Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Opera to Start Phoning Home?

Zonk posted more than 6 years ago | from the they-know-what's-good-for-you dept.

197

An anonymous reader writes "Near the end of a story about Opera's determination to stay in the game: 'Earlier this week, Opera announced an addition that will keep it in step with its rivals. Johan Borg, a developer working on the browser, said Tuesday in a blog that the next edition, Opera 9.1, will include beefed up anti-phishing and anti-fraud features. Rather than simply indicate that a site is secure with a notation in the address bar, Opera 9.1 will also query Opera-owned servers for information on any site visited. Those that Opera has identifies as fraudulent will be automatically blocked by the browser.'"

cancel ×

197 comments

Sorry! There are no comments related to the filter you selected.

Hmm Suits in the waiting? (5, Insightful)

ackthpt (218170) | more than 6 years ago | (#16518663)

Those that Opera has identifies as fraudulent will be automatically blocked by the browser.'"

Seems to recall this can lead Opera to trouble, like what happened with Spamhaus.

Re:Hmm Suits in the waiting? (3, Funny)

Raumkraut (518382) | more than 6 years ago | (#16518799)

From the artcle:
Our servers get the trust information from a database supplied by GeoTrust

  HTTP/1.1 303 See Other

Re:Hmm Suits in the waiting? (3, Funny)

ackthpt (218170) | more than 6 years ago | (#16518907)

From the artcle: Our servers get the trust information from a database supplied by GeoTrust

However, to get at GeoTrust, a party would likely have to sue Opera. IANAL, but Opera would, likely be viewed as complicit.

Can you see the up-coming /. headline?

c4n4d14n ph4m4c13 Files Defamation Claim Against Opera and GeoTrust

Great feature realy. (5, Insightful)

Kenja (541830) | more than 6 years ago | (#16518697)

I relay like this idea, so long as it can be turned off. Based on my experiance with Opera so far I'd say that not only will it be able to be turned off, but that you can disable it on a server by server baises.

There's a reason I was willing to pay for Opera when it was still a commercial product. Now if only they would make a Symbian native version, the Java version has a hard time in landscape mode on my Nokia N93.

Re:Great feature realy. (1)

mallardtheduck (760315) | more than 6 years ago | (#16518775)

Im pretty sure the version on my N70 is native, could be wrong though...
Version 8.60
Build: 1657
Platform Symbian/S60

Re:Great feature realy. (1)

Kenja (541830) | more than 6 years ago | (#16518923)

The dont have a native version yet for Sumbian series 60 v3 yet, just s60 v2. There's some major changes in that minor revision number.

Re:Great feature realy. (0)

Anonymous Coward | more than 6 years ago | (#16520099)

According to Opera's mobile product page [opera.com] there is a 30-day trial version available for download.

I'd like it better.... (1, Insightful)

krell (896769) | more than 6 years ago | (#16518781)

I'd like it even better if they shipped with it turned off, and you could turn it on if you wanted it.

Re:I'd like it better.... (5, Insightful)

Shemmie (909181) | more than 6 years ago | (#16519547)

Isn't this against everything we say when it comes to Microsoft? We're meant to be protecting Joe Six-Pack. Various features should ship with the default to 'on', so that those in the know are free to turn it off, but it still protects those who it would most likely benefit?

Re:I'd like it better.... (5, Insightful)

foamrotreturns (977576) | more than 6 years ago | (#16519933)

One problem with your argument:
Joe Sixpack will not use Opera; he'll use IE. That's why we harp on MS for being so lax in security. They're targeting the lowest common denominator.

Re:I'd like it better.... (1)

krell (896769) | more than 6 years ago | (#16519985)

"Isn't this against everything we say when it comes to Microsoft?"

I recall "us" bashing Microsoft for having spyware enabled. This "phoning home" is a form of spyware.

Re:Great feature realy. (5, Interesting)

Ksevio (865461) | more than 6 years ago | (#16519229)

Another thing mentioned in the blog posting is this: --- The requests go over HTTP, but the replies will be signed by the server to make sure they are genuine. We prefer to send information between the browser and ourselves in plain text, so our users can inspect the data we send "home". --- So it's not like they're sending everything back to opera without telling you what it is.

Big brother much? (0)

Anonymous Coward | more than 6 years ago | (#16518711)

Doesn't this mean that Opera.com will have a log of everywebsite visited by every Opera browser?

Presumably, one subpeonable, or whatever that word is.

Re:Big brother much? (1)

Zunni (565203) | more than 6 years ago | (#16519177)

Uhhh.. no, it would check where you are clicking against a known list of bad sites. It doesn't state or imply that Opera would record anything in logging. It's a simple real-time check...

Re:Big brother much? (0)

Anonymous Coward | more than 6 years ago | (#16520157)

Disclaimer: I hold no party affiliation. I do not desire one party over another. I am an admirer only of the ideals this country was founded on. Many people ..close to me ...as well as in my family have served and/or are currently serving this country.

Everything you do on the web is already monitored and recorded by your ISP. The calls you make and browsing you do via mobile phone, tracked. The GPS system in your car, the ATM, E-ZPass, credit card purchases, financial transactions, TiVO, grocery store discount cards, metro-cards, etc..

You are being tracked. The things you do are monitored. Your relationships explored. There is a behavioral and psychological profile of you, who you know, the connections between you and others.

The data that private companies and the government has collected about you will not be made available to you upon request for your review and/or correction.

"Big Brother" is not some far-off possibility. It is HERE NOW.

This is not just me wearing my "tin-foil hat", it is simply the truth. I suggest you read the book "No Place to Hide" by Robert O'Harrow.

To those who say "You have nothing to worry about if you have nothing to hide", I say this: I have nothing to worry about, as long as the entities with that data don't make a mistake. And we all know that the government makes mistakes early and often, as do private companies (especially when it is only financial return is the goal).

These are scary times. With all of the data about individuals available through both public and private entities, with the legislation that has run its way through Congress "post 9/11", with torture legislation, military tribunals, suspension of Habeas Corpus (the wellspring from which all other rights arise) and a President who can declare anyone he wants to (citizen or non-citizen) an "unlawful enemy combatant", have them confined without charges, "tried" by a tribunal he sets up, which may or may not allow the defendant to view evidence against them; the ideals, the very foundation of this country - have been erased.

WAKE UP AMERICA! WAKE UP!

secure...says opera? (5, Insightful)

otacon (445694) | more than 6 years ago | (#16518715)

Well the fact that opera will check EVERY site someone goes to against their own server might work in theory...but does anyone really want all their web use data to be tracked by a server?

Re:secure...says opera? (0)

Anonymous Coward | more than 6 years ago | (#16518903)

So it couldn't be a local definitions list? Oh, ok.

Re:secure...says opera? (1)

nine-times (778537) | more than 6 years ago | (#16518951)

I guess it makes some difference whether they are, in fact, tracking web-use data. If Opera chooses, they could respond to requests without logging user information or IP addresses.

Re:secure...says opera? (3, Interesting)

otacon (445694) | more than 6 years ago | (#16519005)

Well, anyone could easily say the traffic isn't being logged and the server is just processing requests, which could easily be true. But how easy would it be to log that data and no one be the wiser?

Re:secure...says opera? (2, Informative)

Anonymous Coward | more than 6 years ago | (#16519139)

As easy as Opera operating from Norway, which is a country with extremely strict privacy laws? Also, as easy as Opera not being known to abuse user data in the first place, and already having Opera Mini, which means that ALL sites you visit have to go through Opera's servers, and Opera Mini probably has more users than the PC browser anyway?

Re:secure...says opera? (1)

otacon (445694) | more than 6 years ago | (#16519217)

I'm not claiming that Opera would abuse user data, I'm only stating that it shouldn't be for them to decide, it should be left up to the user, not the company. the user shoudln't have wonder if some company is logging or selling their traffic stats.

Re:secure...says opera? (3, Insightful)

bubkus_jones (561139) | more than 6 years ago | (#16519383)

Even if Opera was automatically logging every site you go to, you still have a say in the matter. You can either choose to use Opera, and put up with their possibly knowing every website you visit, and potentially locking you out of a site that someone may find questionable, OR you can choose not to use Opera, and use something that respects your privacy.

Re:secure...says opera? (3, Insightful)

hkmwbz (531650) | more than 6 years ago | (#16519577)

Or you can disable the feature. Or you can choose to not trust anyone, and simply disconnect your PC completely because you can't trust anyone (which includes your ISP).

Re:secure...says opera? (0)

Anonymous Coward | more than 6 years ago | (#16519527)

Which is why you can either choose to trust Opera and Norway's strict privacy laws, or you can easily disable the feature. Opera has Opera Mini anyway, which actually DOES get every single URL reported, since it has to go through their servers to do anything in the first place, so it's not like Opera doesn't have enough stuff to abuse already, if they were so inclined.

Re:secure...says opera? (2, Interesting)

CastrTroy (595695) | more than 6 years ago | (#16519243)

Also, unless the requests are sent encrypted I imagine that somebody sitting outside opera's server, could intercept the requests and use them for whatever they wanted.

Re:secure...says opera? (2, Interesting)

nine-times (778537) | more than 6 years ago | (#16519801)

That's why I think it should be optional as well.

Re:secure...says opera? (2, Interesting)

techno-vampire (666512) | more than 6 years ago | (#16519173)

It shouldn't be hard to find out the server's IP address and the format of the request. Once you have that, DDOS and every single person using Opera is hosed. Not exactly a smooth move, Mr. Exlax!

Re:secure...says opera? (5, Informative)

sammydee (930754) | more than 6 years ago | (#16519423)

RTFA:

"When you browse to a site you have not visited before, the browser sends a request for site information to our server. The requests contains the domain name of the site and a hash value of the URL. We don't send the full URL, but we need a fingerprint of the full URL in case you visit a dangerous page on a site that is otherwise harmless."

It only sends a hash of the web address. It would be difficult to extrapolate the whole address from a hash.

Re:secure...says opera? (0, Redundant)

Espinas217 (677297) | more than 6 years ago | (#16519539)

From the blog
When you browse to a site you have not visited before, the browser sends a request for site information to our server. The requests contains the domain name of the site and a hash value of the URL. We don't send the full URL, but we need a fingerprint of the full URL in case you visit a dangerous page on a site that is otherwise harmless.
See, their not tracking every page, just a domain and a hash. Besides you can turn it off whenever you want.

Re:secure...says opera? (4, Interesting)

timeOday (582209) | more than 6 years ago | (#16519623)

It might be better if Opera simply maintained an client-side blacklist of fradulent sites/domains, which was updated in the background while the browser is running. That way they wouldn't have to track your browsing at all. If these fraudlent sites are verified by hand by people at Opera, there could only number in the tens of thousands.

Re:secure...says opera? (2, Interesting)

elcid73 (599126) | more than 6 years ago | (#16519719)

They are verified by GeoTrust.

I agree with your statement though. It would be nice to just update the list concurrently on the client.

Re:secure...says opera? (1)

perler (80090) | more than 6 years ago | (#16519943)

problem is, that this would be the first file a spyware would alter/delete. see %sysvol%\%system32%\drivers\etc\hosts PAT

Re:secure...says opera? (1, Funny)

Anonymous Coward | more than 6 years ago | (#16519869)

> Well the fact that opera will check EVERY site someone goes to against their own server might work in theory...but does anyone really want all their web use data to be tracked by a server?

When I go to DogOnMidgetAction.com or PapaSmurfSnuff.com, I want to be sure I'm getting the real site and not some phish.

Someone please cry foul (-1, Redundant)

dontbflat (994444) | more than 6 years ago | (#16518739)

Correct me if I'm wrong but doesnt this go against most privacy concerns. I mean opera will phone home every time you go to a website to make sure that the address in the bar is the same as the IP that you were directed to. Couldnt this then mean that they would be logging this in a database somewhere. This would then give them the ability to know where every opera user is at any given time. Then if the DOJ wanted to they could suppenna Opera's database and track every website you went to. This seems like foul play here, or am I too parinoid?

Re:Someone please cry foul (5, Insightful)

hkmwbz (531650) | more than 6 years ago | (#16519303)

Your ISP can track everything you do. That must mean that they are abusing their position. Why get Opera to track your surfing when your ISP could do so much more efficiently?

Re:Someone please cry foul (5, Insightful)

bestinshow (985111) | more than 6 years ago | (#16519305)

That's if they log the requests - given that they're a Norwegian company, they have some pretty tough privacy laws to content with.

I expect that it will depend on the terms and conditions in the end, and that they will say 'we will not log or use your data in a user-specific manner (not even AOL style 'user == number' obfuscation, hehe), however we may use it to compile statistics on accesses to phishing sites', which could prove quite useful in anti-phisher court trials.

It's no different to IE7 or the next version of Safari. The best way to check a website is authentic is to check the URL against a blacklist and then tell the user in big red text in a way they'd be retarded to ignore about the threat. I do think it would be better to download the blacklist to the client and resync it often however.

How do the Firefox add-ins, IE7 and Safari 3 handle anti-phishing?

Re:Someone please cry foul (2, Insightful)

The Masked Marauder (1016143) | more than 6 years ago | (#16519683)

Why the hell would a Norwegian company hand anything over to the US DOJ? America can't really tell the rest of the world what to do you know, Bush just wants you to think that!

I'm sure that... (5, Funny)

justinbach (1002761) | more than 6 years ago | (#16518753)

the Opera users among us will have some interesting things to say about this. Both of them!

Re:I'm sure that... (0)

Anonymous Coward | more than 6 years ago | (#16518891)

Kenja likes it. So do I. Guess it's a good thing then.

Re:I'm sure that... (1, Interesting)

elcid73 (599126) | more than 6 years ago | (#16518997)

I've found that since Opera went free, and people keep talking about this "Firefox memory leak" thing, the voices in support of Opera on Slashdot have grown considerably.

Re:I'm sure that... (3, Insightful)

VGPowerlord (621254) | more than 6 years ago | (#16519863)

I've found that since Opera went free, and people keep talking about this "Firefox memory leak" thing, the voices in support of Opera on Slashdot have grown considerably.

Yeah. I didn't start using it until:
1. It was free.
2. Firefox's developers pissed me off. This wasn't related to the memory leak bug, but that definitely contributed to me switching instead of just grinning and bearing it.

I blame #1 for me not discovering the greatness of Opera earlier.

Re:I'm sure that... (2, Funny)

justinbach (1002761) | more than 6 years ago | (#16519049)

Yeah, I know. I actually use Opera too, and I didn't mean any harm by...wait a minute. I DON'T use Opera. I've had it installed for quite a while, but I'd only use it if Safari, Firefox, and Camino all bit the bullet.
I'd definitely hit it up before IE, though!

Re:I'm sure that... (4, Insightful)

elcid73 (599126) | more than 6 years ago | (#16519219)

It's the native mouse gestures,MDI tabs (I can tile them with a mouse gesture!) and excellent caching of history (I'll tell you when to reload the page dammit.. I *want* the old data) that got me.

If I used a Mac, the speed of Safari is not something I would overlook though. I would find one of those mousegesture additions (cocoa gestures or some such?) though.

eh, to each his own.

Indeed I do. (3, Informative)

Poromenos1 (830658) | more than 6 years ago | (#16519975)

The request Opera sends is a hash of the URL instead of the URL itself.

Would the second Opera user like to comment?

That's fine if it's configurable and secure? (3, Interesting)

djh101010 (656795) | more than 6 years ago | (#16518757)

As long as I can turn it off, or turn it off for certain types of sites, that's fine. I'm not sure what this does for me that, say, Netcraft Toolbar doesn't. Is the data stream encrypted back to Opera? Can others intercept that and use it as a spam-target tool somehow? All questions I'd want answered before I'd use it.

Re:That's fine if it's configurable and secure? (4, Funny)

TheoMurpse (729043) | more than 6 years ago | (#16519853)

I'm not sure what this does for me that, say, Netcraft Toolbar doesn't.
Opera confirms: Netcraft is dead.

It's not encrypted. (1)

Poromenos1 (830658) | more than 6 years ago | (#16520013)

The data is not encrypted. They wanted you to be able to see what your PC is sending. Plus I doubt they'll be useful to anyone else.

Unnecessary Spin (0, Troll)

Anonymous Coward | more than 6 years ago | (#16518759)

Wow, talk about a difference in spin between the headline and the description.

Optional, please? (1)

sumday (888112) | more than 6 years ago | (#16518795)

As a devout Opera user, I'm fine with this as long as it's possible to turn the feature off.

Re:Optional, please? (1)

CastrTroy (595695) | more than 6 years ago | (#16519393)

Would you be fine with it if MS had the same feature in IE, had it enabled by default, but allowed it to be turned off? Never mind most users wouldn't know about it, but they could turn it off. It's not like MS would ever use this kind of data for Evil purposes, or surrender the data to the DOJ on request. Shouldn't something like this only be explicitly opt-in, and only if the user goes searching for it? I wouldn't even bother building a system like this. Too many problems that can happen with it. Why not have users download a list every so often? They wouldn't have to send out every request to some third party, and they could still ensure that they are being safe. Would be a lot easier on the server too if every url visited from every user didn't have to get checked.

Re:Optional, please? (2, Informative)

elcid73 (599126) | more than 6 years ago | (#16519635)

"Why not have users download a list every so often?" ...because "every so often" is "not often enough" when it comes to phishing.

(according to Opera)

Re:Optional, please? (1)

CastrTroy (595695) | more than 6 years ago | (#16520139)

How often does opera update it's servers? Is it often enough? Is it immediately after the site is put up, even before anybody knows about it? How about every time you want to visit a URL, it gets a list of everything that's been added since you last clicked, probably a short or empty list most times, and uses that. That way, you don't have to update every so often, because it updates before you go to any site, and you don't have to worry about them finding out which sites your visiting.

Re:Optional, please? (1)

sumday (888112) | more than 6 years ago | (#16519843)

For starters, yes, i would be fine with it if MS had the same feature enabled by default in IE. But it all depends on how the data is handled. I think you're assuming all the data will be logged somewhere. The URL, IP addess, time stamp etc would surely prove to be useful information for someone like the DOJ, but it wouldn't exactly be useful for preventing users from visiting black-listed sites. Having the user download their own list every so often would be fine with me too. But there's already software that can do this, such as Privoxy [privoxy.org] . At the end of the day, I think it's a bit of a pointless endavour and i'd prefer if Opera didn't have it. But i'm not going to complain if i can turn it off.

why wouldn't i trust him (5, Funny)

Anonymous Coward | more than 6 years ago | (#16518815)

Well, with a name like Borg, I can't think of a reason why I wouldn't trust what he has to say...

Re:why wouldn't i trust him (2, Funny)

Anonymous Coward | more than 6 years ago | (#16519291)

Good job #1845829 - you shouldn't be thinking for yourself anyway. Now get your ass back on this goddamned flying box so we can assimilate our next target.

Re:why wouldn't i trust him (1)

gt_mattex (1016103) | more than 6 years ago | (#16519359)

You mean what it has to say.

Privacy concern (1)

Arthur B. (806360) | more than 6 years ago | (#16518823)

Tell me what they send to their server is actually a hash of the URL with a huge salt.

Re:Privacy concern (2, Insightful)

Ironsides (739422) | more than 6 years ago | (#16518945)

Tell me what they send to their server is actually a hash of the URL with a huge salt.

If they did this then one of two things would happen.
1) Collisions where non-Phishing sites would be blocked as Phishing sites.
2) They would be able to figure out what the original site was anyway as they are the ones who created the hashes. Otherwise, they wouldn't be able to look for duplicate entries or not and the hashes wouldn't mean jack.

Everythings going to be in the clear. The only thing is to make sure that the feature is optional.

Re:Privacy concern (2, Insightful)

Arthur B. (806360) | more than 6 years ago | (#16519323)

1) very unlikely with a good hash or combined hashes 2) no they wouldn't, they'd try to hash every phishing site with every salt to see if it matches your hash... sure they could see if you watch specific sites, but it certainly mitigates the amount of information they can get about you, they can't know exactly all the sites you look at. If their entry are user submitted, the user submission can be done in clear text, no problem.

Okay... (1)

Poromenos1 (830658) | more than 6 years ago | (#16520045)

From Opera's RSS feed:

When you browse to a site you have not visited before, the browser sends a request for site information to our server. The requests contains the domain name of the site and a hash value of the URL. We don't send the full URL, but we need a fingerprint of the full URL in case you visit a dangerous page on a site that is otherwise harmless.

So yeah.

Re:Privacy concern (4, Informative)

Anonymous Coward | more than 6 years ago | (#16518991)

Tell me what they send to their server is actually a hash of the URL with a huge salt.
From the linked blog [opera.com] :

When you browse to a site you have not visited before, the browser sends a request for site information to our server. The requests contains the domain name of the site and a hash value of the URL. We don't send the full URL, but we need a fingerprint of the full URL in case you visit a dangerous page on a site that is otherwise harmless.

Presumably, it's because of the following:

The requests go over HTTP, but the replies will be signed by the server to make sure they are genuine. We prefer to send information between the browser and ourselves in plain text, so our users can inspect the data we send "home".

Re:Privacy concern (0)

Anonymous Coward | more than 6 years ago | (#16519703)

it's not. they add a dash of pepper as well.

User Reviews (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#16518841)

A poll on Opera's forum shows that 50% of users like the new feature. The other user plans to disable it due to privacy concerns.

Re:User Reviews (0)

Anonymous Coward | more than 6 years ago | (#16519033)

Heh. Not bad.

Mmnn features (1)

Trashhalo (985371) | more than 6 years ago | (#16518895)

This seems like one of those features that looked great on paper but will result in lots of bitching and moaning. I use opera but seriously if every site I visit starts getting sent to them I will have to switch back to firefox.

Re:Mmnn features (1)

hkmwbz (531650) | more than 6 years ago | (#16519341)

Or simply disable the feature. But you may want to get off the internet completely, seeing as your ISP can get more data on you than Opera ever could.

Re:Mmnn features (1)

Trashhalo (985371) | more than 6 years ago | (#16519709)

Yes because if my ISP can gather data on me then I shouldn't care if any other random company tracks my usage.

Re:Mmnn features (2, Informative)

hkmwbz (531650) | more than 6 years ago | (#16519769)

Your ISP is as much of a "random company" as Opera Software is. Opera Software is located in Norway, which apparently has extremely strict privacy laws. You also need to consider a company's track record. Opera Software also has the mobile browser Opera Mini which always goes through Opera's servers which do the rendering for the Mini client, and no one has cried foul so far.

Sounds like Internet 1.5 (-1, Offtopic)

NRAdude (166969) | more than 6 years ago | (#16518949)

I know for a fact that Internet 2 is being administered to prevent "activist" groups from participating in the new availability of bandwidth. Prison Planet editors complained of all the biased surveilance being put on Internet 2. Terror Storm is #2 on Google Video yesterday, and would've been #1 months ago if not for Google Video being tipped-off by *someone* to freaze the download/view Counter.

If the people think Internet 2 will be so good, then take an example of all the crap the MPAA and RIAA are fronting on everyone that participated in Internet 1. This Opera "feature" is just that of Internet 2 malware entering now. The only thing secure is information moved through the first ring of a Secure Shell in a secure environment. I notice the history of system and network administration preventatives just keeps re-turring itself on all the hyped "secure" technologies advertised to prevent malicious useage. In the end, a bullet in the head is just as good as an unplugged network Switch.

dont they all do this now? (5, Informative)

Deathlizard (115856) | more than 6 years ago | (#16519003)

I know IE7 phones home, and fireefox 2 does too for anti-phishing. They both can also be disabled by the user.

I don't see how this is any different than what MS or mozilla is doing. As long as it can be disabled by the user it should be ok.

Re:dont they all do this now? (3, Informative)

elcid73 (599126) | more than 6 years ago | (#16519079)

They use white or blacklists. Meaning it phone's home just to get a big list of all at once.

Opera checks each as you go.

Pro: it's updated as fast as GeoTrust is.. you don't have to wait for your nightly download (or whatever frequency) so you get the most reponsive phishing filter.

Con: The reason this is a headline at all. ..Still, it will be able to be turned off and it's largely not all that different from MS or FF.

Re:dont they all do this now? (2, Informative)

Kelson (129150) | more than 6 years ago | (#16520033)

Actually, IE7 can check each site as you go [microsoft.com] , and Firefox 2 has two modes: one that checks against the blacklist, and one that checks each site as you go (look in Tools/Preferences/Security).

So yes, each browser will have a mode which will send nearly every URL you visit to a third party for checking against phishing sites.

Re:dont they all do this now? (2, Interesting)

elcid73 (599126) | more than 6 years ago | (#16520129)

Yeah. I made note of that in one of the other responses I had in here. I don't really see why this is a headline at all.

If you have a slider with Safety/security on one side, and Privacy on the other, all three browsers let you adjust where that slider falls.

Browsers have to balance timeliness of updates against the fast moving phishing schemes with letting the users feel maintain a sense of security. It's strange though, like others have mentioned, Opera Mini seems to get away with this just fine as well as your local ISP.

I wish we could just say "nothing to see here, move along..." for this article. Or at least properly word the headline to something like:

"Opera to default to real-time phishing filter" or something along those lines.

Re:dont they all do this now? (2, Informative)

AKAImBatman (238306) | more than 6 years ago | (#16519233)

Geez, everyone is phoning home these days. Who's next, E.T.?!?

Re:dont they all do this now? (4, Informative)

Vexorian (959249) | more than 6 years ago | (#16519253)

1 How does the Phishing Protection feature work in Firefox 2?
Phishing Protection is turned on by default in Firefox 2, and works by checking the sites that you browse to against a list of known phishing sites. This list is automatically downloaded and regularly updated within Firefox 2 when the Phishing Protection feature is enabled. Since phishing attacks can occur very quickly, there's also an option to check the sites you browse to against an online service such as Google for more up-to-date protection. This enhanced capability can be turned on via the Security preferences pane.
http://www.mozilla.org/projects/bonecho/anti-phish ing/ [mozilla.org]

Re:dont they all do this now? (1)

elcid73 (599126) | more than 6 years ago | (#16519321)

exactly. Opera is just opting for something along the lines of what your links mentions about google trust:

What information is sent to Mozilla when Phishing Protection is enabled?

When using Phishing Protection in default mode, no information is sent to Mozilla or anti-phishing partners. Rather, sites are checked against a local list that is downloaded and updated on a regular basis. When sites are checked against remote services such as Google, the Web site address is sent over a secure SSL connection.

next OS X Safari looks like it will (0)

Anonymous Coward | more than 6 years ago | (#16519453)

http://www.tuaw.com/2006/10/19/screenshots-from-th e-latest-leopard-build/ [tuaw.com]

It looks like the next release of Apple's Safari browser will "phone home" to Google for its anti-phishing measures.

Johan Borg???? (2, Funny)

gstoddart (321705) | more than 6 years ago | (#16519015)

Johan Borg??? Oh, the irony. The diversity of your websites will be added to our own. Resistance is futile.

What an unfortunate surname to be working in the tech field. :-P

Re:Johan Borg???? (0)

Anonymous Coward | more than 6 years ago | (#16519187)

Yeah, but his seventh daughter by his ninth wife is really hot.

Borg? (1)

Akardam (186995) | more than 6 years ago | (#16519715)

Sounds Swedish...

Re:Johan Borg???? (1)

MyNameIsEarl (917015) | more than 6 years ago | (#16519811)

Johan Borg, it's a great John Houseman name.

Just matter of time (1)

Hermenegildo Nunez (1016123) | more than 6 years ago | (#16519035)

It will be just matter of time for government demanding take a look to these logs files in the name of Freedom.

Re:Just matter of time (1)

hkmwbz (531650) | more than 6 years ago | (#16519263)

Like it'll be just a matter of time before the government demands to take a look at your ISP's logs.

Re:Just matter of time (4, Insightful)

animaal (183055) | more than 6 years ago | (#16519977)

Which government? Norway isn't (yet) subject to the U.S. government.

isn't it obvious? (1)

blindd0t (855876) | more than 6 years ago | (#16519105)

I would think it would obviously benefit all authors of browser software to collaborate on a single set of servers for querying for phising sites. Of course, there's probably caveats I haven't thought of, but hey, I just figured it'd be in everybody's best interest, competitor or not.

Bye bye, Opera. (0)

Anonymous Coward | more than 6 years ago | (#16519117)

Sounds like the fat lady has sung to me.
Why would I want to through my privacy away like that?

This forces a huge amount of trust in them... (2, Interesting)

Pvt_Waldo (459439) | more than 6 years ago | (#16519183)

First, we must trust they will not leak the data of "who surfs what".

Second, we must trust they will not get hacked and this information stolen.

Third, we must trust them to be the judge of "good and bad".

Fourth, we must trust they won't get hacked and their list either modified by adding or removing site.

Don't fall into the trap of "Oh it's Opera, of course we trust them". Let me put it this way. If Microsoft announced this, what would your reaction be?

Re:This forces a huge amount of trust in them... (1)

elcid73 (599126) | more than 6 years ago | (#16519281)

They use GeoTrust.... which is a third party, your points are still valid.

But you also have to look at some of those with FF's phishing filter too right? You're getting a blacklist from (presumably) a mozilla server- so don't you have to trust their judgement of good/bad?

Re:This forces a huge amount of trust in them... (1)

hkmwbz (531650) | more than 6 years ago | (#16519989)

First, we must trust they will not leak the data of "who surfs what".
You are assuming that Opera Software, a Norwegian company in a country with strict privacy laws, even stores any data.
Second, we must trust they will not get hacked and this information stolen.
See above.
Third, we must trust them to be the judge of "good and bad".
Good: Anything. Bad: Phishing site. I fail to see what's so difficult here.
Fourth, we must trust they won't get hacked and their list either modified by adding or removing site.
That goes for all these anti-phishing solutions.
Don't fall into the trap of "Oh it's Opera, of course we trust them". Let me put it this way. If Microsoft announced this, what would your reaction be?
So a company's track record doesn't matter? The fact that Opera already has Opera Mini, where all traffic goes through Opera's servers and everything's just fine and dandy?

Re:This forces a huge amount of trust in them... (1)

Kelson (129150) | more than 6 years ago | (#16520113)

Let me put it this way. If Microsoft announced this, what would your reaction be?

I trust you are aware that Microsoft announced similar antiphishing features [msdn.com] over a year ago, and just released them in IE7? And that Firefox 2 will also ship [slashdot.org] with similar functionality next week?

You don't have to imagine the reaction... just look back in the archives and read it.

Why not go the anti-phishing route of Firefox2? (0)

Anonymous Coward | more than 6 years ago | (#16519235)

Firefox 2 currently has a similar feature but its just a list of sites.
http://www.mozilla.org/projects/bonecho/anti-phish ing/ [mozilla.org]
Much like what spywareblaster and spybot uses to "immunize" your system.
I can't see why Opera doesn't go that route.

Having Opera check Opera's site for every website will kill their server, no doubt. And seeing as Opera is now free, without any banner advertising (free since version 8.5), I can't see them recouping that cost very well.

If it does check every site I visit (without any way to turn it off), I -will- stop using Opera.

Re:Why not go the anti-phishing route of Firefox2? (1)

elcid73 (599126) | more than 6 years ago | (#16519409)

They've opted for a more "real-time" updating as phishing sites can move very quickly.

FF2 also allows you to use google in the same way as Opera.

That said, I think Opera should allow us to keep real-time checking turned on as they'd like, but also allow us to "downgrade" our coverage to a blacklist that we can download (just new additions!) daily.

Opera experience... (0)

Anonymous Coward | more than 6 years ago | (#16519241)

I'm not sure if this will get modded down (lord knows it won't go up), but I'd like to extend my very sincere "Thanks!!!" to all the people working for Opera.
I've been using Opera now for a LOT of years... I'm not sure... 6? 7? 8?
Whatever...
Best. Browser. Ever.

Between their support, the great piece of code they provide, the Widgets, F4 and its tools, the mouse gestures (GENIOUS!), etc... Opera is, IMHO, the best browser available.

Yes, yes... FireFox is all the rage... Yes, yes... I know that FireFox saves people from drowning in the coasts of California and that little Fox on fire thinks about the Children... I know.

But people... Opera. Kick-ass. :)

Regarding the servers "phone home"... fine by me.
Opera is a company/group-of-people that I've come to trust. Not once have they let me down.
Thanks!!!

Best to you,

-Opera User

((Posted Anon... Although I know my name... and I ain't no coward... I don't want to Karma-whore))

Does anyone read anymore? (5, Informative)

scoobrs (779206) | more than 6 years ago | (#16519363)

Does anyone bother reading before commenting anymore? The feature will be able to be switched off at will, even on a site-by-site basis, and they will toss out source IPs at Opera if you choose to use it. The main reason they do it this way instead of downloading lists like mozilla and IE is that lists can be obsolete and phishers can be onto promoting their next scam by the time the lists are updated on clients. Besides, Opera is in Norway and outside Department of Justice jurisdiction for spying requests. If you don't like it or are sophisticated enough that you don't need it, turn it off.

Re:Does anyone read anymore? (1)

Nimey (114278) | more than 6 years ago | (#16520057)

Does anyone bother reading before commenting anymore?


You must be new here.

Opera users easily phished? (1)

RayMarron (657336) | more than 6 years ago | (#16519449)

Sounds neat, so long as it defaults to off. I doubt the Opera user demographic is particularly succeptible to phishing, though it would be useful if you're installing it for grandma.

What a coincidence (1)

zenithcoolest (981748) | more than 6 years ago | (#16519565)

Just at the time IE7 is out and is stil fighting with vulnerabilities, Opera is thinking of revamping itself

IOW (1)

evronm (530821) | more than 6 years ago | (#16519643)

Opera announced an addition that will keep it in step with its rivals. Johan Borg, a developer working on the browser, said
I think he was misquoted. What he really said was "Firefox and IE are irrelevant."

DS (1)

joschm0 (858723) | more than 6 years ago | (#16519889)

I don't what else it does, I just want Opera for the DS. It's been out in Japan for awhile but I heard any more news about it in months.

Phone Home? (1)

e2ka (708498) | more than 6 years ago | (#16519969)

well I'll be damned if I use this software on a computer with a network connection then!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>