Slashdot Mirror

← Back to Stories (view on slashdot.org)

Opera 7.0 Security Holes ... Fixed

Posted by timothy on from the fat-lady dept.

An anonymous reader writes "GreyMagic has issued five new security advisories for the recently-released Opera 7.0. They affect the security model, the javascript console, images, the history and the error log (allowing access to the history). A new version will be released within 24 hours to fix the holes, according to an article at The Register." Update: 02/05 02:01 GMT by T : An anonymous reader writes "Opera Software have just released Opera 7.01 for Windows. This version fixes the recently discovered security holes less than 24 hours after they were discovered - a very impressive turnaround! The release is currently only available on Opera's FTP site. It can be downloaded with Java (12.9Mb) or without (3.3Mb)."

13 of 291 comments (clear)

  1. Who in their mind... by josh+crawley · · Score: 2, Interesting

    Would BUY a web browser? These things are commodity now in the terms of operating systems. We have IE and Mozilla for Windows, KHTML and Mozilla for Linux, and IE and Mozilla and KHTML for Mac.

    We have Mouse gestures for Moz by plugin, Tabbed bowsing for Moz and Konq, and any other feature deemed ok can easily be added in to Mozilla (either by source adds or plugins).

    Can somebody answer me why someone would buy a web bowser these days?

    1. Re:Who in their mind... by Anonvmous+Coward · · Score: 4, Interesting

      "Can somebody answer me why someone would buy a web bowser these days?"

      I paid for Opera, and I have 0 regret about that. Opera has, in my opinion, the best user experience. (UI, etc...) Did I have to buy it? No. They have an ad-supported version for free. However, I would like to encourage them to continue down their road towards maintaining the best UI.

      IE 6 is not significantly different from IE5. Though they're free, they do not provide the same evolution that Opera 7 has in relation to Opera 6. Unfortunately, when you aren't making money on your browser, what's your incentive to compete?

      BTW, as long as you're using the Ad-supported version of a browser, you are, in a sense, paying for it. Might as well clear that up now.

    2. Re:Who in their mind... by Anonymous+DWord · · Score: 1, Interesting

      Because mouse gestures for Mozilla suck, and the tabs in Opera are far superior. Besides, it's faster. And smaller. And it doesn't have as many holes, this recent news notwithstanding. Don't buy it if you don't want to. Nobody's forcing you.

      --
      "If he thinks he can hide and run from the United States and our allies, he's sorely mistaken." Bush on bin Laden
    3. Re:Who in their mind... by singularity · · Score: 2, Interesting

      I paid for one about one year ago today. I did not even have to pay for it.

      iCab, for the Mac, is still in Preview release form. Eventually they hope to start charging for the final release. When they opened up an optional payment system, I grabbed my credit card the first hour I heard about it.

      Why? I like iCab. It does what I want it to. It has feature integration unlike any other browser I have seen. It was one of the first to block pop-ups. Its built-in ad filtering is still next to none, and it had that years ago. The level of control over the browser is simply amazing in a fairly easy to use preferences dialog box (instead of entering information into a text window a la Mozilla and others).

      As a point of comparison, I have used Mozilla, IE, K-Meleon, Chimera, Safari, and others.

      iCab has its drawbacks, for certain (CSS rendering), but it is good enough to warrant me giving money for its continued development.

      I suppose I am just willing to pay for quality.

      --
      - (c) 2018 Hank Zimmerman
    4. Re:Who in their mind... by Anonymous Coward · · Score: 1, Interesting

      Quick Preferences > Identify as (browser name) is a godsend. If it weren't for browser detection scripts that people put on their webpages; Opera would just fly into many of the sites where it gets stuck.

      My school's account management as well as my online banking "You must have Internet Explorer 4+ to view this website; does not work with Netscape". Change Opera's ID and presto... I don't need Internet Explorer. Ever. :D

  2. Re:Quick Turnaround by sean23007 · · Score: 2, Interesting

    They weren't overnight. They've been working on them since Friday and wanted the announcement to come on Thursday so that they could properly test the fixes.

    --

    Lack of eloquence does not denote lack of intelligence, though they often coincide.
  3. I may just be yet another opera fanboy, by a8f11t18 · · Score: 2, Interesting

    but opera surely does rock!! I have tried Mozilla, Pheonix, and IE, and also Konqueror and some other browser on linux which I tested a while ago, and well.. sorry, but opera is by far the best browser I've ever used.. I would mourn if it suddenly went bankrupt or whatever, as non of the other browsers are good enough for me after having used opera. Of course, things are looking fairly good for opera and their future, even though they're competing in the deadliest of markets - this hold true especially for the portable market. When discussing opera and browsers, someone always comes on and says why not use pheonix instead?? I will tell you something.. to me, pheonix feels almost as bloated as mozilla.. it's just something with the.. interface.. difficult to describe.. even the renderer feels slower, or in some other way inferior to the one of opera, but.. the show stops already with the user interface.. there's just something not completely right about it.. opera has nothing too fancy in the way of interface design, but it just works and feels very good. So some seem to think us opera users just make stupid claims.. tell me this.. why the hell would i bother to pay for opera if pheonix is just as good or even better as many claim? For me, it simply isn't.. besides, opera has some functionality moz/pheonix cannot offer me yet.

  4. The Difference by Anonymous Coward · · Score: 2, Interesting

    Opera comes up with security problems, and they're fixed in short order.

    IE has one big security problem (script support) and a whole bunch of little ones, and the patches come, well, when they get around to it.

    Conclusion: Well, you decide for yourself...

    This Post Made From Within Opera (6.0)

  5. Opera support response time by Anonymous Coward · · Score: 5, Interesting

    Wrote 'em an email complaining about their security-through-obscurity model, and had a reply back from a developer within ten minutes, pointing me to the FTP site with the fixed version...

    That's not a bad response at all, IMHO.

    And no, I don't work for 'em - are they hiring at the moment? :)

  6. Why did they release the holes in the first place? by LemurShop · · Score: 2, Interesting

    Yes, security through obscurity and all but shouldnt they have contacted Opera first to let them know and let them fix it before announcing them to the public? This isnt some 3 months-waiting-ms-bug, Opera 7 has been out for a month.

    --

    This sig was cut off by the sla
  7. Memory leaks by edxwelch · · Score: 2, Interesting

    What about huge the memory leaks that were in the beta 2? Did they fix those as well? Just curious.

  8. Opera beneficial to Open Source by henben · · Score: 4, Interesting
    Even if you don't want to use a commercial browser, the existence of Opera is a good thing for projects like Mozilla.

    Let me explain: Opera have shown their willingness to innovate and add new features to their browser. And they're good at it. Many of their ideas are very useful, *and* they're designed to benefit the user rather than create new "standards" to try and lock in developers.

    Opera promoted the ideas of tabbed browsing and mouse gestures, ideas that were taken up by many Gecko-based browsers. The new release adds and intelligent "forward" button, understanding of navigational META tags, and small screen rendering.

    If you watch Moz and Phoenix, you will see the influence of Opera - for example, the demand for Opera-style "rocker" gestures (using mouse button combos rather than movement) to be added to the gesture extensions.

    Now, I'm not saying that Open Source projects should only clone and never innovate - and in fact, there are many innovations in Mozilla (pie menu navigation and type ahead find, for example). But Opera is a useful source of good interface ideas, and the company is not taking out bogus patents to "protect" them.

  9. browsers and critical computers by midgley · · Score: 3, Interesting
    Our definitions of criticality and advsable behaviour may differ. We are both right, of course.

    I'm a medical doctor.

    My desktop computer is critical.

    I need to look up stuff from our internal and external knowledge stores like the Dermatology advice (no URL offered by me!), and national electronic library for health GP Notebook and the US NIH, University of Iowa virtual hospital, that sort of stuff, while I'm dealing with patients.

    In due course I may need to order (we say request) tests or further opinions which are accessed via a browser.

    I think I need a browser on my critical computer.

    I can do it by using the VNC session I maintain to the Linux machine on the network, and running the browser on that, but that makes cut and paste, and triggering a browser from a database noticeably more difficult.