Opera to Start Phoning Home?

← Back to Stories (view on slashdot.org)

Posted by ryuzaki0 on Friday October 20, 2006 @05:46AM from the they-know-what's-good-for-you dept.

An anonymous reader writes "Near the end of a story about Opera's determination to stay in the game: 'Earlier this week, Opera announced an addition that will keep it in step with its rivals. Johan Borg, a developer working on the browser, said Tuesday in a blog that the next edition, Opera 9.1, will include beefed up anti-phishing and anti-fraud features. Rather than simply indicate that a site is secure with a notation in the address bar, Opera 9.1 will also query Opera-owned servers for information on any site visited. Those that Opera has identifies as fraudulent will be automatically blocked by the browser.'"

12 of 197 comments (clear)

Min score:

Reason:

Sort:

Hmm Suits in the waiting? by ackthpt · 2006-10-20 05:47 · Score: 5, Insightful

Those that Opera has identifies as fraudulent will be automatically blocked by the browser.'"

Seems to recall this can lead Opera to trouble, like what happened with Spamhaus.

--

A feeling of having made the same mistake before: Deja Foobar
1. Re:Hmm Suits in the waiting? by cshark · 2006-10-20 07:25 · Score: 4, Insightful
  
  I hate to ask an obvious question, but what if I didn't want this feature? I mean, aside from telling Opera everything I decide to do online, which gives me the heebeejeebees, I don't see the value that comes from giving up my browsing privacy entirely like this. Opera has been benign until now, however who is to say that the list of sites you visited wouldn't end up in the hands of certain entities whom you would rather not have them. Department of Homeland Security comes to mind. Blah bla Military Commissions act s950v, blah bla conspiracy, blah bla, etc.
  
  Besides, I sometimes enjoy visiting phishing sites and giving them mountains of fake information.
  It's fun, and something to do on weekends. It also means much more bunk data for the bad guys to sort through.
  My civic duty I always say.
  
  Don't you think a simple warning based on known patterns or wording is enough?
  
  --
  This signature has Super Cow Powers
2. Re:Hmm Suits in the waiting? by KC7GR · 2006-10-20 07:37 · Score: 4, Insightful
  
  Not necessarily. The Spamhaus suit was utterly without merit, as no one is forced to use the Spamhaus database. Mail blocking occurs ONLY if (a), the SysAdmin(s) at the ISP or host in question choose to check incoming mail connections against the Spamhaus database; And (b), if Spamhaus has listed the IP address(es) being checked in said database.
  
  For the record: I've used Spamhaus to help protect our network for years. I've gotten NO false positives with their listings. Ever. That's more than I can say for the SPEWS list. I can't even count how many hours they've saved me over the years.
  
  Anyway, back on topic: The only way I can see this causing trouble for Opera is if they don't provide a way for the user to turn the feature off. With that said, I think such a feature should be OFF BY DEFAULT, and left to the user to enable if they wish. The potential for abuse of this system (someone at Opera getting a wild hare up their tail, and listing a site they don't agree with for blocking) is mind-boggling.
  
  Keep the peace(es).
  
  --
  Bruce Lane, KC7GR,
  
  Blue Feather Technologies
Great feature realy. by Kenja · 2006-10-20 05:50 · Score: 5, Insightful

I relay like this idea, so long as it can be turned off. Based on my experiance with Opera so far I'd say that not only will it be able to be turned off, but that you can disable it on a server by server baises.

There's a reason I was willing to pay for Opera when it was still a commercial product. Now if only they would make a Symbian native version, the Java version has a hard time in landscape mode on my Nokia N93.

--

"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
secure...says opera? by otacon · 2006-10-20 05:52 · Score: 5, Insightful

Well the fact that opera will check EVERY site someone goes to against their own server might work in theory...but does anyone really want all their web use data to be tracked by a server?

--
In a world of acronyms, the words are the real victims.
1. Re:secure...says opera? by Kjella · 2006-10-20 07:40 · Score: 4, Insightful
  
  It only sends a hash of the web address. It would be difficult to extrapolate the whole address from a hash.
  
  If the hash is simply of the path, it should be fairly trivial to create a rainbow table. Most sites that use some sort of ID like:
  http://foo.com/articles.bar?id=5003242
  would be trivial given a pattern, which would easily give you detailed tracking for many sites. And the domain name itself can tell quite a bit...
  
  --
  Live today, because you never know what tomorrow brings
Re:I'm sure that... by elcid73 · 2006-10-20 06:23 · Score: 4, Insightful

It's the native mouse gestures,MDI tabs (I can tile them with a mouse gesture!) and excellent caching of history (I'll tell you when to reload the page dammit.. I *want* the old data) that got me.

If I used a Mac, the speed of Safari is not something I would overlook though. I would find one of those mousegesture additions (cocoa gestures or some such?) though.

eh, to each his own.
Re:Someone please cry foul by hkmwbz · 2006-10-20 06:28 · Score: 5, Insightful

Your ISP can track everything you do. That must mean that they are abusing their position. Why get Opera to track your surfing when your ISP could do so much more efficiently?

--
Clever signature text goes here.
Re:Someone please cry foul by bestinshow · 2006-10-20 06:28 · Score: 5, Insightful

That's if they log the requests - given that they're a Norwegian company, they have some pretty tough privacy laws to content with.

I expect that it will depend on the terms and conditions in the end, and that they will say 'we will not log or use your data in a user-specific manner (not even AOL style 'user == number' obfuscation, hehe), however we may use it to compile statistics on accesses to phishing sites', which could prove quite useful in anti-phisher court trials.

It's no different to IE7 or the next version of Safari. The best way to check a website is authentic is to check the URL against a blacklist and then tell the user in big red text in a way they'd be retarded to ignore about the threat. I do think it would be better to download the blacklist to the client and resync it often however.

How do the Firefox add-ins, IE7 and Safari 3 handle anti-phishing?
Re:I'd like it better.... by Shemmie · 2006-10-20 06:43 · Score: 5, Insightful

Isn't this against everything we say when it comes to Microsoft? We're meant to be protecting Joe Six-Pack. Various features should ship with the default to 'on', so that those in the know are free to turn it off, but it still protects those who it would most likely benefit?
Re:I'd like it better.... by foamrotreturns · 2006-10-20 07:07 · Score: 5, Insightful

One problem with your argument:
Joe Sixpack will not use Opera; he'll use IE. That's why we harp on MS for being so lax in security. They're targeting the lowest common denominator.
Re:Just matter of time by animaal · 2006-10-20 07:10 · Score: 4, Insightful

Which government? Norway isn't (yet) subject to the U.S. government.