Security

Chrome 10: More About Speed Than Security

Search giant Google released its latest Chrome browser Thursday with less emphasis on security, instead touting the new version’s increased speed and JavaScript performance.

“With today’s stable release, even your most complex Web apps will run more quickly and responsively in the browser,” Google software engineer Tim Steele posted on the company blog. “We realize that speed isn’t just about pure brawn — it’s also about saving time with simple interfaces.”

Chrome’s updated interfaces, Steele explained, are designed to end the digging for ways to import bookmarks, change a homepage, find new settings or manipulate links.

“No more long, frustrating phone conversations with your dad on where to find that specific setting in the browser,” Steele wrote.

On the security front, a new password-synchronization feature will allow users to log onto frequently visited websites at different computers, and encrypt those passwords with a secret pass phrase.

On the safety front, an extended Chrome sandboxing technology will reportedly help users avoid malware and malicious Web pages.

The Big Switch

If they switch from Internet Explorer, Firefox or some other browser, consumers and businesses will do so for different reasons, said Harry Sverdlove, chief technology officer for IT security provider Bit9.

“For most businesses, security is still the most important factor, followed closely by central manageability,” Sverdlove told TechNewsWorld. “For consumers, performance likely tops security. The primary uses of the browser at home are often very taxing on a browser, with Flash games and complex JavaScript, so consumers are more sensitive to performance issues and less security-savvy.”

Social media integration and Google’s strong brand recognition may also play a role.

“The ability to integrate with social media in a plug-and-play fashion is certainly a key aspect in choosing which browser to use,” said Ari Zoldan, CEO of Quantum Networks.

“We have also found that name recognition is critical in decision making,” he told TechNewsWorld. “Google continues to lead with the latest and greatest extensions, easiest user ability, and a clever and edgy appeal to the end-user.”

Information Insecurity

Though Google’s Steele mentions Chrome’s latest security features, the issue seems to have lost some momentum, at least among consumers. At CanSecWest’sPwn2Own, for instance, Google’s US$20,000 prize to anyone who could hack Chrome 10 found few takers.

The reduced emphasis on security strikes Joshua Bixby, cofounder and president of performance optimizer Strangeloop, as a marketing issue.

“Security is a difficult proposition for a browser,” Bixby told TechNewsWorld. “Calling attention to all of the potential evil that exists and making people paranoid about browser vulnerabilities does not help Google get ad clicks, Apple get downloads, or Microsoft get people to use their software in the cloud.”

At least partly for that reason, security isn’t always at the top of every priority list.

“Consumers rarely think about security,” said Bit9’s Sverdlove. “Most folks switch browsers almost entirely for performance.”

Among businesses, however, “the browser is widely known to be the most common and most vulnerable entry point for attacks,” Sverdlove explained. “IT organizations, too, are concerned about their risk exposure via the browser.”

Good idea, especially with Chrome. Bit9 studied the browser and found that it had 76 security vulnerabilities, meriting first place on the firm’s 2010 “Dirty Dozen” list of vulnerable applications, followed by Apple Safari and Microsoft Office.

Performance vs. Security

If performance is eclipsing security as the major browser-switching motivator, “it might be because consumers have resigned themselves to security problems, or because they feel they have mitigated the risks with security and patch-management software,” Sverdlove explained.

What’s more, complex websites have made performance more essential, especially as browsers have become more like operating systems “where slowness can impact productivity,” Sverdlove said. “The static model of single clicks and links to new pages has gone the way of bell bottoms and tie-dye shirts. Modern websites have popup menus, drag-and-drop widgets, dynamically expanding/collapsing content and more. This is done with DHTML, JavaScript, Flash and a growing library of technologies, all of which tax the end browser CPU.”

As technology continues to become more taxing, security concerns too may be going the way of tie-dye shirts.

“Several years ago, there was more concern about security,” observed Quantum Network’s Zoldan. “Today, speed and functionality are more of a concern. As browsers become more top heavy with more applications streamed, downloaded and shared, milliseconds turns into seconds, and the overall experience changes dramatically for the end-user.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Mike Martin
More in Security

Technewsworld Channels