I attended Aaron Boodman’s session on Google Gears, here at Developer Day in London. Boodman is an engineer on the Gears team. He gave us a quick tour of the main features, most of which was already familiar to me, but I picked up a couple of interesting things. He told us that Google hopes Gears will eventually become a standard part of HTML, implemented by every browser. Some parts of Gears just implement things that browsers should do already, such as the ability to upload multiple files in one operation. Boodman would also like to see Gears enabled by default for all sites, rather than being enabled per-site as it is at the moment.

Or is it? What I had not realised is most of the Gears API is already accessible to any site, even if it is not in your “Gears enabled” list. It is only certain features, such as the ability to create a local database, which require specific consent.

That raises the question of security. I asked about risks like sites creating malicious desktop shortcuts disguised as good ones. Boodman says that creating a shortcut always raises a dialog so the user should spot this. What about reputable sites infected with malicious code? Boodman figures that if you are browsing such a site you are in trouble anyway.

Gears is built into Chrome and part of a consistent Google theme: upgrading the browser to make it a better platform for applications.