Opera has been defending its Unite product, claiming that far from causing security problems it actually increases the security for users who would otherwise be dependent on the cloud. In an interview reported by NetworkWorld, Opera CEO Jon von Tetzchner claimed that putting servers into every copy of Opera would increase the …
And that explains their marketshare....
Sure the internet as a whole might be better off..
But still they'd be adding more ways into a customers computer. And that's why they have none..
Customers that is.
"Fair" Amount of Time?
I feel much better now. I guess that I must be exercising overkill in my own work, because I devote a "Huge" amount of time to designing in security from the bones on out.
No it doesn't explain their marketshare
"But still they'd be adding more ways into a customers computer. And that's why they have none.. Customers that is."
You're quite wrong.
Obviously this is true for all browsers and all software in general. The more functionality, the more opportunity for that functionality to be misused.
Yes, that is why most DoS traffic and Spam, etc. is generated by all SINGLE windows computers.
But... Opera also has the capacity for most of those things too.
The fundamental issue here is that it is actively encouraging people to unharden their systems' firewalls to allow certain in-bound connections.
And believe me, people will get fed up of nagging reminders and just turn off the firewall altogether - have seen this happen more than once.
So while they have a smaller attack surface in theory, they just made it easier to get into the machine as a whole from the outside without having to write an addon, submit it to Mozilla Addons and 'hope' no-one notices.
Grenade... because this is like a bomb about to go off, IMO.
Instead of one datacentre patching their security hole, we'd just have to wait for every Opera user to do it.
Loads more secure.
in the early days, Microsoft didn't consider IIS to be a security risk either...
Check the source code,
Can't choose an icon on the G1
"But... Opera also has the capacity for most of those things too."
Um ... I know. Most browsers do. I was desperately trying to not talk about Opera so people wouldn't wave the fanboi stick at me.
"The fundamental issue here is that it is actively encouraging people to unharden their systems' firewalls to allow certain in-bound connections."
The real fundamental issue is that most functionality requires unhardening. Plug it in, turn it on, connect to the internet, load OS, open your browser ... it's all unhardening. I'm a command line linux lover. I don't use lynx. I'd rather unharden and see some pictures and shiny things.
Security people need to stop whinging about the great unwashed and their joy for all things social, and get on with engaging their brains a bit more. Personally, as a developer, I enjoy the massive, massive challenge that web app security has become.
"Check the source code"
Yeees, because that's prevented Firefox from being absolutely flooded with scores of security holes since day one, some of which affect versions 1, 2 and 3... not.
The difference is that Firefox doesn't open a port and allow random unsolicited incoming connections. If you want to hack me via Firefox, you have to get me to click on a link first.
"The difference is that Firefox doesn't open a port and allow random unsolicited incoming connections. "
No but there's a bunch of apps that do. I'm sure you would never use a torrent client or the tor network or anything like that.
"If you want to hack me via Firefox, you have to get me to click on a link first."
No I don't.
What people are forgetting.
Opera is the most secure browser on the planet, more secure than Firefox (not hard), more secure than IE (even easier), more secure than Chrome/Webkit/Safari.
I trust Opera to implement Unite in a way that does not compromise their existing unbeaten security track record, history says when Opera does it, they do it right. When Mozilla do it, it ends up a security swiss cheese...
The fact that Unite is off by default is something rather important to understand, and something that seems to be beyond the logic of some Tech writers.
More Deatils Please
What level of sandboxing (if any) does Unite employ? Are all inbound connections read-only, as they should be? Are directory accesses outside the 'shared' folders (including via aliases) blocked? What level does the Unite web server process run at on non-admin accounts?
If they do use a very simple system - and simple is the key here - which implements a highly restricted read-only policy for remote connections, then that alone will mitigate many potential security problems. I would be very surprised if they were providing a full-featured web server inside Opera, since that is not only overkill, but asking for a mountain of trouble as well.
Opera is the most secure browser on the planet?
If this were only true, I would be still using opera.