Does it support IE6 on Windows 98 SE/Windows ME?, if so why does Chrome only support XP SP2+ and Vista?

[rick]

Does the Google chrome frame plugin support IE6 on Windows 98SE and
Windows ME?

If it does, why does the Chrome browser not support Windows 98SE and
Windows ME because it says that it only supports XP SP2+ and Vista:

http://www.google.com/chrome

[Alex Russell]

GFC does not support winows 98 or ME because it lacks many of the
security features that the Chrome sandboxing system uses to keep
content from running amock. It won't be possible to back-port the
sandbox, sadly.

Regards

[Brady]

What about Windows 2000? This seems like it would be the most used OS
for this plugin as you can't install IE 7 on it, which is at least
usable compared to IE 6.

[eilegz]

Support for Windows 2000 would be a GREAT idea, since its the one that
cant use ie7 and above plus more corporate enviroments its still using
windows 2000 and ie6

[Mathis "gunah" K.]

no support for Windows 95/98/ME is okk!
but so what we need is support for Windows 2000.

i have testet this plugins on Windows Server 2003 in Remote Desktop...
and it works, without any probelms... :-)...

[Erwin]

Indeed. Windows 2000 still has a LOT of users that Chrome is
targeting. If Windows 2000 isn't supported, it would be a great miss
with regard to cross-platform compatibility. What exactly does XP have
that Chrome needs that W2K lacks?

[Alex Russell]

Security features.

So let me put the question I posed another way: if CF supported Win2K,
but it was understood that it wasn't nearly as secure as CF on other
platforms, would it still be attractive for your organization?

Regards

[Brady]

This would definitely be attractive to my company. We have to support
IE as several websites that our users must access only support IE.
Being stuck on Windows 2000 on a good number of our machines, being
able to run Chrome Frame in IE 6 on these machines would allow our
company websites to stop supporting IE6 directly, while preventing us
from having to shell out tens of thousands upgrading to new hardware
and OSs.

On Sep 23, 2:26 pm, Alex Russell <slightly...@google.com> wrote:
> On Wed, Sep 23, 2009 at 4:09 AM, Erwin <windekin...@gmail.com> wrote:
>
> > Indeed.Windows2000still has a LOT of users that Chrome is
> > targeting. IfWindows2000isn't supported, it would be a great miss

[Andrea Giammarchi]

On Wed, Sep 23, 2009 at 10:29 PM, Brady <brad...@gmail.com> wrote:

This would definitely be attractive to my company.  We have to support
IE as several websites that our users must access only support IE.
Being stuck on Windows 2000 on a good number of our machines, being
able to run Chrome Frame in IE 6 on these machines would allow our
company websites to stop supporting IE6 directly, while preventing us
from having to shell out tens of thousands upgrading to new hardware
and OSs.

any luck with Safari, Firefox or Opera?

[Oliver Mattos]

>
> So let me put the question I posed another way: if CF supported Win2K,
> but it was understood that it wasn't nearly as secure as CF on other
> platforms, would it still be attractive for your organization?

Yes, because those security features like the sandbox no other browser
supports on those platforms either - therefore on those platforms
chrome-frame would be as secure as IE.

I understand the potential downside is a reputation problem - if there
is a partial exploit which allows code execution within the sandbox,
then on the older platforms it could allow the machine to be
compromised. In this case, big news sites are going to say "Chrome
Frame is full of security holes", putting off potential users, when in
fact for the majority of users on newer browsers there are no holes.

[Brady]

Because we have to support IE, we would prefer not to support two
browsers. This both complicates management and confuses end users.

On Sep 23, 7:02 pm, Andrea Giammarchi <andrea.giammar...@gmail.com>
wrote:

[andrea.giammarchi]

On Thu, Sep 24, 2009 at 4:13 PM, Brady <brad...@gmail.com> wrote:

Because we have to support IE, we would prefer not to support two
browsers.  This both complicates management and confuses end users.

confusing is to think that Chrome Frame and IE are a single browser ... you want Chrome Frame in IE? You will have to support two browsers then: IE, and Google Chrome.

[wolfkoelling]

Absolutely!
Our corporate desktop environment is still based on Win2K and we are
at least a year away from a new Windows 7 / Office 13 desktop, I've
been told (we have 1500 desktops and a whole eco-system of software on
top of the os - you don't change that in a week). The firm is
reluctant to install Firefox (not for technical reasons) but I'm sure
would be quite happy to push out the plugin to all desktops, as it
doesn't change the user experience and wouldn't require training:
users still see their familiar IE6 browser but we in inhouse
development could start delivering innovative browser applications.
Win Win. ChromeFrame would be a god send for us.

Oh, do go on!

Best regards

Wolf

On 23 Sep, 19:26, Alex Russell <slightly...@google.com> wrote:

[Herbert]

I was so dissapointed knowing that CF doesn't support Windows 2000...
Our company uses ALMOST 100% Windows 2000 OSes, I was so excited when
I heard about this plugin for IE, I wanted to suggest this to our IT
Dept., Because in our business, we always use a web application that
uses a LOT of javascript, IE6 is Slow and always gets a javascript
Error and needed the browser to restart.. the employees productivity
is continually monitored, this browser failures are a big problem.
Those were some of the problems I wish the CF would fix.. or improve
somehow... I hope Google supports Windows 2000 for a lot of Big
Companies still can't let go Windows 2000.

On Sep 24, 2:26 am, Alex Russell <slightly...@google.com> wrote:

[RonCam]

Yes, another vote for Windows 2000 Professional support. Is there
that much difference between Windows 5.0 and 5.1?

On Oct 1, 10:35 am, Herbert <namethatu...@gmail.com> wrote:
> I was so dissapointed knowing that CF doesn't support Windows2000...

> Our company uses ALMOST 100% Windows2000OSes, I was so excited when

> I heard about this plugin for IE, I wanted to suggest this to our IT
> Dept., Because in our business, we always use a web application that
> uses a LOT of javascript, IE6 is Slow and always gets a javascript
> Error and needed the browser to restart.. the employees productivity
> is continually monitored, this browser failures are a big problem.
> Those were some of the problems I wish the CF would fix.. or improve

> somehow... I hope Google supports Windows2000for a lot of Big

> Companies still can't let go Windows2000.
>
> On Sep 24, 2:26 am, Alex Russell <slightly...@google.com> wrote:
>
> > On Wed, Sep 23, 2009 at 4:09 AM, Erwin <windekin...@gmail.com> wrote:
>

> > > Indeed. Windows2000still has a LOT of users that Chrome is
> > > targeting. If Windows2000isn't supported, it would be a great miss

[Andrea Giammarchi]

On Thu, Oct 1, 2009 at 11:59 PM, RonCam <perio....@gmail.com> wrote:

Yes, another vote for Windows 2000 Professional support.  Is there
that much difference between Windows 5.0 and 5.1?

Except the fact XP and greater is lmost monthly supported while 2000 is basically deprecated and there are several security differences between 5.0 and 5.1? ... I guess no, if it was the same, why they would have excluded 2K from the list?

The question is still this one: if you know it's gonna be less secure, would you like to use it regardless?

Somebody said yes, and this is how much security, legacy, and all things that could make sense fall down when security is the last problem, while missed infrastructure updates for companies that make money via IT is ... to me a non-sense as well, but I am sure there are valid reasons, I just cannot spot them ... it's like being a DJ pretending music labels produce tapes too, not only CD's otherwise I cannot work, makes sense?

Btw, just my silly point of view, nothing to do with Alex and Frame decisions - somehow I even hope they'll make it possible, just to have new stats about IE6 and chromeframe UA penetration.

Regards

[wolfkoelling]

> The question is still this one: if you know it's gonna be less secure, would
> you like to use it regardless?

But is it less secure than using "pure" IE6 on Win2K? Because that is
the environment a lot of corporate desktops are still based on.

BW,
Wolf

On 2 Oct, 00:07, Andrea Giammarchi <andrea.giammar...@gmail.com>
wrote:

[Andrea Giammarchi]

On Fri, Oct 2, 2009 at 9:52 AM, wolfkoelling <wolf.k...@slaughterandmay.com> wrote:

> The question is still this one: if you know it's gonna be less secure, would
> you like to use it regardless?

But is it less secure than using "pure" IE6 on Win2K? Because that is
the environment a lot of corporate desktops are still based on.

Microsoft has been brave enough to declare that Chrome Frame brings security problems ( mentioning only IE8, of course, Microsoft perfectly knows IE6 is a "web cancer" ... )

So everybody is ready to shot Google if Frame will land into 2K, we'll see ...

Regards

[RonCam]

On Oct 2, 12:07 am, Andrea Giammarchi <andrea.giammar...@gmail.com>
wrote:

> On Thu, Oct 1, 2009 at 11:59 PM, RonCam <perio.made...@gmail.com> wrote:
>
> > Yes, another vote for Windows 2000 Professional support.  Is there
> > that much difference between Windows 5.0 and 5.1?
>
> Except the fact XP and greater is lmost monthly supported while 2000 is

> basically deprecated ...

Google has said the reason for "Chrome Frame" was so their developers
can stop "banging their heads against the wall" by trying to get their
new Google Wave to work on Microsoft browsers ... I think they had IE6
particularly in mind. ;-)

I expect this, Google Wave, and therefore Chrome Frame, is targeted to
the largest number of users in the general public, rather than the
corporate hold-outs who are giving fits to web developers, with their
Windows 2000 and IE6's trident engine, locked into legacy business
software?

But -- if Google would now raise its sights from that objective, they
could see that including Windows 2000 support would aid the entire web-
development community by getting the last hold-outs off the IE6
Trident engine. If this could be replaced, the corporate IT
departments could continue to run IE6, run their legacy software and
Intranets, and the web developers' problems disappear!

A comment on the distinction of XP being "monthly supported" and
"2000 ... deprecated" ... I don't think Microsoft uses that
terminology. Actually, they're both "monthly supported" on "patch
Tuesday", if this was the reference.

A look at the Life Support Cycle pages says that Windows 2000 and XP
(both Professional) are in exactly the same category right now,
"Extended Support." XP Pro entered that category on April 14 of this
year. "Supported" has two categories, "Mainstream" or "Extended."

Microsoft uses two terms to describe the status of their products:
they're either "Supported" or "Retired" and neither of the above two
OS's are yet retired. So this should not be the basis of Google's
decision ... I think the benefit to web developers should take
precedence.

[Andrea Giammarchi]

You are right, I have been a bit emotional commenting Microsoft, apologizes for my "not perfect" answer.
The point is that apparently Frame into W2K could cause/have security problems.

I honestly think that an Intel D945GCLF, as example, VIA or Others are OK as well, costs about $65, will consume minimum 1/10 of electric watts on daily basis, and could be shipped with XP Home reusing your keyboards, mouse other components for a total of $100 (or less) vat included

On monthly energy basis, this will mean less expenses for whatever house/company, while from production point of view, it will mean more speed, power, against whatever extra-old machine bought when PCs were sold with W2K or Windows 98/ME

I cannot truly understand all this fuss over extremely old systems when we are talking about the fastest sector in the world ... but I understand you, and moreover it does not matter what I think.

What does matter is if it worth it to spend time to bring Frame in those "obsolete environments" where it could mean some real security issue, and "no-profits" time, like IE6 web development, lot of effort, time consuming, almost "zero pay-back". Can you understand my point?

I leave Chromium guys say a word about this, maybe you convinced them :-)

Best Regards

[RonCam]

Quote from this thread: "if you know it's gonna be less secure"
I did a search for the above quote and it pops up without
attribution. In that event, may I guess it's a quote from Steve
Ballmer, upon learning what Google was doing? If so, enough said for
this statement's credibility! :-) :-)

The question was asked, would corporate users be more or less secure,
using IE6 with or without Chrome Frame, for HTML rendering with their
legacy software? Does anyone really know, other than on Steve
Ballmer's word? Does this come from a trustworthy source? Any non-
Microsoft references on this? Please comment, if yes. And if yes,
read the next paragraph.

The "security question" may be a red herring, since IE6 can be made
perfectly safe and secure on Windows 2000 (or above) by using the same
techniques adopted by Microsoft ("Protected Mode," or, partial-
sandboxing) first seen in IE7 (but, when running on Vista, only). In
fact, IE6 could be more secure than this, even on 2K, since it may be
fully (as opposed to partially) sandboxed on this operating system.
The utility in question (www.sandboxie.com) protects all browsers
running on the entire NT-series from 5.0 on up.

No, I do not work for the company that provides the complete-
sandboxing solution for IE6 and anyone who doubts whether this really
works is welcome to try the utility without charge.

I hope the above will stop people from worrying about IE6's security
then and objecting to Chrome Frame on Win2K pro, for this reason??

On Oct 2, 9:52 am, wolfkoelling <wolf.koell...@slaughterandmay.com>
wrote:

[Alex Russell]

On Fri, Oct 2, 2009 at 3:40 PM, RonCam <perio....@gmail.com> wrote:
>
> Quote from this thread:  "if you know it's gonna be less secure"
> I did a search for the above quote and it pops up without
> attribution.  In that event, may I guess it's a quote from Steve
> Ballmer, upon learning what Google was doing?  If so, enough said for
> this statement's credibility!  :-)  :-)
>
> The question was asked, would corporate users be more or less secure,
> using IE6 with or without Chrome Frame, for HTML rendering with their
> legacy software?

No, they would not. GCF today provides a robust sandbox to help
prevent potential problems in WebKit or Chromium renderer code from
turning into browser exploits. The GCF team is committed to ensuring
that the plugin is secure, and communicating a differential level of
security between versions of the same product is a challenge. That's
how it was phrased before, and that's still the essential question:
what is it worth to our potential users on Win2K to run GCF? If it
made their browser net *less* secure, would that still be acceptable
to them?

It's a hard problem. If you have thoughts about *that particular
tradeoff*, it'd be good to hear.

Regards

[RonCam]

On Oct 3, 1:38 am, Alex Russell <slightly...@google.com> wrote:

> On Fri, Oct 2, 2009 at 3:40 PM, RonCam <perio.made...@gmail.com> wrote:

> > The question was asked, would corporate users be more or less secure,
> > using IE6 with or without Chrome Frame, for HTML rendering with their
> > legacy software?
>

Reply:
> No, they would not.

Please clarify -- I'm sure one of these would apply, but not sure
which. Not the fault of your response, but of the way the original
quotation is worded.

Are you saying:

1) ... would corporate users be more secure ... ? Reply: No, they
would not [be more secure].
or
2) ... would corporate users be less secure ... ? Reply: No, they
would not [be less secure].

Unfortunately, the passage being quoted contains both words,"more" and
"less" and I'm not sure which one your response refers to ... the
correct choice is likely obvious to those "in the know," but less
obvious to others on the forum.

[Alex Russell]

On Sat, Oct 3, 2009 at 6:33 AM, RonCam <perio....@gmail.com> wrote:
>
>
> On Oct 3, 1:38 am, Alex Russell <slightly...@google.com> wrote:
>> On Fri, Oct 2, 2009 at 3:40 PM, RonCam <perio.made...@gmail.com> wrote:
>
>> > The question was asked, would corporate users be more or less secure,
>> > using IE6 with or without Chrome Frame, for HTML rendering with their
>> > legacy software?
>>
> Reply:
>> No, they would not.
>
> Please clarify -- I'm sure one of these would apply, but not sure
> which.  Not the fault of your response, but of the way the original
> quotation is worded.
>
> Are you saying:
>
> 1) ... would corporate users be more secure ... ?  Reply: No, they
> would not [be more secure].
> or
> 2) ... would corporate users be less secure ... ?   Reply: No, they
> would not [be less secure].

I misspoke. My apologies. I meant to say that corporate users on Win2K
running without the sandbox are likely to be *less secure* than they
would be running IE without GCF. The question is "would they be OK
with *reduced* security (even considering that IE 6 is their
baseline)?". I'm guessing that they would *not* be OK with this, but
I'm quite honestly asking.

Regards

[RonCam]

At the top of this post, it's mentioned that the security problem
potentially resulting from attempting to run GCF under Windows 98SE
and ME would be due to the inability of CGF to provide sandboxing in
those environments. However, I see no mention of a similar, specific
reason that it's not now available on Windows 2000 Professional.

May I guess it's for the same reason, that CFC's internal sandboxing
would be unsupported? Or, since this is admittedly a guess, did I
guess wrong?

If your answer is "yes, that's the reason," I will have a follow-up on
your '*less secure*' comment.
Thanks!

On Oct 3, 10:42 pm, Alex Russell <slightly...@google.com> wrote:

[RonCam]

OK, scratch the above question. I couldn't find the answer in this
thread, but found it elsewhere:

"Chrome Frame installs as a Browser Helper Object; a Windows DLL that
extends IE functionality. BHOs are a standard method used to add
toolbars and other plugins so Google is using Microsoft’s own
documented platform. If Microsoft wanted to kill Chrome Frame, it
would be technically difficult to achieve without affecting other
plugins.

BHOs are also exploited by malware and virus developers. Microsoft
fixed this issue in XP SP2 by sandboxing BHO code and introducing the
Add-on Manager which allows users to disable unscrupulous code. Chrome
Frame therefore requires IE6 on XP SP2 as a minimum."

Reference:
http://www.sitepoint.com/blogs/2009/09/26/ie6-upgrades-google-chrome-frame/

Can we agree that this is the entire reason for Alex Russel's <*less
secure*> question? If 'yes' then it is possible to go ahead, based on
the quoted text.

[Tommi]

Howdy,

The OS version requirements come not only from Chrome Frame, but from Chrome itself.  Chrome uses APIs and services to implement some key features like the sandbox, that are either not available on W2K or have limited functionality.

There are some people out there though that have managed to get Chrome running on W2K. Fun as it may be, getting Chrome+W2K to work is a hack at best and it will be less secure (which is what Alex refers to) than when running on a version of the OS that Chrome was written for.  Also, Chrome could simply stop working at some point if it needs to call a function not available on the OS.

As an example Chrome uses a relatively new feature of the heap (well, new in XP) which is enabled via a call to HeapSetInformation.  This function is not available on the latest service pack for W2K (SP4) - but, it is possible to install a patch that makes it work.  That's one missing function down but who knows how many more and how many not-supported-yet-silently-ignored flags more? :)  Bottom line: you might be able to hack it so that Chrome limps along, but you never know when it'll stop working or does something unexpected due to the unsupported OS.  Hence, we cannot recommend it.

Chrome needs XP SP2, and that is the reason Chrome Frame needs XP SP2.

Cheers,

Tommi