Application Security
1/19/2011
06:02 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Google Docs Preparing For Life As A Platform

Renovated last April, Google Docs appears to be getting fixed up again, this time in preparation for third-party applications.

Google Docs emerged from a major software engineering effort last spring with a rewritten editing engine and support for real-time collaboration, a move in part designed to undermine the then imminent launch of Microsoft Office 2010.

There were plenty of other notable, if less significant, upgrades in 2010 too: mobile editing, OCR support, new drawings and charts editors, generalized file storage, user interface improvements, and support for additional fonts, among others.

Google is presently working on perhaps the most important Docs feature to date: offline support for Google Docs. The company has said that it hopes to deliver this capability during the first quarter of the year.

And it looks like several other new features may surface soon, particularly support for audio playback from Docs, a preview pane to display more information about files stored in the cloud, support for third-party applications, and a revised user-interface.

Alex Chitu, who maintains the Google Operating System blog, spotted references to these presumed new features in the source code of a Docs HTML page. He speculates the new capabilities could make Google Docs better for storing media content.

In recent years, there have been periodic predictions that Google will launch a generic file storage service, dubbed "G-Drive." Last January, Google more or less did so by allowing any kind of file to be stored in Docs. While the file storage capabilities in Docs have been more limited than what's offered by dedicated file storage services like Dropbox, that distinction is likely to fade as Google continues to add more features.

Google also appears to ready to look to third-party developers to provide capabilities that it doesn't have the inclination to implement itself. Docs only allows users to view a subset of the file types that can be stored with the service. Allowing third-party developers to create file viewers and applications for file types that Google doesn't offer, such as online editors for photos or videos, could add significant value to Docs without straining Google's engineering resources or capital.

Google already allows third-party developers to create applications that work with Google Apps, which includes Google Docs, through the Google Apps Marketplace. But the marketplace currently requires an account with Google Apps, Google Apps for Business, or Google Apps for Education. Many consumers who could use Google Apps, which is free, simply use Docs and Gmail as separate services rather than using Google Apps as a suite under their own domain. Extending the Apps Marketplace to the standalone version of Docs is a logical next step to fill in the gaps in Google's cloud offerings, particularly in conjunction with the recent launch of the Chrome Web Store and upcoming launch of Chrome OS.

The music player that's apparently destined for Docs may merely be a way to add audio to presentations. Google recently added a video player to Docs as a way to add video to presentations.

But Google is also said to be working on a cloud-based music service. Such a service would likely be tied to a Google Account and Docs would make a sensible place to store one's music files for streaming to one's Android phone, computer, or Chrome OS netbook.

A Google spokesperson wasn't immediately available for comment. Google typically does not comment on unannounced products.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0192
Published: 2015-07-02
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.

CVE-2015-1914
Published: 2015-07-02
IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.

CVE-2015-1916
Published: 2015-07-02
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.

CVE-2015-3157
Published: 2015-07-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2015-3202
Published: 2015-07-02
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report