Chrome 2.0 Juices Up JavaScript

Google on Thursday revealed Chrome 2.0, a purportedly faster and more feature-filled version of the search giant’s Web browser.

The extra speed comes from an update to its V8 JavaScript engine and from a new version of the open source WebKit rendering engine.

However, Chrome’s speed advantage may soon be overshadowed by rivals. Mozilla, for example, is expected to release a final version of Firefox 3.5.

Also, speeding up JavaScript may lead to security problems.

New Features in Chrome 2.0

Chrome 2.0 is faster than Version 1, released eight months ago, because it runs JavaScript faster, according to Google.

It also incorporates some of the features beta testers requested the most. One is an improved new tab page that lets users remove thumbnails.

Another is a new full-screen mode, and a third feature is form autofill.

However, full-screen mode and form autofill are both features other browsers have had for a while (think deadly rivals Internet Explorer and Firefox).

Why Chrome 2.0 Works Faster

The V8 JavaScript engine is open source technology developed by Google and written in C++. It increases performance by compiling JavaScript to native machine code before execution, instead of to a bytecode or interpretation.

It also employs optimization techniques such as inline caching, which remembers the results of a previous method lookup directly at the call site. A call site of a function is a line in the code that passes arguments to the function and receives return values in exchange.

These optimizations let JavaScript applications run at the speed of a compiled binary.

Will Firefox Pose a Speed Challenge?

Chrome 2.0 may not hold its speed advantage very long, however — Mozilla will issue the release candidate (RC) of Firefox 3.5 in the first week of June, according to Mozilla director Mike Beltzner’s post on the company’s blog. That new version of the browser could be sped up too.

“It’s pretty common competition among the browsers — they always want to be fastest,” Randy Abrams, director of technical education at security software vendor ESET, told TechNewsWorld.

Mozilla did not respond to requests for comment by press time.

Speed Kills?

Supercharging JavaScript may not always result in a faster user experience.

“I’m not sure how big an impact speeding up JavaScript is going to make unless you’re using some huge JavaScript application,” ESET’s Abrams said.

Speeding up JavaScript could also speed up the malware based on the language.

“Malware based on JavaScript will run faster,” Abrams said. “JavaScript is the vector of choice for drive-by attacks.”

In a drive-by attack, a Web page containing malicious code downloads that code onto visitors’ computers without their knowledge or permission ,and without the user having to click on any links.

Malware authors use JavaScript in almost 90 percent of Web pages that contain malicious script, according to Stephan Chenette, manager of security at Web security software vendor Websense.

Hard to Scratch Chrome?

It’s not necessarily open season on users of Google Chrome, since it uses a sandboxing model that makes it difficult to hack, Google spokesperson Eitan Bencuya told TechNewsWorld.

Sandboxing means isolating code so that it cannot interact with the operating system or applications on a user’s computer.

Still, ESET’s Abrams thinks sandboxing is not enough. “Chrome does have some protection other browsers don’t, in that it sandboxes individual tabs,” he said. “That might protect the operating system itself, but it’s not going to do anything to protect you against cross-site scripting or clickjacking.”

Sandboxing offers only limited protection, he warned. “It’s only effective if you go to each different site in a different tab. Otherwise, the old data will be accessible when you use the same tab to click on a new site.”

Google contends Chrome is no less safe than other browsers. “All of the topics you mention are tough issues to fight, and they affect all browsers,” Bencuya said.

1 Comment

  • I feel that Google Chrome is perfect for beginners and users that do not use the internet too often. But for those users who use them for things like gaming, they will pick up Chrome’s faults in a flash and probably not use it again..

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Which cybersecurity hazard do you fear the most as an individual?
Loading ... Loading ...

TechNewsWorld Channels