems as Windows has, because they were designed to be secure from the start. Only Windows has those problems. Only Windows.
    You see, I’ve already been through this, starting my own business. Windows is more expensive when you factor in support and anti-virus.

    There’s more to the argument of moving off of IE than there is room to discuss here. What is really interesting is that Google has found a simple, and important way of bypassing the argument of browser ‘X’ vs ‘Y’ in one fell swoop. They’ve just sliced the Gordian knot in two.

    As such perhaps everyone can stop arguing the whys and wherefors of various platforms…which is to say we can stop playing the role of fanboys and merely move on. Id like to see a fanboy matchup between SMTP, IM, and Google Wave proponents. Let’s move onto the next phase of cloud computing and watch the neat new stuff come into being. With a concrete method to have IE clients get access to HTML5 capabilities I can GUARANTEE you we will be looking at installing this plug-in enterprise-wide once it passes muster.

    Yes, it should be interesting.

    We still “trust” Microsoft, but we’re practical and look at all options. try that hat on! It’ll save us some bile.

    You poor bastards.

  • gus2000

    “IE in all it’s glory rules the roost…”

    Ummm yeah, no. The current version IE8 has a share of 10% of the market. If you include the previous version AND the one before that and add them together, IE is still below FireFox at 48%.

    Browser Stats

  • http://eliteconceptual.com JasonBee

    In that case why do we see complaints out there about websites that don’t support Internet Exploder?

    I agree with you…you’re just confirming the situation. Doesn’t make it right or nice, but that’s where we are. To steal a catchphrase from Microsoft itself…”Where do you want to go today?” That’s the strategic thinking required now.

    Once the solution Google has create is pronounce safe enough (external testing agencies like Sophos and the AV providers), ways will be found to prompt users to install the Google frame solution. It will just be slipped in as a “fix” to make “broken” sites work in IE. Users will dutifully install the software like every other piece of crap they normally install when IE throws up a warning to install a new plugin. However the end result will provide a net benefit and if it succeeds users may be tempted to “try” the browsers Google suggests. I can see the tag line now: “You’ve experienced the speed of Google Chrome/Firefox/Safari, why not try the real thing?”

    Actually it’s necessary to explain Microsloth’s failures, since so many people don’t know about them. For example have you ever noticed that articles about Virii never mention that the only operating system affected is Windows?

    Because it’s not true. The MAIN system affected is windows. Wait for it…it will come to the Mac. But albeit in s far smaller way. But don’t count out the ingenuity of the virii authors. Their business is far too valuable to leave unchallenged (billions and billions worth). Their methods will morph into something else if windows diminishes on the desktop. Yes windows is the main system affected, but we also only report pandemics mostly when people get sick, not geese, elephants, or blue whales. It’s your point of reference that matters. For most they don’t see anything other than windows so pointing it out is like saying the sky is blue…the sky isn’t blue on the space station, but we’re not all there either are we?

    I would expect the cost of maintaining the system to be more than the cost of replacing it.

    See rationale above…in our organization total cost of ownership isn’t an issue when migrating to something else would cost 1000% of the cost of staying on windows and moving to Windows 7. We’ve crunched the numbers. Seriously. When you are in charge of a 2 billion dollar IT budget the other costs blur the lines enormously. Windows is known, the staff are easy to find, and well, hiring Mac techs is not a possibility because they’re not out there. Retraining is not easy either because for some admins…they’d have to start over…no more CMD scripting no more VBS or MS Access…they’d have to move to a wholly new form of work…using Bash, Python, Perl, and what…MySQL/PostGresSQL/Oracle??? It’s the ecosystem you are replacing and quite frankly it works fine…even if the security end is somewhat borked. Oh and you’d have to retrain every staff member in sight, including the Trainers who only know MS PowerPoint. Putting that kind of request to a corporate board would be career suicide. Honestly.

    Linux, OSX, and Unix don’t have the same problems as Windows has, because they were designed to be secure from the start. Only Windows has those problems. Only Windows.
    You see, I’ve already been through this, starting my own business. Windows is more expensive when you factor in support and anti-virus.

    Yes but again, it’s the ecosystem built on top of it that matters. You’re only looking at one part, albeit a very important part.

    Yes, it should be interesting.

    I’ll let you know how it goes.

    You poor bastards.

    I know! ;)

    But don’t forget the dependencies…I have heard and read many believable comments that part of the rationale for killing off the electric car was the fear that the after-market for auto parts, and auto fuel would suffer during the transition.

    Pay attention to the chain of dependencies. Transition is hard!

    Same goes for wind and solar power. A family member of mine was party to a meeting in an coastal African country years ago regarding the possibility of creating independent communities using solar wind and water options. An argument, put forward by a local authority, was that it was not a good idea because by doing so they would *sever the dependencies* that allowed certain economies to function – namely people made good money serving poor or desperate communities with power and fuel…severing that link was tantamount to severing trade ties…and in some circles severing trace ties is an act of aggression…ergo war. As much as it would have been nice to make peace and love by giving those people free power and water, the idea was ignoring important channels of control, which governs how the world functions. It was the control that mattered, and yes the project never went anywhere. The history of the world is littered with tales of war and conquest all caused by fights over trade routes and the stuff being traded. The computer world is no different.

    Microsoft has only so many ties binding its users to its products. They will not sit still and let this one go. It may be time to drop the silly name calling…a war could be brewing which requires clear thinking on all sides.

  • http://eliteconceptual.com JasonBee

    Ummm yeah, no. The current version IE8 has a share of 10% of the market. If you include the previous version AND the one before that and add them together, IE is still below FireFox at 48%.

    Browser Stats

    Lies damn lies and statistics ;)

    http://en.wikipedia.org/wiki/Usage_share_of_web_browsers

    I don’t know where your link gets its data…could be from a sample of sites. From the analytics data I have from a few sites I run where the sample size is around 10k unique users the slant is more towards IE (all flavours please – notice now your link doesn’t break FireFox and Safari into component versions?), I’d be inclined to throw your source away due to the lack easily identifiable source data. They have this posted below the table BTW:

    “These facts indicate that the browser figures above are not 100% realistic. Other web sites have statistics showing that Internet Explorer is used by at least 80% of the users.

    Anyway, our data, collected from W3Schools’ log-files, over a five year period, clearly shows the long and medium-term trends.”

    I can’t speak for anyone else, but my data does show that IE rules for our visitors. In my day-job place of work we’re 100% IE 6 on 20k plus desktops. Period. I’ve personally prefer Firefox, but we can’t roll it out because so many intranet pages have malformed comment tags that using FF would “break” our intranet.

    Citing stats won’t change anything though…I’d still like to see all those IE users with Google Frame at some point. It just has to *work*.

    Problem solved.

  • digital-express.de

    After Adobe has launched ATM for Windows, DTP has arrived on DOS-boxes. Now we’re watching Google seeding state of the art technology on DOS-boxes. Let’s see what happens NeXT.

  • http://crankyoldnutcase.blogspot.com/ The Mad Hatter

    Today I came across Microsoft’s comparison chart for the browsers Internet Explorer 8, Firefox, and Chrome. I almost shit my fucking pants to be honest.

    To start things off, here is a link to the comparison chart.

    1) Security: Internet Explorer 8 takes the cake with better phishing and malware protection, as well as protection from emerging threats.

    If you consider bombarding me with warnings every 3 seconds and bloating the browser with so much useless malware bullshit that it slows down to the speed of narcoleptic, mentally retarded sloth, a “FEATURE”, then yeah I guess. If malware and phishing protection were actually important, chrome and firefox would have it too… but it’s not important, because anyone with half a brain knows to put anti-virus on their computer (people who don’t deserve to get viruses anyways).

    You can read the hole thing if you click on it.

    Oh, and as to W3Schools, they do training in Web Building so I would expect visitors to be more knowledgeable about browsers (i.e. they know that more than one exists). I just wish their numbers were more granular, it could be nice to know what versions of Firefox, Opera, and Safari are being used as well.

    2) Privacy: InPrivate Browsing and InPrivate Filtering help Internet Explorer 8 claim privacy victory.

    Again, you would have to be a retarded fucking cunt-nozzle to not know how to clear history/cookies. The ONLY reason Microsoft offers these features is so that you can cover your tracks after looking at child porn and rape videos (that’s right Microsoft employees, I’m looking at you). If you are really concerned about privacy, plug-ins can be added to the better browsers. Since these settings are off by default in internet explorer (and you have to change them EVERYTIME you start a new session… sidebar, who the FUCK is going to remember to do that?) it’s about the same amount of work to just grab a plug-in. Looking at the firefox add-ons page, I see that there is 464 security add-ons Suck my fat dick IE.

  • http://eliteconceptual.com JasonBee

    For everyone…a great synopsis of the issues surrounding IE 6 users:

    http://www.krotscheck.net/2008/11/23/why-were-stuck-with-ie6-for-the-forseeable-future.html

  • http://www.sistudio.net studiodave

    As soon as I get around to it I am going to set my web site up so that it detects IE and warns you to upgrade to a safer browser like Firefox or Safari and deny access to the site with IE anything.

  • http://www.sistudio.net studiodave

    I decided to see what my own traffic was and this just in the browser stats for my web site are,

    Perc. Browser Name Version
    51.40% Safari 4.0
    13.20% Firefox 3.0
    8.40% Firefox 3.5
    5.80% IE 8.0
    4.80% Safari 3.0
    4.60% IE 7.0
    4.20% IE 6.0
    1.40% Mozilla 1.9
    1.20% Safari 3.2
    1.00% Safari 3.1
    1.00% Chrome 2.0
    0.80% Firefox 2.0
    0.80% Google Webmaster Tools
    0.40% AOL 6.0
    0.20% Chrome 1.0
    0.20% Opera 9.6

  • http://www.adviespraktijk.info Berend Schotanus

    HTML 5 FTW

  • http://crankyoldnutcase.blogspot.com/ The Mad Hatter

    Studiodave,

    Interesting numbers. Now, I’m guessing that you might be popular with geeks, based on the popular browsers. Just curious, what is your site?

  • http://eliteconceptual.com JasonBee

    studiodave,

    How many total hits are those numbers made up of? I have similar numbers for a few of my sites…total hits over 30 days = 500. Ergo the Safari slant is due to my own household hitting the site and slanting the results. Numbers help…as they spread the statistical or user bias out a bit.

  • http://www.sistudio.net studiodave

    Well, Jason, I have my IP excluded from the stats but it is for the month or the last 500 using Statcounter free account.
    Mad Hatter, sistudio.net it’s for video editing and stuff. simple and fun.
    I average 1,000 hits per month.

  • http://www.transchristians.org Ephilei

    Chrome Frame uses IE’s official APIs. If MS thinks that’s unsafe, then it’s IE’s falt for having a plugin system that makes it so. Naturally, they don’t complain about Flash or Silverlight or Java which do exactly the same – plugin to IE per website request and display info from that site.

    Actually, I bet IE+Chrome Frame is safer than without, even on IE8. Frame doesn’t double the attack surface area, as MS said, it replaces one surface with an equal one. When IE uses Frame, it uses Webkit and ditches Trident. So any security holes in Trident are avoided. It comes down to which is safer: Webkit or Trident? Given Webkit is open source, employs sandboxing, and Google updates much faster than IE8 (on startup vs once a month), I’m betting Webkit.

    As an IT support person with mostly IE (due purely to not wanting to teach our users differently), I’d love to install Frame everywhere and have IE use that by default, if only that were possible.

  • ShabbaRanks

    JasonBee sounds like a nice guy sadly stuck in the Microsoft ecosystem. Once you get billions of dollars deep I think it would be very painful to extract yourself regardless to motivation.
    What some don’t realise is that, in business, Microsoft’s biggest strength is the years the spent abusing their monopoly position. They spent those years well, creating a relatively self sustaining ecosystem where people had to invest lots of time and money in Microsoft products and, like a finger trap, now find it really painful to get out.

    The ecosystem is self sustaining also through the work of others who are dependant on the flaws in Windows to sustain their own businesses. e.g. Security experts and AV companies. They want their customers to stay with Microsoft products so they can sell them advice and support. This sustains the Windows ecosystem but now has become a force for the status-quo, meaning Microsoft is now reliant on these support companies to advise their clients it’s safe and appropriate to upgrade to the newest Windows. Something Microsoft likely didn’t see coming.
    Thankfully, if the entrepreneur behind a new business is savvy, they will likely find that the Microsoft ecosystem is bloated and expensive and try alternatives which can be significantly cheaper. Sadly, those reliant on Windows only software and those already balls deep in the Windows ecosystem will find this very difficult to change.