Security Remains a Challenge for Browser Developers

By Peter Galli  |  Posted 2007-04-17 Print this article Print

Security is one of the biggest challenges facing the browser industry, a panel of browser industry luminaries told attendees at the Web 2.0 conference.

SAN FRANCISCO—Some of the leading names in the browser market took to the stage at the Web 2.0 conference here on April 16 to give an update on the state of that technology, and all agreed that security was one of the biggest challenges facing the industry. The panelists, who were tasked with addressing the topic titled "The Arrival of Web 2.0: The State of the Union on Browser Technology," hailed from the open-source community all the way to the most proprietary of companies, Microsoft, and those in between.
Chris Wilson, the platform architect for Internet Explorer at Microsoft, said that the most secure system was the one not plugged into anything, including power.
Click here to read more about a new flaw uncovered in Internet Explorer 7 that opens users up to phishing attacks. "But thats not particularly useful, so coming up with an enabling scenario that is also secure is the challenge," he said, noting that if users were presented with a large screed of text requesting approval for something, research had shown that "they will click OK to anything." He also defended the frequent use of permission requests in Vista, Microsofts latest Windows operating system, when another panelist asked him why, then, users were faced with so many of these in the product, saying Vista was not the only product to do this. Charles McCathieNevile, the chief standards officer at Opera, said that the security models on the Web were pretty immature. But the primary participants in the industry were not interested "in another browser war. We are all committed to interoperability and we are listening to what our users want," he said. Brendan Eich, the chief technology officer at Mozilla, said that security was hard and always will be. "I dont think we should take security lightly; its an end-to-end problem and we have to step outside the current model to win on this front," he said. To read more about why Internet Explorer lost further ground in 2006, click here. For his part, Chris Wetherell, a software engineer at Google, said one of the scenarios that kept him awake at night was offline access to the browser and what that meant from a security perspective, particularly on the user-to-user front. With regard to the current state of the browser market and the role of Web 2.0, Microsofts Wilson said that the Redmond, Wash., software giant had shipped, as part of the Internet Explorer platform in 1998 and 1999, a lot of the technologies now known as Web 2.0. But he admitted that, as a platform, the browser still had a long way to go, not just as far as Internet Explorer was concerned, but with regard to all the current browser platforms. "They are all missing some of the client-side features, but have certainly become far more robust over time," he said. Click here to read more about how Mozilla recently updated security for Firefox. Asked what the real tipping point was for the development of Web 2.0 applications, Wilson said that came with the rise of social networking and mashups. But Mozillas Eich disputed that the release of Internet Explorer had been the precursor to Web 2.0. "While IE had a lot of good stuff in it, it wasnt responsible for Web 2.0. Development tools have helped a lot in this regard," he said. A lot of its current work was around writing Web applications that were more efficient and had better code efficiency, he said. Read more here about how the W3C is creating a new HTML standard and enhancing the XHTML specification. "We also want memory use to be more linear, but this kind of engineering takes time and we will get it right eventually. Being able to control the integrity of your data is an important part of this," he said. With regard to what was responsible for the rise of Web 2.0, Eich said Web development tools like Ajax had contributed to this, while many developers were motivated to add features to existing Web applications, a trend that continues today. For Operas McCathieNevile, the browser has matured, its authors have matured and there has been a shift to a more reliable platform. "There had also been a huge explosion as to how many people now have a browser, and the market is growing again, what with mobile browsers becoming true browsers in terms of what they can do," he said. Web 2.0: How high-volume eBay manages its storage. Click here to read more. But McCathieNevile said he had not suddenly seen a mass influx of developers around Web 2.0 applications. "Rather, there were a lot of small communities building cool things and learning from one another," he said. Googles Wetherell said that while Google would continue to look to the browser as the primary delivery mechanism for its Web applications, the company was always looking at how best to bring its products and services to customers, wherever they were, be that on mobile phones and other form factors, he said. Check out eWEEK.coms for the latest news, reviews and analysis about productivity and business solutions.
Peter Galli has been a financial/technology reporter for 12 years at leading publications in South Africa, the UK and the US. He has been Investment Editor of South Africa's Business Day Newspaper, the sister publication of the Financial Times of London.

He was also Group Financial Communications Manager for First National Bank, the second largest banking group in South Africa before moving on to become Executive News Editor of Business Report, the largest daily financial newspaper in South Africa, owned by the global Independent Newspapers group.

He was responsible for a national reporting team of 20 based in four bureaus. He also edited and contributed to its weekly technology page, and launched a financial and technology radio service supplying daily news bulletins to the national broadcaster, the South African Broadcasting Corporation, which were then distributed to some 50 radio stations across the country.

He was then transferred to San Francisco as Business Report's U.S. Correspondent to cover Silicon Valley, trade and finance between the US, Europe and emerging markets like South Africa. After serving that role for more than two years, he joined eWeek as a Senior Editor, covering software platforms in August 2000.

He has comprehensively covered Microsoft and its Windows and .Net platforms, as well as the many legal challenges it has faced. He has also focused on Sun Microsystems and its Solaris operating environment, Java and Unix offerings. He covers developments in the open source community, particularly around the Linux kernel and the effects it will have on the enterprise.

He has written extensively about new products for the Linux and Unix platforms, the development of open standards and critically looked at the potential Linux has to offer an alternative operating system and platform to Windows, .Net and Unix-based solutions like Solaris.

His interviews with senior industry executives include Microsoft CEO Steve Ballmer, Linus Torvalds, the original developer of the Linux operating system, Sun CEO Scot McNealy, and Bill Zeitler, a senior vice president at IBM.

For numerous examples of his writing you can search under his name at the eWEEK Website at


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel