GFC does not support winows 98 or ME because it lacks many of the
security features that the Chrome sandboxing system uses to keep
content from running amock. It won't be possible to back-port the
sandbox, sadly.
What about Windows 2000? This seems like it would be the most used OS
for this plugin as you can't install IE 7 on it, which is at least
usable compared to IE 6.
On Sep 22, 10:43 pm, Alex Russell <slightly...@google.com> wrote:
> GFC does not support winows 98 or ME because it lacks many of the
> security features that the Chrome sandboxing system uses to keep
> content from running amock. It won't be possible to back-port the
> sandbox, sadly.
> Regards
> On Tuesday, September 22, 2009, rick <rickcraw...@gmail.com> wrote:
> > Does the Google chrome frame plugin support IE6 on Windows 98SE and
> > Windows ME?
> > If it does, why does the Chrome browser not support Windows 98SE and
> > Windows ME because it says that it only supports XP SP2+ and Vista:
Support for Windows 2000 would be a GREAT idea, since its the one that
cant use ie7 and above plus more corporate enviroments its still using
windows 2000 and ie6
On Sep 22, 11:34 pm, Brady <bradyd...@gmail.com> wrote:
> What about Windows 2000? This seems like it would be the most used OS
> for this plugin as you can't install IE 7 on it, which is at least
> usable compared to IE 6.
> On Sep 22, 10:43 pm, Alex Russell <slightly...@google.com> wrote:
> > GFC does not support winows 98 or ME because it lacks many of the
> > security features that the Chrome sandboxing system uses to keep
> > content from running amock. It won't be possible to back-port the
> > sandbox, sadly.
> > Regards
> > On Tuesday, September 22, 2009, rick <rickcraw...@gmail.com> wrote:
> > > Does the Google chrome frame plugin support IE6 on Windows 98SE and
> > > Windows ME?
> > > If it does, why does the Chrome browser not support Windows 98SE and
> > > Windows ME because it says that it only supports XP SP2+ and Vista:
> Support for Windows 2000 would be a GREAT idea, since its the one that
> cant use ie7 and above plus more corporate enviroments its still using
> windows 2000 and ie6
> On Sep 22, 11:34 pm, Brady <bradyd...@gmail.com> wrote:
> > What about Windows 2000? This seems like it would be the most used OS
> > for this plugin as you can't install IE 7 on it, which is at least
> > usable compared to IE 6.
> > On Sep 22, 10:43 pm, Alex Russell <slightly...@google.com> wrote:
> > > GFC does not support winows 98 or ME because it lacks many of the
> > > security features that the Chrome sandboxing system uses to keep
> > > content from running amock. It won't be possible to back-port the
> > > sandbox, sadly.
> > > Regards
> > > On Tuesday, September 22, 2009, rick <rickcraw...@gmail.com> wrote:
> > > > Does the Google chrome frame plugin support IE6 on Windows 98SE and
> > > > Windows ME?
> > > > If it does, why does the Chrome browser not support Windows 98SE and
> > > > Windows ME because it says that it only supports XP SP2+ and Vista:
Indeed. Windows 2000 still has a LOT of users that Chrome is
targeting. If Windows 2000 isn't supported, it would be a great miss
with regard to cross-platform compatibility. What exactly does XP have
that Chrome needs that W2K lacks?
On Wed, Sep 23, 2009 at 4:09 AM, Erwin <windekin...@gmail.com> wrote:
> Indeed. Windows 2000 still has a LOT of users that Chrome is > targeting. If Windows 2000 isn't supported, it would be a great miss > with regard to cross-platform compatibility. What exactly does XP have > that Chrome needs that W2K lacks?
Security features.
So let me put the question I posed another way: if CF supported Win2K, but it was understood that it wasn't nearly as secure as CF on other platforms, would it still be attractive for your organization?
This would definitely be attractive to my company. We have to support
IE as several websites that our users must access only support IE.
Being stuck on Windows 2000 on a good number of our machines, being
able to run Chrome Frame in IE 6 on these machines would allow our
company websites to stop supporting IE6 directly, while preventing us
from having to shell out tens of thousands upgrading to new hardware
and OSs.
On Sep 23, 2:26 pm, Alex Russell <slightly...@google.com> wrote:
> On Wed, Sep 23, 2009 at 4:09 AM, Erwin <windekin...@gmail.com> wrote:
> > Indeed.Windows2000still has a LOT of users that Chrome is
> > targeting. IfWindows2000isn't supported, it would be a great miss
> > with regard to cross-platform compatibility. What exactly does XP have
> > that Chrome needs that W2K lacks?
> Security features.
> So let me put the question I posed another way: if CF supported Win2K,
> but it was understood that it wasn't nearly as secure as CF on other
> platforms, would it still be attractive for your organization?
On Wed, Sep 23, 2009 at 10:29 PM, Brady <bradyd...@gmail.com> wrote:
> This would definitely be attractive to my company. We have to support > IE as several websites that our users must access only support IE. > Being stuck on Windows 2000 on a good number of our machines, being > able to run Chrome Frame in IE 6 on these machines would allow our > company websites to stop supporting IE6 directly, while preventing us > from having to shell out tens of thousands upgrading to new hardware > and OSs.
> So let me put the question I posed another way: if CF supported Win2K,
> but it was understood that it wasn't nearly as secure as CF on other
> platforms, would it still be attractive for your organization?
Yes, because those security features like the sandbox no other browser
supports on those platforms either - therefore on those platforms
chrome-frame would be as secure as IE.
I understand the potential downside is a reputation problem - if there
is a partial exploit which allows code execution within the sandbox,
then on the older platforms it could allow the machine to be
compromised. In this case, big news sites are going to say "Chrome
Frame is full of security holes", putting off potential users, when in
fact for the majority of users on newer browsers there are no holes.
> On Wed, Sep 23, 2009 at 10:29 PM, Brady <bradyd...@gmail.com> wrote:
> > This would definitely be attractive to my company. We have to support
> > IE as several websites that our users must access only support IE.
> > Being stuck on Windows 2000 on a good number of our machines, being
> > able to run Chrome Frame in IE 6 on these machines would allow our
> > company websites to stop supporting IE6 directly, while preventing us
> > from having to shell out tens of thousands upgrading to new hardware
> > and OSs.
On Thu, Sep 24, 2009 at 4:13 PM, Brady <bradyd...@gmail.com> wrote:
> Because we have to support IE, we would prefer not to support two > browsers. This both complicates management and confuses end users.
confusing is to think that Chrome Frame and IE are a single browser ... you want Chrome Frame in IE? You will have to support two browsers then: IE, and Google Chrome.
Absolutely!
Our corporate desktop environment is still based on Win2K and we are
at least a year away from a new Windows 7 / Office 13 desktop, I've
been told (we have 1500 desktops and a whole eco-system of software on
top of the os - you don't change that in a week). The firm is
reluctant to install Firefox (not for technical reasons) but I'm sure
would be quite happy to push out the plugin to all desktops, as it
doesn't change the user experience and wouldn't require training:
users still see their familiar IE6 browser but we in inhouse
development could start delivering innovative browser applications.
Win Win. ChromeFrame would be a god send for us.
Oh, do go on!
Best regards
Wolf
On 23 Sep, 19:26, Alex Russell <slightly...@google.com> wrote:
> On Wed, Sep 23, 2009 at 4:09 AM, Erwin <windekin...@gmail.com> wrote:
> > Indeed. Windows 2000 still has a LOT of users that Chrome is
> > targeting. If Windows 2000 isn't supported, it would be a great miss
> > with regard to cross-platform compatibility. What exactly does XP have
> > that Chrome needs that W2K lacks?
> Security features.
> So let me put the question I posed another way: if CF supported Win2K,
> but it was understood that it wasn't nearly as secure as CF on other
> platforms, would it still be attractive for your organization?
I was so dissapointed knowing that CF doesn't support Windows 2000...
Our company uses ALMOST 100% Windows 2000 OSes, I was so excited when
I heard about this plugin for IE, I wanted to suggest this to our IT
Dept., Because in our business, we always use a web application that
uses a LOT of javascript, IE6 is Slow and always gets a javascript
Error and needed the browser to restart.. the employees productivity
is continually monitored, this browser failures are a big problem.
Those were some of the problems I wish the CF would fix.. or improve
somehow... I hope Google supports Windows 2000 for a lot of Big
Companies still can't let go Windows 2000.
On Sep 24, 2:26 am, Alex Russell <slightly...@google.com> wrote:
> On Wed, Sep 23, 2009 at 4:09 AM, Erwin <windekin...@gmail.com> wrote:
> > Indeed. Windows 2000 still has a LOT of users that Chrome is
> > targeting. If Windows 2000 isn't supported, it would be a great miss
> > with regard to cross-platform compatibility. What exactly does XP have
> > that Chrome needs that W2K lacks?
> Security features.
> So let me put the question I posed another way: if CF supported Win2K,
> but it was understood that it wasn't nearly as secure as CF on other
> platforms, would it still be attractive for your organization?
> I was so dissapointed knowing that CF doesn't support Windows2000...
> Our company uses ALMOST 100% Windows2000OSes, I was so excited when
> I heard about this plugin for IE, I wanted to suggest this to our IT
> Dept., Because in our business, we always use a web application that
> uses a LOT of javascript, IE6 is Slow and always gets a javascript
> Error and needed the browser to restart.. the employees productivity
> is continually monitored, this browser failures are a big problem.
> Those were some of the problems I wish the CF would fix.. or improve
> somehow... I hope Google supports Windows2000for a lot of Big
> Companies still can't let go Windows2000.
> On Sep 24, 2:26 am, Alex Russell <slightly...@google.com> wrote:
> > On Wed, Sep 23, 2009 at 4:09 AM, Erwin <windekin...@gmail.com> wrote:
> > > Indeed. Windows2000still has a LOT of users that Chrome is
> > > targeting. If Windows2000isn't supported, it would be a great miss
> > > with regard to cross-platform compatibility. What exactly does XP have
> > > that Chrome needs that W2K lacks?
> > Security features.
> > So let me put the question I posed another way: if CF supported Win2K,
> > but it was understood that it wasn't nearly as secure as CF on other
> > platforms, would it still be attractive for your organization?
On Thu, Oct 1, 2009 at 11:59 PM, RonCam <perio.made...@gmail.com> wrote:
> Yes, another vote for Windows 2000 Professional support. Is there > that much difference between Windows 5.0 and 5.1?
Except the fact XP and greater is lmost monthly supported while 2000 is basically deprecated and there are several security differences between 5.0 and 5.1? ... I guess no, if it was the same, why they would have excluded 2K from the list?
The question is still this one: if you know it's gonna be less secure, would you like to use it regardless?
Somebody said yes, and this is how much security, legacy, and all things that could make sense fall down when security is the last problem, while missed infrastructure updates for companies that make money via IT is ... to me a non-sense as well, but I am sure there are valid reasons, I just cannot spot them ... it's like being a DJ pretending music labels produce tapes too, not only CD's otherwise I cannot work, makes sense?
Btw, just my silly point of view, nothing to do with Alex and Frame decisions - somehow I even hope they'll make it possible, just to have new stats about IE6 and chromeframe UA penetration.
> On Thu, Oct 1, 2009 at 11:59 PM, RonCam <perio.made...@gmail.com> wrote:
> > Yes, another vote for Windows 2000 Professional support. Is there
> > that much difference between Windows 5.0 and 5.1?
> Except the fact XP and greater is lmost monthly supported while 2000 is
> basically deprecated and there are several security differences between 5.0
> and 5.1? ... I guess no, if it was the same, why they would have excluded 2K
> from the list?
> The question is still this one: if you know it's gonna be less secure, would
> you like to use it regardless?
> Somebody said yes, and this is how much security, legacy, and all things
> that could make sense fall down when security is the last problem, while
> missed infrastructure updates for companies that make money via IT is ... to
> me a non-sense as well, but I am sure there are valid reasons, I just cannot
> spot them ... it's like being a DJ pretending music labels produce tapes
> too, not only CD's otherwise I cannot work, makes sense?
> Btw, just my silly point of view, nothing to do with Alex and Frame
> decisions - somehow I even hope they'll make it possible, just to have new
> stats about IE6 and chromeframe UA penetration.
> > The question is still this one: if you know it's gonna be less secure, > would > > you like to use it regardless?
> But is it less secure than using "pure" IE6 on Win2K? Because that is > the environment a lot of corporate desktops are still based on.
Microsoft has been brave enough to declare that Chrome Frame brings security problems ( mentioning only IE8, of course, Microsoft perfectly knows IE6 is a "web cancer" ... )
So everybody is ready to shot Google if Frame will land into 2K, we'll see ...
On Oct 2, 12:07 am, Andrea Giammarchi <andrea.giammar...@gmail.com>
wrote:
> On Thu, Oct 1, 2009 at 11:59 PM, RonCam <perio.made...@gmail.com> wrote:
> > Yes, another vote for Windows 2000 Professional support. Is there
> > that much difference between Windows 5.0 and 5.1?
> Except the fact XP and greater is lmost monthly supported while 2000 is
> basically deprecated ...
Google has said the reason for "Chrome Frame" was so their developers
can stop "banging their heads against the wall" by trying to get their
new Google Wave to work on Microsoft browsers ... I think they had IE6
particularly in mind. ;-)
I expect this, Google Wave, and therefore Chrome Frame, is targeted to
the largest number of users in the general public, rather than the
corporate hold-outs who are giving fits to web developers, with their
Windows 2000 and IE6's trident engine, locked into legacy business
software?
But -- if Google would now raise its sights from that objective, they
could see that including Windows 2000 support would aid the entire web-
development community by getting the last hold-outs off the IE6
Trident engine. If this could be replaced, the corporate IT
departments could continue to run IE6, run their legacy software and
Intranets, and the web developers' problems disappear!
A comment on the distinction of XP being "monthly supported" and
"2000 ... deprecated" ... I don't think Microsoft uses that
terminology. Actually, they're both "monthly supported" on "patch
Tuesday", if this was the reference.
A look at the Life Support Cycle pages says that Windows 2000 and XP
(both Professional) are in exactly the same category right now,
"Extended Support." XP Pro entered that category on April 14 of this
year. "Supported" has two categories, "Mainstream" or "Extended."
Microsoft uses two terms to describe the status of their products:
they're either "Supported" or "Retired" and neither of the above two
OS's are yet retired. So this should not be the basis of Google's
decision ... I think the benefit to web developers should take
precedence.
You are right, I have been a bit emotional commenting Microsoft, apologizes
for my "not perfect" answer.
The point is that apparently Frame into W2K could cause/have security
problems.
I honestly think that an Intel D945GCLF, as example, VIA or Others are OK as
well, costs about $65, will consume minimum 1/10 of electric watts on daily
basis, and could be shipped with XP Home reusing your keyboards, mouse other
components for a total of $100 (or less) vat included
On monthly energy basis, this will mean less expenses for whatever
house/company, while from production point of view, it will mean more speed,
power, against whatever extra-old machine bought when PCs were sold with W2K
or Windows 98/ME
I cannot truly understand all this fuss over extremely old systems when we
are talking about the fastest sector in the world ... but I understand you,
and moreover it does not matter what I think.
What does matter is if it worth it to spend time to bring Frame in those
"obsolete environments" where it could mean some real security issue, and
"no-profits" time, like IE6 web development, lot of effort, time consuming,
almost "zero pay-back". Can you understand my point?
I leave Chromium guys say a word about this, maybe you convinced them :-)
On Fri, Oct 2, 2009 at 10:17 PM, RonCam <perio.made...@gmail.com> wrote:
> On Oct 2, 12:07 am, Andrea Giammarchi <andrea.giammar...@gmail.com>
> wrote:
> > On Thu, Oct 1, 2009 at 11:59 PM, RonCam <perio.made...@gmail.com> wrote:
> > > Yes, another vote for Windows 2000 Professional support. Is there
> > > that much difference between Windows 5.0 and 5.1?
> > Except the fact XP and greater is lmost monthly supported while 2000 is
> > basically deprecated ...
> Google has said the reason for "Chrome Frame" was so their developers
> can stop "banging their heads against the wall" by trying to get their
> new Google Wave to work on Microsoft browsers ... I think they had IE6
> particularly in mind. ;-)
> I expect this, Google Wave, and therefore Chrome Frame, is targeted to
> the largest number of users in the general public, rather than the
> corporate hold-outs who are giving fits to web developers, with their
> Windows 2000 and IE6's trident engine, locked into legacy business
> software?
> But -- if Google would now raise its sights from that objective, they
> could see that including Windows 2000 support would aid the entire web-
> development community by getting the last hold-outs off the IE6
> Trident engine. If this could be replaced, the corporate IT
> departments could continue to run IE6, run their legacy software and
> Intranets, and the web developers' problems disappear!
> A comment on the distinction of XP being "monthly supported" and
> "2000 ... deprecated" ... I don't think Microsoft uses that
> terminology. Actually, they're both "monthly supported" on "patch
> Tuesday", if this was the reference.
> A look at the Life Support Cycle pages says that Windows 2000 and XP
> (both Professional) are in exactly the same category right now,
> "Extended Support." XP Pro entered that category on April 14 of this
> year. "Supported" has two categories, "Mainstream" or "Extended."
> Microsoft uses two terms to describe the status of their products:
> they're either "Supported" or "Retired" and neither of the above two
> OS's are yet retired. So this should not be the basis of Google's
> decision ... I think the benefit to web developers should take
> precedence.
Quote from this thread: "if you know it's gonna be less secure"
I did a search for the above quote and it pops up without
attribution. In that event, may I guess it's a quote from Steve
Ballmer, upon learning what Google was doing? If so, enough said for
this statement's credibility! :-) :-)
The question was asked, would corporate users be more or less secure,
using IE6 with or without Chrome Frame, for HTML rendering with their
legacy software? Does anyone really know, other than on Steve
Ballmer's word? Does this come from a trustworthy source? Any non-
Microsoft references on this? Please comment, if yes. And if yes,
read the next paragraph.
The "security question" may be a red herring, since IE6 can be made
perfectly safe and secure on Windows 2000 (or above) by using the same
techniques adopted by Microsoft ("Protected Mode," or, partial-
sandboxing) first seen in IE7 (but, when running on Vista, only). In
fact, IE6 could be more secure than this, even on 2K, since it may be
fully (as opposed to partially) sandboxed on this operating system.
The utility in question (www.sandboxie.com) protects all browsers
running on the entire NT-series from 5.0 on up.
No, I do not work for the company that provides the complete-
sandboxing solution for IE6 and anyone who doubts whether this really
works is welcome to try the utility without charge.
I hope the above will stop people from worrying about IE6's security
then and objecting to Chrome Frame on Win2K pro, for this reason??
On Oct 2, 9:52 am, wolfkoelling <wolf.koell...@slaughterandmay.com>
wrote:
On Fri, Oct 2, 2009 at 3:40 PM, RonCam <perio.made...@gmail.com> wrote:
> Quote from this thread: "if you know it's gonna be less secure"
> I did a search for the above quote and it pops up without
> attribution. In that event, may I guess it's a quote from Steve
> Ballmer, upon learning what Google was doing? If so, enough said for
> this statement's credibility! :-) :-)
> The question was asked, would corporate users be more or less secure,
> using IE6 with or without Chrome Frame, for HTML rendering with their
> legacy software?
No, they would not. GCF today provides a robust sandbox to help
prevent potential problems in WebKit or Chromium renderer code from
turning into browser exploits. The GCF team is committed to ensuring
that the plugin is secure, and communicating a differential level of
security between versions of the same product is a challenge. That's
how it was phrased before, and that's still the essential question:
what is it worth to our potential users on Win2K to run GCF? If it
made their browser net *less* secure, would that still be acceptable
to them?
It's a hard problem. If you have thoughts about *that particular
tradeoff*, it'd be good to hear.
> Does anyone really know, other than on Steve
> Ballmer's word? Does this come from a trustworthy source? Any non-
> Microsoft references on this? Please comment, if yes. And if yes,
> read the next paragraph.
> The "security question" may be a red herring, since IE6 can be made
> perfectly safe and secure on Windows 2000 (or above) by using the same
> techniques adopted by Microsoft ("Protected Mode," or, partial-
> sandboxing) first seen in IE7 (but, when running on Vista, only). In
> fact, IE6 could be more secure than this, even on 2K, since it may be
> fully (as opposed to partially) sandboxed on this operating system.
> The utility in question (www.sandboxie.com) protects all browsers
> running on the entire NT-series from 5.0 on up.
> No, I do not work for the company that provides the complete-
> sandboxing solution for IE6 and anyone who doubts whether this really
> works is welcome to try the utility without charge.
> I hope the above will stop people from worrying about IE6's security
> then and objecting to Chrome Frame on Win2K pro, for this reason??
> On Oct 2, 9:52 am, wolfkoelling <wolf.koell...@slaughterandmay.com>
> wrote:
>> > The question is still this one: if you know it's gonna be less secure, would
>> > you like to use it regardless?
>> But is it less secure than using "pure" IE6 on Win2K? Because that is
>> the environment a lot of corporate desktops are still based on.
On Oct 3, 1:38 am, Alex Russell <slightly...@google.com> wrote:
> On Fri, Oct 2, 2009 at 3:40 PM, RonCam <perio.made...@gmail.com> wrote:
> > The question was asked, would corporate users be more or less secure,
> > using IE6 with or without Chrome Frame, for HTML rendering with their
> > legacy software?
Reply:
> No, they would not.
Please clarify -- I'm sure one of these would apply, but not sure
which. Not the fault of your response, but of the way the original
quotation is worded.
Are you saying:
1) ... would corporate users be more secure ... ? Reply: No, they
would not [be more secure].
or
2) ... would corporate users be less secure ... ? Reply: No, they
would not [be less secure].
Unfortunately, the passage being quoted contains both words,"more" and
"less" and I'm not sure which one your response refers to ... the
correct choice is likely obvious to those "in the know," but less
obvious to others on the forum.
On Sat, Oct 3, 2009 at 6:33 AM, RonCam <perio.made...@gmail.com> wrote:
> On Oct 3, 1:38 am, Alex Russell <slightly...@google.com> wrote:
>> On Fri, Oct 2, 2009 at 3:40 PM, RonCam <perio.made...@gmail.com> wrote:
>> > The question was asked, would corporate users be more or less secure,
>> > using IE6 with or without Chrome Frame, for HTML rendering with their
>> > legacy software?
> Reply:
>> No, they would not.
> Please clarify -- I'm sure one of these would apply, but not sure
> which. Not the fault of your response, but of the way the original
> quotation is worded.
> Are you saying:
> 1) ... would corporate users be more secure ... ? Reply: No, they
> would not [be more secure].
> or
> 2) ... would corporate users be less secure ... ? Reply: No, they
> would not [be less secure].
I misspoke. My apologies. I meant to say that corporate users on Win2K
running without the sandbox are likely to be *less secure* than they
would be running IE without GCF. The question is "would they be OK
with *reduced* security (even considering that IE 6 is their
baseline)?". I'm guessing that they would *not* be OK with this, but
I'm quite honestly asking.
> Unfortunately, the passage being quoted contains both words,"more" and
> "less" and I'm not sure which one your response refers to ... the
> correct choice is likely obvious to those "in the know," but less
> obvious to others on the forum.
At the top of this post, it's mentioned that the security problem
potentially resulting from attempting to run GCF under Windows 98SE
and ME would be due to the inability of CGF to provide sandboxing in
those environments. However, I see no mention of a similar, specific
reason that it's not now available on Windows 2000 Professional.
May I guess it's for the same reason, that CFC's internal sandboxing
would be unsupported? Or, since this is admittedly a guess, did I
guess wrong?
If your answer is "yes, that's the reason," I will have a follow-up on
your '*less secure*' comment.
Thanks!
On Oct 3, 10:42 pm, Alex Russell <slightly...@google.com> wrote:
> On Sat, Oct 3, 2009 at 6:33 AM, RonCam <perio.made...@gmail.com> wrote:
> > > Are you saying:
> > 1) ... would corporate users be more secure ... ? Reply: No, they
> > would not [be more secure].
> > or
> > 2) ... would corporate users be less secure ... ? Reply: No, they
> > would not [be less secure].
> I misspoke. My apologies. I meant to say that corporate users on Win2K
> running without the sandbox are likely to be *less secure* than they
> would be running IE without GCF. The question is "would they be OK
> with *reduced* security (even considering that IE 6 is their
> baseline)?". I'm guessing that they would *not* be OK with this, but
> I'm quite honestly asking.
