Opera web browser security

Discussion in 'other software & services' started by Fox Mulder, Apr 29, 2012.

Thread Status:
Not open for further replies.
  1. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    Good evening WSF, does anyone here know what the security in the Opera web browser was like? I first started out with Chrome, but Google creeps me out when it comes to privacy. I like Firefox quite a bit, but it's a memory hog. I've been playing around with Opera, and I like the interface/speed/memory usage, but I'm not up to date on the security features of the browser. Is it adequate in that regard?

    Thanks!
     
  2. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    What security? You have a user account, that's about it. Chrome has a sandbox, but it has been proven it has been possible to escape the sandbox before on Chrome. You don't run a browser as full root/administrator, and you invite less problems.

    Browsers tend to provide no real security themselves, and these days the more common attacks other than people actually running the malware themselves is using software to be exploited. If you have an old version of java, and are running Opera it's not Opera's fault you're running an old version of java that can be exploited.

    There are sandbox programs like sandboxie, otherwise some people might even use a full blown virtual machine, however no solution is perfect. Most people just run their browser as a user, and hope their software is up to date.

    Firefox works fine, and as long as you're not running an ancient piece of crap it will run fine too. Chrome like to track everything you do, and IE just blows, hell they haven't fixed a first party cookie leak to 3rd party sites for years now.

    Use what you what, everyone has their own opinions, but Opera as a company is nothing more than ***** of a company after they let IE almost take over the web, along with then cry to the eu like ~ Snipped as per TOS ~ with a skinned knee when they still tried to charge for their browser the majority of the web was no longer supporting. It took the rebirth of Mozilla, Phoenix if you will, which later got named Firebird, and finally Firefox after claimed name issues to take back the web for everyone. This allowed Opera to get back more users, and allowed for more browsers such as Chrome to flourish. Opera did nothing, I repeat nothing to help itself survive.
     
    Last edited by a moderator: Apr 29, 2012
  3. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Opera is a good browser, with tons of potential. It's always in development, very innovative when it comes to ideas, very fast browsing, lots of features and customization, but it just does not live up to security (In this moment in time). Opera is actually less secure than all of today's browsers. With all this work done to the browser, I wish they would start implementing more ways to prevent certain attacks from happening. Do a security test at this websitehttp://www.browserscope.org/security/test in Opera, and then do the same test in other browsers, and you'll see that Opera does the worst out of all browsers out there. I love Opera, but this is a part of the reason why I don't use it.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Opera pretty much provides nothing exceptional in terms of security. It's closed source and pretty standard. As I've said before, in terms of security it's Chrome >= IE9 > Firefox > Opera. That's my opinion.

    Browser security has become more than just about the browser itself, it's also about how well the browser secures its plugins. Chrome and IE9 sandbox Flash, Chrome limits IPC to Java, Firefox has a beta Flash sandbox coming, and Opera has nothing.

    If you're looking for security I'd say Chrome/ IE9 are good. Chrome is, in my opinion, better due to a stronger sandbox and limiting IPC to Java, which can prevent some exploits. It also has a much stronger (optional) flash sandbox.

    If you're worried about Chrome privacy issues you can read more here:
    mattcutts.com/blog/google-chrome-communication/

    Basically, any communications to Google are legitimate. Chrome is based on Chromium, which is open source and all parts of Chrome that connect to the internet are open. You can disable every communication to Google.

    If you're still not interested in Chrome you can use IE9, which sandboxes itself in a way that's similar to Chrome. I personally find IE9 really slow. Firefox doesn't sandbox anything but you can use NoScript/ Sandboxie to try to bridge the gap.
     
  5. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Comodo Dragon and Maxthon are also good alternatives to use. Comodo Dragon is based off Chromium, but it "supposedly" takes out all the google privacy issues.
     
    Last edited: Apr 29, 2012
  6. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Good evening, Fox Mulder,

    I've been using Opera since version 2 -- in 1997, if my memory serves me correctly! I've looked at every exploit in the wild that I could find, and none have succeeded.

    Opera lets you White List per site the scripting and plugins, which are the areas most targeted by cybercriminals. Just r-click on the page to bring up the Site Preferences:


    opera_sitePref.jpg

    I've always felt very safe on the web with Opera.


    ----
    rich
     
  7. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,873

    Ditto
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Just like every other browser?
     
  9. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,515
    Location:
    USA - Back in a real State in time for a real Pres
    You can use Chromium. It's the FOSS that Google uses to "make" Chrome.
     
  10. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    I have used Opera since 2006 and I never had security problems with this browser. And a good HIPS is much more useful than anyway browser, real security is with security software, not with browser.
     
  11. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Opera is a very good browser, but 11.62/12.00beta versions are buggy when it comes to the cookies management (not respecting "do not store cookies" per site option and not deleting cookies) so this might pose a problem from a security point of view. I am usually recommending Opera (I use it as the secondary browser right now), but I have to warn people about the problems I found. Unfortunately the bug reports I filed had no response so far, in spite of the fact that Opera support was great till now. :(
     
  12. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    Thank you for all the input. I've decided to install Opera Next and try it out for a while. I was pleased to find that there is a NoScript-style extension available for it (NotScripts) and AdBlock. I've been enjoying it so far, it seems faster and lighter to me than Firefox or Chrome.
     
  13. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    NotScripts hasn't been developed for some time & I would question its efficacy. The adblocker isn't too hot either IMO. Copying & pasting one of Fanboy's ad lists into Opera's adblocking .ini file can work sometimes.
     
  14. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    From my limited experience so far, NotScrips appears to work.
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    NotScripts hadn't been updated in ages in Chrome and was only capable of blocking inline scripts/ was easily bypassed.
     
  16. Either way Opera trumps Firefox, Waterfox and any other Fox derivitive out there. the Opera Mail is first rate and has fast access.
     
  17. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    I can't decide what's worse, building a mail client into your browser, or creating an external one and updating it in higher frequency than your browser (Mozilla). Both boggle my mind.
     

  18. Yeah pick your poison, Lol
     
  19. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    That's true. I recall (perhaps incorrectly) that NotScripts on Chrome floundered because Chrome lacked some functionality that NoScript required to work properly. Do you know if Opera had the same problem? In all the sites I usually frequent, NotScript on Opera has blocked the script, so it appears to work so far.
     
  20. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't think Opera had that problem, but I don't trust NotScripts that much considering that it touted similar function to NoScript when it was nowhere near it.
     
  21. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    Opera would be fine if it worked properly. I'm looking forward to trying out the 64 bit Opera, but I really doubt if it comes close to Waterfox.

    Opera Mail isn't bad at all.
     
  22. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    It did seem to work fairly well when I used it on Opera, although you couldn't really compare it with Mr Maone's NoScript. Unfortunately, it hasn't been updated for over a year AFAIK. Could you imagine using a year old version of NoScript? I'm surprised it's still compatible with the latest release of Opera.
     
  23. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    Yes I agree. Plus it's gone for such a long time without being developed.
     
  24. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    I understand the concern, but the functionality seems to be there. Obviously Firefox is still the browser with the top-notch NoScript protection but I haven't seen any hard evidence that the Opera NotScripts plugin is significantly deficient in any way...
     
  25. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    I was just a bit worried that it wouldn't function well with later versions of Opera. It was quite a good extension if I remember. Opera has some interesting extensions. Some of them even work properly.
     
Loading...
Thread Status:
Not open for further replies.