"Fair" Amount of Time?

I feel much better now. I guess that I must be exercising overkill in my own work, because I devote a "Huge" amount of time to designing in security from the bones on out.

No it doesn't explain their marketshare

"But still they'd be adding more ways into a customers computer. And that's why they have none.. Customers that is."

You're quite wrong.

Firefox is my browser of choice (so don't point any of that fanboi rubbish at me) and has support for images, css, javascript, extensions, themes, etc, all of which increase the browser attack surface. They have also most likely increased, not decreased, its market share.

Obviously this is true for all browsers and all software in general. The more functionality, the more opportunity for that functionality to be misused.

bla

Yes, that is why most DoS traffic and Spam, etc. is generated by all SINGLE windows computers.

But...

But... Opera also has the capacity for most of those things too.

The fundamental issue here is that it is actively encouraging people to unharden their systems' firewalls to allow certain in-bound connections.

And believe me, people will get fed up of nagging reminders and just turn off the firewall altogether - have seen this happen more than once.

So while they have a smaller attack surface in theory, they just made it easier to get into the machine as a whole from the outside without having to write an addon, submit it to Mozilla Addons and 'hope' no-one notices.

Grenade... because this is like a bomb about to go off, IMO.

I'm sure...

in the early days, Microsoft didn't consider IIS to be a security risk either...

@Dave Lawless

"Check the source code"

Yeees, because that's prevented Firefox from being absolutely flooded with scores of security holes since day one, some of which affect versions 1, 2 and 3... not.

@John Dee

The difference is that Firefox doesn't open a port and allow random unsolicited incoming connections. If you want to hack me via Firefox, you have to get me to click on a link first.

@AC

"The difference is that Firefox doesn't open a port and allow random unsolicited incoming connections. "

No but there's a bunch of apps that do. I'm sure you would never use a torrent client or the tor network or anything like that.

"If you want to hack me via Firefox, you have to get me to click on a link first."

No I don't.

What people are forgetting.

Opera is the most secure browser on the planet, more secure than Firefox (not hard), more secure than IE (even easier), more secure than Chrome/Webkit/Safari.

I trust Opera to implement Unite in a way that does not compromise their existing unbeaten security track record, history says when Opera does it, they do it right. When Mozilla do it, it ends up a security swiss cheese...

The fact that Unite is off by default is something rather important to understand, and something that seems to be beyond the logic of some Tech writers.

More Deatils Please

What level of sandboxing (if any) does Unite employ? Are all inbound connections read-only, as they should be? Are directory accesses outside the 'shared' folders (including via aliases) blocked? What level does the Unite web server process run at on non-admin accounts?

If they do use a very simple system - and simple is the key here - which implements a highly restricted read-only policy for remote connections, then that alone will mitigate many potential security problems. I would be very surprised if they were providing a full-featured web server inside Opera, since that is not only overkill, but asking for a mountain of trouble as well.