I've installed the W3C web browser/editor, Amaya, onto my PC. I've only just begun to test it. But with all this talk about Microsoft abandoning its IE browser, it may pay to actively look at alternative browsers. This article at freshmeat.net has a good write-up on lightweight browsers, including Amaya.

I know, I know, it uses the same rendering engine as Safari... but even still, Murphy's Law of Browsers dictates that weird little quirks and idiosyncrasies will somehow find their way in. And in a world where we have to test web pages against Explorer, Firefox, Safari, Opera, Konqueror, old versions of Netscape, various mobile browsers and that web-enabled toaster oven in your client's office kitchen, well... oy.

• Chrome has taken 1-2% share of the global browser market since its launch (NetApp)
• IE has lost 4-5% share so far in 2008 (NetApp)
• Analysts are skeptical of Chrome's adoption by enterprises, given its unproven "beta" status
• IE had 72% share and Firefox had 20% share in August 2008
• Microsoft and Mozilla recently launched browsers (IE 8 & Firefox 3) with similar features as Chrome

Click through to RWW Predictions to login and cast your prediction.

Note: On Monday afternoon the RWW Live crew will be discussing Chrome's impact on the browser market with 2-3 special guests. Be sure to tune in at 3:30 pm PDT Monday.

So what is it that Safari is missing? For one, unlike the other browsers, Safari has no built-in phishing filter which warns web surfers when they visit suspicious web sites.

The other issue is that Safari doesn't support EV (Extended Validation) certificates. This secure web browsing technology turns the address bar green when visiting a legitimate web site.
Currently only IE supports EV certificates, but upcoming versions of Opera and Firefox will be supporting them as well.

"Safari has got nothing in terms of security support, only SSL (Secure Sockets Layer encryption), that's it," Barrett said.

But are these technologies really having an effect? Barrett thinks so. For example, with EV's, he is basing this decision on data compiled on PayPal's web site that show that IE 7 users are more likely to sign on to PayPal. He makes the leap to presume that this is because they are more confident that the site is legit.

But to the contrary, a study (PDF) on the effectiveness of EV shows that EV certificates aren't that useful unless someone is specifically trained to notice the green address bar and what it means.

So, is Barrett being overly cautious? Or is Safari really insecure?

Released under a Creative Commons 3.0 license, the document provides a comprehensive comparison of security features of the commonly used browsers; IE (version 6 and 7), Firefox (version 2 and 3), Safari, Opera, Chrome and the lesser known Android embedded browser.

Browser security has been an ongoing problem over the years and was the first subject discussed during the browser wars panel at the Add-on conference last week. Earlier this year, Robert Hansen and Jeremiah Grossman uncovered an attack known as clickjacking, which gives an attacker the ability to trick a user into clicking where the attacker wants on a site. A good overview can be found on the Computerworld site, which has a clickjacking FAQ:

"In plain English, clickjacking lets hackers and scammers hide malicious stuff under the cover of the content on a legitimate site. You know what happens when a carjacker takes a car? Well, clickjacking is like that, except that the click is the car."

Clickjacking is one of the issues covered in the security handbook which is divided into three sections:

1. Basic concepts behind Web browsers with reviews of core standards and technologies behind current browsers and their security properties
2. Standard browser security features details explicit security mechanisms and restrictions
3. Experimental and legacy security mechanisms discusses security mechanisms that have either fallen into disuse or never caught on, as well as those yet to prove their worth.

The document appears to be an ongoing project; you can find more details here.

Image Credit: Thanks Darwin Bell

Google also found that this independence of processes resulted in less "jank", which is Google's term for unresponsiveness in the browser. Google wanted Chrome to be the "fastest and least janky browser around." 200 miliseconds is their baseline for performance in startup speed, page load time, javascript execution. Responsiveness matters, said Goodger. He said that the user must always be in control of their browsing experience. As a sidenote, Goodger mentioned that the latest version of Internet Explorer 8 also now has the separate processing for different tabs feature.

Goodger talked about the user interface that Chrome has, which he said is a bit different from other browsers. He said they "stripped down the UI" and focused on the mantra "content not chrome", which he acknowledged was ironic given the browser's name. He showed the following video, from Japan, to illustrate this approach:

There are obvious differences in the UI in Chrome, for example the lack of menu buttons. There are also other subtle differences, such as fewer "attention-grabbing" popups. Goodger also noted that Chrome has "fewer options, better defaults". His rule is that "options are never an excuse for bad design".

Goodger talked a little about Chrome's release cycle. Google uses channels to release versions of Chrome: stable, beta and dev (bleeding edge). Google aims to treat Chrome just like any web app, that releases early and often and in an automated method. So users get automated updates to the latest stable version, without having to manually update anything.

Finally Goodger reiterated that Google Chrome is open source, with community discussions happening at dev.chromium.org.

Ray's answer was that Microsoft is creating a platform for developers to build componentized things like widgets and other web services, but he wasn't able to elaborate on IE's future role in this growing ecosystem - because IE's development plans in that respect are still under wraps. He acknowledged that Firefox is becoming an information broker, saying that this is part of a continued trend in browsers where they are becoming more interactive and writeable. He noted that initially browsers were read-only, but browsers nowadays are able to be written to as well. He also discussed the general trend of componentization, which is basically what is happening with widgets and web services. He said that IE4 was a componentized browser, so this has been a trend for a while in browsers.

Just before the lunch, Ray and Scott were on the main stage being interviewed by Michael Arrington. Dan Farber has a great write-up of that discussion, which discusses Web OS and office software amongst other things.

Scott, Ray, Mike; pic by pxn8

So how is Microsoft's Web Strategy panning out?

From Mike's Q&A and my own lunch with Ray and Scott, I have gotten a better sense of Ray Ozzie's style as Chief Software Architect - the role he took over from Bill Gates last June. Ray Ozzie obviously has a superb handle on technology trends and his 'services vision' has become nicely refined over the past year or so. So I'm impressed by that, although I wish he'd told me specific details about IE's future today at lunch ;-)

Also what we're seeing at MIX this year is that the end products are beginning to show evidence of Ozzie's strategic leadership - e.g. we saw today that Silverlight is a comprehensive web development platform covering the browser and desktop. I haven't mentioned Scott Guthrie much in this post (mainly because his job is to talk specifically to developers, in their language, so a lot of what he says goes over my head!). But the demos of Silverlight-produced apps this morning, which Guthrie compered, were impressive and show that the services strategy coming from Ozzie is starting to show through now in Microsoft's products.

There's a lot to wrap my head around at this conference, but I'll be back later with more coverage.

Update: Ryan Stewart was at the lunch too and his write-up is up now.

HTTP Content Negotiation

To do this, Van de Sompel and his colleagues are exploiting a feature in the HTTP content negotiation specs that allows them to add date-and-time negotiation to the standard negotiations that already happen whenever your browser connects to a web server. Instead of just asking for the current page, a Memento-enabled browser can also ask for an older version of that page. Some servers and content management systems already offer this feature and the Memento project has developed a demo that shows how this feature would look. According to Van de Sompel, it only takes four extra lines of codes in Apache to make this work.

While it is relatively easy for browsers to ask for an older version of a web page, content owners would have to store these older versions of their sites on their servers as well. With static sites, this is easy to do, but today's highly dynamic web doesn't make it easy to create an archival version of every page.

You can find more technical information about how the team envisions the future of the Memento project in this paper.

The Wikipedia page for metalink describes it like this:

"Metalink is an open standard/framework for programs that download (download managers, BitTorrent clients, Web browsers, FTP clients, & P2P programs). For increased convenience, it stores the many locations of files (FTP/HTTP/P2P) in a single file (a .metalink) for extra reliability in case one method fails and so chunks/segments of each file can be downloaded from multiple resources at the same time (known as accelerated/multi-threaded/segmented downloading)."

For developers, metalink files are made up of XML and they are extensible. They also work across multiple operating systems. For ordinary users, metalinks apparently make downloads "simpler, faster, and more reliable".

I see metalinks being particularly useful for companies that offer large media downloads (video, music, etc), and want to make it as fast and efficient as possible for their customers to download the files. The TorrentFreak blog explain the benefits well:

"Metalinks have several advantages to individual mirrors. First of all, it speeds up the download process. Secondly, downloads are more reliable since metalinks use several mirrors. An additional advantage for the publisher is that he or she is able to prioritize a source."

As well as support from download managers and P2P programs, metalinks would seem to have a promising future integrated into web browsers. Opera already supports BitTorrent, so metalinks would be the logical next step. Firefox, IE, Flock, Maxthon and the other browsers would likewise do well to utilize metalinks, especially with large media files becoming commonplace on the Web.

Thanks Anthony Bryan from the Metalink org for the heads-up.

powered by ODEO

The interview [20 mins, 9.7MB] kicks off a new series on my ZDNet blog, called Browsers 2.0. In that series I'll be exploring 2006-era browsers and seeing what is available in the browser market - and what's coming soon with the likes of IE7 and Firefox 2.0.

What interests me most about Flock these days is its goal to become one of the big browsers. Geoffrey said they're planning to go-live (out of beta) in October this year and he is confident that Flock can become a big player in what is a very tough market. He said:

"If we continue to respond to what our users are telling us and get out there and partner with the right folks, absolutely we will be [mainstream]. I want us to become increasingly part of the dialog of: what option do I have to participate online."

Also Geoffrey is sometimes reluctant to call Flock a browser, because "it's a passive term". He said "the way our user testing is showing people interacting with Flock, it's anything but passive."

I mentioned that a lot of Web apps these days are becoming cross-platform and cross-device, so does he think the browser will morph into something different - in other words, where is the browser in general headed? Geoffrey replied:

"I view the browser as a vehicle for creating your online identity. So people are increasingly going towards mobile and to some extent the living room. Right now it's certainly not in our short-term plans. But I do see the browser as being the primary interface to your life online."

Check out the whole audio interview, because we delve into some of those broader browser issues a lot more. Geoffrey said that my questions were the best he’s had in any interview about Flock (which is a nice compliment!).

Among the mandatory requirements listed for FF3 are improving the add-on experience, providing "an extensible bookmarks back-end platform", adding more support for web services "to act as content handlers" - all of which show that Firefox wants to be an independent information broker rather than a simple HTML renderer in its next version. Microformats will be a key part of this too - and this is currently listed as a "highly desirable" feature for FF3. Also good to see extensible identity management listed there. All of this encourages best-of-breed apps to flourish, which is an excellent direction for Mozilla to take with Firefox. It probably also plays into Google's hands, as they have a number of best of breed web apps - and are acquiring them at a great rate too (YouTube, JotSpot, Writely, etc).

So if anything, I'd hazard a guess and say that IE8 will head back into ProprietaryLand - leaving Firefox to become more of a vehicle for independent web services, particularly those from Google. While IE7 and Firefox 2 were more alike than different (feature-wise they're practically identical!), with IE8 and FF3 we will likely see the two biggest browsers head off into different directions.

Firefox is safe, standards compliant, extensible...and not made by Microsoft. That's what most people like about it and the number of fans is growing. Can you guess what percentage of ReadWriteWeb visitors came here using Firefox last month?

We know that because 27% of our fabulously sophisticated readers came here using IE last month. That makes it the second most popular browser among our readers after Firefox at 55%. Our readers came in on 188 different browsers in October.

Innovation in browsers is continuing fast and furious. Just today "private browsing" was added to an official Firefox build and that's sure to be appealing to mainstream users and early adopters.

Congratulations are due to the Mozilla team and community. A web filled with Firefox users is a better web for us all.

Here at tech-focused site ReadWriteWeb, the last couple of weeks of Google Analytics data shows that about 7.25% of our readers are visiting using Chrome.

Compare this to the month of August, when our browser stats looked like this:

Clearly Chrome has taken share from both Firefox (3.93%) and IE (4.7%), for our tech-savvy readers. However Safari's share has gone up a little on our site in September. Time will tell whether these trends continue, but for now Chrome is continuing at a solid 7% + for our site. Not bad when you consider that our readers are also statistically more likely than the general population to use Macs - which Chrome isn't available on yet. 18.28% of our August readers were Mac users, with 75.68% Windows.

More importantly, Chrome looks to be close to establishing itself as the 4th most popular browser in the mainstream market - which is bad news for Opera.

According to a report from CNET, Mozilla is considering the possibilities. "I think our community would be interested in doing it, because Android will be appearing on more smartphones with the capabilities to provide a good browsing experience," said Jay Sullivan, Mozilla's vice president of mobile.

The only question now is whether or not Fennec will ever have a shot at becoming a popular mobile browser. Although development is moving along at a reasonable pace, it's certainly had its setbacks along the way...and it's nowhere near a version 1.0 yet. Meanwhile, WebKit is taking the lead when it comes to browsers on many of today's hottest smartphone platforms. The open-source WebKit code currently powers a lot of the newest browsers on the market including the one that ships on Android, iPhone's Safari browser, and the browser on the Palm Pre. Where does that leave Fennec? Apparently, it leaves it competing against Opera, which already has a solid foothold on the other mobile platforms lacking a decent mobile browser - Opera even became the top mobile browser recently.

Hopefully with the new NDK from Google, Fennec will be able to make its way onto at least one of the top smarthphone platforms out there. But we wonder: will anyone care when it arrives?

Neither the current official, non-beta release of Internet Explorer nor the current official non-beta release of Firefox properly renders the Acid2 test. Though some beta testers for Firefox have reported that FF 3 Beta 2 choked on the Acid2, there are other reports that it renders correctly (I haven't switched to Firefox 3 yet for reasons I've already posted here).

For their part, the IE8 team downplayed the significance of their internal build supposedly passing the Acid2 test. Instead, Microsoft General Manager Dean Hachamovitch used it as an opportunity to highlight how far the IE team still has to go to reach their goals. He also seemed to be hinting at the team's intention to reserve the right to pick and choose which standards they mean to follow.

"When we look at the long lists of standards (even from just one standards body, like the W3C), which standards are the most important for us to support? The web has many kinds of standards -- true industry standards, like those from the W3C, de facto standards, unilateral standards, open standards, and more," he wrote. "The key goal (for the Web Standards Project as well as many other groups and individuals) is interoperability. As a developer, I’d prefer to not have to write the same site multiple times for different browsers. Standards are a (critical!) means to this end, and we focus on the standards that will help actual, real-world interoperability the most. As a consumer and a developer, I expect stuff to just work, and I also expect backwards compatibility. ... While supporting the features tested in Acid2 is important for many reasons, it is just one of several milestones for the interoperability, standards compliance, and backwards compatibility that we’re committed to for this release."