Application Security
06:02 PM
Connect Directly

Google Docs Preparing For Life As A Platform

Renovated last April, Google Docs appears to be getting fixed up again, this time in preparation for third-party applications.

Google Docs emerged from a major software engineering effort last spring with a rewritten editing engine and support for real-time collaboration, a move in part designed to undermine the then imminent launch of Microsoft Office 2010.

There were plenty of other notable, if less significant, upgrades in 2010 too: mobile editing, OCR support, new drawings and charts editors, generalized file storage, user interface improvements, and support for additional fonts, among others.

Google is presently working on perhaps the most important Docs feature to date: offline support for Google Docs. The company has said that it hopes to deliver this capability during the first quarter of the year.

And it looks like several other new features may surface soon, particularly support for audio playback from Docs, a preview pane to display more information about files stored in the cloud, support for third-party applications, and a revised user-interface.

Alex Chitu, who maintains the Google Operating System blog, spotted references to these presumed new features in the source code of a Docs HTML page. He speculates the new capabilities could make Google Docs better for storing media content.

In recent years, there have been periodic predictions that Google will launch a generic file storage service, dubbed "G-Drive." Last January, Google more or less did so by allowing any kind of file to be stored in Docs. While the file storage capabilities in Docs have been more limited than what's offered by dedicated file storage services like Dropbox, that distinction is likely to fade as Google continues to add more features.

Google also appears to ready to look to third-party developers to provide capabilities that it doesn't have the inclination to implement itself. Docs only allows users to view a subset of the file types that can be stored with the service. Allowing third-party developers to create file viewers and applications for file types that Google doesn't offer, such as online editors for photos or videos, could add significant value to Docs without straining Google's engineering resources or capital.

Google already allows third-party developers to create applications that work with Google Apps, which includes Google Docs, through the Google Apps Marketplace. But the marketplace currently requires an account with Google Apps, Google Apps for Business, or Google Apps for Education. Many consumers who could use Google Apps, which is free, simply use Docs and Gmail as separate services rather than using Google Apps as a suite under their own domain. Extending the Apps Marketplace to the standalone version of Docs is a logical next step to fill in the gaps in Google's cloud offerings, particularly in conjunction with the recent launch of the Chrome Web Store and upcoming launch of Chrome OS.

The music player that's apparently destined for Docs may merely be a way to add audio to presentations. Google recently added a video player to Docs as a way to add video to presentations.

But Google is also said to be working on a cloud-based music service. Such a service would likely be tied to a Google Account and Docs would make a sensible place to store one's music files for streaming to one's Android phone, computer, or Chrome OS netbook.

A Google spokesperson wasn't immediately available for comment. Google typically does not comment on unannounced products.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-02-26
The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connecti...

Published: 2015-02-26
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq54654 and CSCun1...

Published: 2015-02-26
Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770.

Published: 2015-02-26
Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisco Application Networking Manager (ANM), and Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances, allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo99753.

Published: 2015-02-26
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php an...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.