Is the Opera VPN a true VPN or just a proxy

A Former User

Any vpn you use for surfing the web is essentially a non-transparent proxy. The connection between you and the vpn server is secure, however. But between the vpn server and the websites you connect to, it is no different than any other connection.
"In most cases, VPN services are nothing more than an anonymizing secure web proxy labeled as “VPN”. They often claim that they “secure website connections” or “encrypt your website connections”. Neither of these are true but many companies resort to phrases like these to keep up with the competition. A VPN service of this kind cannot possibly secure a connection to a website, because it only controls part of that connection."

from https://vivaldi.com/blog/vpns-proxies-privacy/

leocg

leocg Moderator Volunteer @Guest

See https://help.opera.com/en/latest/security-and-privacy/#VPN

A Former User

Yes, I completely understand what a true VPN does. It encrypts the data from point A to point B. Also I understand what a proxy does. My only confusion is, is how does Opera claim that it's a VPN and provide anonymity. If it's doing something other than advertised then that's misleading and false advertising. .

leocg

leocg Moderator Volunteer @Guest

Because it's exactly what it does.

A Former User

What kind of answer is that. Can I get a direct answer for a direct question. Let me try again. Is it a VPN or a proxy server there is a big difference. If someone can answer that accurately and not give links to some advertisement or brief description. Also, what kind of encryption does it provide if it does to what point.

blackbird71

blackbird71 @Guest

@kevinpavi said in Is the Opera VPN a true VPN or just a proxy:

Yes, I completely understand what a true VPN does. It encrypts the data from point A to point B. Also I understand what a proxy does. My only confusion is, is how does Opera claim that it's a VPN and provide anonymity. ...

I'm not sure you (or I or anyone) actually do 'completely understand'. We all typically have just our own opinion of what it does (or should). In the real world, there are many debatable semantic details folded into terms like "true" and "VPN", with nobody standing as an agreed-upon, final arbiter for what the terms absolutely mean. Some examples: from Wikipedia: "A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption"; from ExpressVPN's site: "A VPN, or virtual private network, is a secure tunnel between two or more devices"; from Techhive: "The best way to think of a VPN is as a secure tunnel between your PC and destinations you visit on the internet". From Webopedia's site: "A virtual private network (VPN) is a network that is constructed using public wires — usually the Internet — to connect remote users or regional offices to a company's private, internal network"; from searchnetworking's site: "A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet."

What nearly all definitions of VPNs include is that it must establish an encrypted, trusted connection between local software and a remote target destination, wherein the data traverses a public connection network in a way that the data and connections between the local point and the remote target site are not discernible outside the VPN's endpoints. A local VPN's endpoint may convey all the software data moving off/onto the computer, or it may only apply to data moving from a web browser; in the first case, some (but not all) users term it a 'true' VPN. Others argue that unless it employs VPN "tunneling" protocols, it's not a "true" VPN.

The point is that Opera's "VPN", while in one sense simply a secure https proxy, still qualifies in the most general sense of being a VPN with respect to web browsing, in that it provides an encrypted point-to-point connection that obscures all the end target's data and IP from being discerned along the local user's public Internet connection to the VPN server, as well as obscuring all the user's browser-requested IPs other than their VPN's server IP.

A Former User

This is great literature but I'm questioning the the true function especially after the moderator mentioned the VPN is more like a proxy.

leocg

leocg Moderator Volunteer @Guest

It's a reply to the part of your comment saying that Opera claims that the VPN gives anonymity.

blackbird71

blackbird71 @Guest

@kevinpavi said in Is the Opera VPN a true VPN or just a proxy:

This is great literature but I'm questioning the the true function especially after the moderator mentioned the VPN is more like a proxy.

The Opera VPN functionality provides https security based on a typical X.509 certificate for Opera's VPN server and the underlying TLS encryption protocols used for https. Information sent by the Opera browser to the target site as well as that site's URL are encrypted by Opera's VPN functionality, sent in packets to the IP for Opera's VPN server, decryted, DNS lookup performed on the target site's URL, and the data packet is then re-sent from Opera's server's IP to the target site's IP. If that site's URL is https, then traffic from the Opera server to/from that site will also be TLS encrypted; if not, then that part of the communication path will be non-secure (ordinary http).

In the sense that the browser VPN'd traffic all flows through Opera's VPN server, that server behaves as a proxy (and a proxy, by definition, is not necessarily linked via encryption). In the sense that https encryption is employed by the browser's VPN functionality from the browser to at least the VPN server (and all the way to the target site, if an https URL is specified for that site), the functionality behaves like a secure VPN.

leocg

leocg Moderator Volunteer @Guest

The function is basically to hide your IP address and provide some more privacy to the user.

A Former User

Wow! Great explanation. Can you elaborate on how the "no logs" kept policy is enforced when using the VPN.

blackbird71

blackbird71 @Guest

@kevinpavi
I'm not sure what you're asking. Opera's Privacy Policy (21 Feb 2018) states several things...

Opera Privacy Statement:
We treat your personal data as required by law. We are a Norwegian company and we follow Norwegian data-security laws as well as other national legislation, as needed. We require that our suppliers successfully pass security assessments and prove their compliance with applicable laws and industry standards.
...
We retain personal data only as long as necessary for processing it in accordance with the purposes described in this statement, or as otherwise necessary to comply with applicable laws. When your data is no longer necessary or relevant for our purposes, or required by applicable laws, we take steps to have it deleted, aggregated or made anonymous.

Opera Privacy Policy - Opera for Computers:
Opera browser for computers implements a “no-log” VPN service. We do not collect and store any personal data related to the service.

I'm not an Opera employee nor have access to their server farm, so when they state (in a Privacy Statement acknowledging them operating under Norwegian law) that they don't log information in their VPN service, I have to assume their servers and the browser VPN functionality aren't set up to create or maintain stored logs beyond the immediate term necessary to sustain the VPN connection paths.