Web Browsing and Browsing Services: What You Should Know
Posted on 21 July 2009, at 1:30 pm, by Christopher Gavula
I ran across an article today extolling the virtues of the new Opera Mobile 9.7 running in “turbo” mode and how it beat (mostly) other mobile browsers on the market. On the surface, this is very impressive and Opera are to be commended, but the article, unfortunately, was misleading. While it mentions that OM 9.7 uses server-side rendering to boost speed, it’s mostly only mentions in passing – with the articles focus remaining on how fast OM 9.7 was. Why is this important? Read on to find out what you should know about server-side rendering…
In traditional web-browsing, you use web browsing software like Internet Explorer, Foxfire, or Safari. This software connects to a web site, downloads a short “program” and follows the instructions in the program to “draw” the web page on your screen. At this time it also downloads any graphics or videos or whatever other content needs to be displayed on that page. This explanation is a little simplistic, but it will do for this particular explanation.
Beginning a few years back, we introduced the concept of server-side rendering. What this means, is that the program that draws the page is actually run on a fast server, rather than on your computer or mobile device. The server, managed by the browsing service provider, does all (or much) of the heavy lifting, then the finished (or partially finished) page is downloaded to your device. Because the heavy work was done by the really fast server, you get a much faster browsing experience. Skyfire, Opera Mini, and the new Opera Mobile 9.7 are examples of browsing services (or partial services). Sounds good, right?
Here’s the problem: The server that is building the web page up for you is not the web site you are contacting, but rather a special server owned by your browser manufacturer or browsing service. They are acting as your proxy, rendering the page for you. This also means that they have access to all your content, passwords, etc. And you agreed to this when you agree to their terms of service. This means, for example, if you hit your bank, they have your accounts and password information on their server as well. Now their terms of service usually say they will respect your privacy, but you have to hope they don’t get hacked, because you are passing ALL your browsing traffic through them.
I don’t mind that there are articles lauding the speed of these types of services, but I think they do people a disservice if they don’t also present them with the fundamental differences in how these services work in comparison to traditional browsers and the additional risks associated with them. Am I overstating the concern? I don’t think so. Look at what happens whenever a single bank loses customers information – now imagine it happens to ALL your accounts at once, because you passed that information through a single service that got hacked. See the potential risk?
Are these services inherently insecure? I don’t know, they don’t share their security models with me, but I do have concerns about having all those eggs in one basket, regardless of the protections they may take. There is no such thing as “unhackable” and traditional browsing isn’t 100% risk free either, but it’s a much smaller, harder to hit target, than using a browsing service, so, for now, I will stick to traditional browsing.
Related posts:
Leave a Reply
You must be logged in to post a comment.
