John PescatoreAnother example of turtles on top of turtles: ComputerWorld has a piece on Google coming out with “Chrome Frame,” basically an IE plug-in to run Google’s Chrome browser on top of Microsoft’s IE browser.
Now, I like the Chrome browser – I’m using it right now. To me, it made a number of steps in the right direction back to the days when a browser was just a browser, not a bloated email/collaboration/kitchen sink package that IE and Firefox turned into. But the idea of of every browser vendor coming out with a plugin so their browser runs on top of every other browser gives me the security willies. I can just imagine Microsoft coming out with an IE plug-in that runs on top of Chrome Frame…
There’s an old game called “PostOffice” where the first person whispers something in the ear of the next person, who then turns to the next in line and whispers what they heard to that person. The results are often hilarious – “Make sure you turn off the stove” often ends up as something like “Embrace the slithy toves.” The same problem happens trying to keep a security policy intact across multiple boundaries, not to mention the multiplicative effect of vulnerabilities at each layer.
Category: Uncategorized Tags:
2 responses so far ↓
1 PG Newman October 6, 2009 at 2:15 pm
A layer of abstraction, like virtualized environments – virtual web-browsers! Who remembers the virtual PC environment available for the Apple Mac decades ago…
2 Computer Network Security Advice October 8, 2009 at 8:09 am
[...] Security Issues Sitting On Top Of Browser Turtles [...]
Leave a Comment