Chrome makes play for minds and hearts of administrators

Google celebrated the two-year anniversary of its Chrome web browser this month by making some changes to it designed to encourage administrators to cast a more approving eye on the software.

Generally, administrators are a tough lot when it comes to change. Their plates are usually full and it takes a compelling sell to persuade them to desert the status quo. If Microsoft has difficulties weaning many administrators from Internet Explorer 6, with its horrendous security record, to a safer version of the software, how does Google expect to induce administrators to bolt to an entirely new web browser?

One way, it appears, is to give administrators greater control over how Chrome behaves. For example, it allows administrators to cut off a feature that allows the browser to automatically update itself. Automatic updates are convenient for users. They can fix annoying problems that can have dire consequences for a computer’s operation or its data. More important, they can plug security holes in a program.

The problem for administrators, however, is that they can create unforeseen snags on a user’s system or even open up new security holes. If an administrator can evaluate the update before it’s implemented, he or she can prevent those problems from developing. Automatic updates can preempt such an evaluation and spread those potential hassles throughout an organization’s system like a virus. In addition, updates can give hackers an entry point into a network. Once a system’s defense systems are trained to accept automatic updates, they will ignore programs that behave like updates–even if those programs are malware written by hackers. What’s more, crackers can intercept requests for updates–through techniques like DNS hacking–and install older updates that will re-open old software flaws.

To turn off automatic updates for Chrome, Google recommends that the value of the following Windows registry key–HKEY_LOCAL_MACHINESOFTWAREPoliciesGoogleUpdateAutoUpdateCheckPeriodMinutes–be set to  REG_SZ (string) value of “0″.

As part of Chrome’s new administrator-friendly attitude, registry changes need not be made manually but can be made with easy-to-use templates.

If an administrator does choose to turn off automatic updates, Google cautions him or her to keep in mind that such action means his or her organization will not receive the latest security updates for the browser.

Administrators can now also change the policies that Chrome respects. They include:

• Setting the browser’s home page.
• Determining if a new tab is created when the home page button is clicked in the browser.
• Enabling or disabling safe browser mode.
• Determining if error pages will appear in the browser.
• Activating or deactivating Google Suggest, which recommends a completed URL for a partially typed in URL in the browser’s address field.
• Determining if anonymous statistics reporting and crash information should be reported back to Google.
• Enabling or disabling DNS prefetching.
• Enabling or disabling online saving of bookmarks or other profile information through synchronization.
• Determining the manner in which Chrome determines the proxy server in use.
• Specifying the URL of the proxy server in use when a specified proxy configuration has been created manually.
• Specifying the URL of the .pac file to use when the specified proxy configuration is created manually.
• Creating a list of exceptions for when not to use a proxy.
• Overriding a system’s user interface language.
• Creating a list of disabled plug-ins.

As extensive as that policy list is, there are a few omissions that administrators may like to see in the future, according to Lee Mathews, writing for DownloadSquad. “For example, while I can choose to disable certain plug-ins, there’s no switch to disallow extension installs,” he scribbled. “I’d also like to disable Chrome’s autofill feature, but it, too, is missing.”

Getting administrators to embrace Chrome could be a key to the browser’s success and the advancement of Google’s overall goals for the Internet. “Chrome has caught on among early adopters and has tens of millions of users,” opined Stephen Shankland in his DeepTech blog on Cnet. “Getting corporate buy-in could help the browser’s prospects, and with it Google’s ambition to make the Web a more powerful foundation for applications rather than just Web pages to visit.”

“Even with easier compatibility, though, corporate IT personnel are not known for their enthusiasm for embracing new software,” he added. “They’re often naturally conservative, since change can break internal applications, confuse users, and bring other complications. Letting administrators set Chrome behavior will, though, make it more palatable.”