MS Browser Prototype Promises Greater Security

Research teams at Microsoft are currently working on a new and improved browser that has the potential to be far more secure than the existing options. In the wake of financial problems, layoffs, and legal nightmares, Gazelle -- Microsoft's new browser-operating system hybrid -- could help the software company recover from its landslide in market shares.

The Gazelle prototype, first unveiled in 2008 under the title "MashupOS" at the Microsoft TechFest Research Fair, incorporates the best of both browser and operating system characteristics in order to provide enhanced security features.

Gazelle's Design

Technical reports from Microsoft indicate that Gazelle will be constructed as a multi-principal operating system, meaning that it will be able to interface with more than one web principal at a time: just like an operating system with multiple programs running. (Source: zdnet.com)

Gazelle is loosely based on Internet Explorer, but with a few modifications. Using about five thousand lines of C code programming language, Gazelle is based upon a "browser kernel" -- a small cluster of code that allows the browser to mimic the functionality of an operating system by basing its performance on "layers" of interaction between components. By developing Gazelle in this way the Microsoft teams hope to eliminate potential threats that could occur via access to the computer's main system. (Source: techworld.com)

Gazelle's Increased Security

Due to the ability to work with multiple principals, Gazelle will be able to separate elements of a web page, a feature that increases security by enabling the browser to process each element on a case-by-case basis.

Gazelle will be able to prevent "race-condition" attacks in which websites try to encourage users to accidentally click on malicious script in the website. Gazelle will prevent this by restricting the ability to click on the page for approximately one second (the length of time necessary for the user to view an overlay screen and verify that they are clicking on an appropriate link). Gazelle will also have unique features for handling plug-ins, which are typically a source of vulnerability.

Microsoft researchers, like many Firefox users, are not content with the current security parameters of Internet Explorer 8. Users may browse sites that have untrustworthy content, and traditional browsers like IE8 are unable to cope with threats posed from iframes, ads, and other unverified materials. (Source: techworld.com)

Since the Gazelle project is still in its infancy, there are a few glitches to work out. Because of the multi-principal architecture, Gazelle is performing highly complex operations which intrinsically slow it down. However, with some adjustments and further development, researchers are confident that it will be as elegant and fast as its namesake. (Source: zdnet.com)