OperaTor /!\ WARNING /!\

Discussion in 'privacy technology' started by Warlockz, Mar 6, 2009.

Thread Status:
Not open for further replies.
  1. Warlockz

    Warlockz Registered Member

    Joined:
    Oct 30, 2008
    Posts:
    642
    I know this is old news to many, but for the people using Operator that do not know this!

    Submitted by Toby on the operator page!

    The current version of OperaTor ships with Opera's “Enable fraud protection” option turned on by default (in Preferences, Advanced, Security.)

    THIS MAKES OPERA DO A PLAIN, UNENCRYPTED DNS REQUEST FOR EVERY WEBSITE YOU VISIT

    It is easily shown using a network analyzer software, such as Wireshark (which is the first thing I did after installing OperaTor.) It's probably been like this for a long time, if not for ever. This single bug renders the whole OperaTor pointless, as Opera BROADCASTS THE SITES YOU VISIT to your ISP, employer, or anybody else in your local network.

    This shows several things:

    1. Never take your online security for granted, double-check everything by yourself; if you can't, because it's not your field of expertise, then:
    2. Avoid using proprietary software like Opera, because you CANNOT know what they do; and
    3. Use only security packages sanctioned by known security experts, such as the pre-configured portable browsers you can download from Tor's homepage. Also,
    4. The developer of OperaTor didn't even think of running a network analyzer, not even once (no offense meant) so there are probably other security shortcomings in this package.

    I advice every OperaTor user to switch to another security software RIGHT NOW and cross their fingers in the hope their past activities were not detected.
    _____________________________________________________

    Please reply to this post with any other known security issues in OperaTor!

    _____________________________________________________
     
Thread Status:
Not open for further replies.