Option to edit DEFAULT SEARCH ENGINES

stealth789

stealth789 last edited by

alaxanderzeus,
You're repeating verbatem the arguments already made by stealth789 and me.
We all agree that if they can safely and cost effectively add additonal search engines, we recommend they do it. Everyone agrees it shouldn't be done if Opera concludes it's not safe.

I just don't agree that they can't do it safely and cost effectively.

As you stated before you're not specialist on this specific topic or developer. So basically no one responsible didn't react the way why exactly this cannot happen. So then I can argue to it, why it should be possible. As I'm used from any other forums that I can argue about my suggestion also with people really responsible for possible application of suggestion. But maybe my misunderstanding.

There is nowhere else for this thread to go. It's really time to close it.

linuxmint7

linuxmint7 last edited by

alaxanderzeus,
You're repeating verbatem the arguments already made by stealth789 and me.

Of course he was, because he was (past tenths) a spammer.

lem729

lem729 last edited by

linuzmint7

Crazy? Past tense? (yes, his post was thankfully deleted). Thanks.

blackbird71

blackbird71 last edited by

alaxanderzeus,
You're repeating verbatem the arguments already made by stealth789 and me.
We all agree that if they can safely and cost effectively add additonal search engines, we recommend they do it. Everyone agrees it shouldn't be done if Opera concludes it's not safe.
There is nowhere else for this thread to go. It's really time to close it.

Sigh...!
@lem729 -- OT: things I really wish this forum possessed: a means of indicating (in the original place) that a poster's message was deleted by a mod. I read forums in linear fashion... so when I stumbled on your reference to alaxanderzeus's post, I went back looking for it, over and over again (thinking it really must be there somewhere). Eventually I gave up and continued reading beyond your post, only to discover that he was a spammer and his posts were made to evaporate... quite understandably, of course. But it does leave a messy trail behind in references of subsequent posts, and readers can too easily fall off that cliff as they follow along. Oh well... there are worse things in life, I guess.

lem729

lem729 last edited by

You are right, blackbird71. I noticed it too Like what were we all commenting on (once the spammer's post was deleted). If I had been quick enough, I would have ignored the post, so there would be no trail when the moderator deleted the post. I'll try to remember that in the future.

Yes, ideally if the Moderator deletes a post, maybe the name of the spammer should remain with the message by the Moderator about "Post deleted because it . . . " (whatever). Then if people saw the comments, they would understand it. Sometimes, I've seen the Moderator's do that.

blackbird71

blackbird71 last edited by

@lem729, it's only a guess, but the mods may have more than one way to attack spamming, and depending on what technique they use, the results/effects may vary. If they go after an individual post, perhaps they can comment in place of it... but if they extinguish the hacker's account in certain ways, perhaps all his posts simply evaporate... I'm really not sure. In any case, the mods have a heavy enough load, so I certainly wouldn't want to add to it by asking for more manual intervention in such situations. I just wish the forum machinery itself did some things a little differently, this being one of them...

But, as I noted earlier, in the grand scheme of things, there are certainly worse things. Frankly, I'm glad (and very appreciative) that the mods are jumping on spam as fast as they do... it's a major, major improvement over the early days of this forum.

A Former User

A Former User last edited by admin

Does it is necessary to discuss the same thing in two topics?
Very confusing, specially when it comes to chose where I'd post.

I hope all interested can see my comment here and that we are able to learn more together about the two issues (lack of HTTPS in some built-in engines and the setting of custom search engine as default):
https://forums.opera.com/post/42867

lem729

lem729 last edited by admin

For me, the issue was Opera's inability to add additional search engines because of the fear of a malicious takeover/hijacking of the search engine. And while there was agreement as to that by everyone, it would seem, except the original poster, there was an unfair, offensive characterization by rafaelluik of some of the posters in that other thread (including myself), unfortunately cross-referenced in the post above. In repeating -- through the cross-reference -- something, in my view, very much inappropriate, double damage was done. Now here was my response.

https://forums.opera.com/topic/3441/search-engine-default/78

Notwithstanding the above, every moderator has a difficult job, and I repect those who take on such arduous, sometimes thankless responsibilities. It's not always possible, like Solomon, to offer to divide the baby in two. This was a case in particular where the offer to divide really doesn't work.

A Former User

A Former User last edited by

I'm sorry about any confusion... I'll try to clear up the things as we continue replying in that thread. I didn't mean to hurt anybody (and I believe you misunderstood what I wrote, or maybe I wrote very badly so it was impossible for something else to come out from this? IDK).

I'd like to remember you that although I'm a mod, I'm also a member. When I post, I post also as a member and I can let my opinions flow like everybody else. As a mod, I didn't condemn any of your attitudes nor advised/warned you, nor pointed to the forum rules nor anything. (I hope this can be understood and I don't feel remorse later. huh lol)

lem729

lem729 last edited by

Yes, no worry there, @rafaelluik

How terrible it would be if you couldn't wear your member hat and throw yourself into the fray now and then. And yes, sometimes when you do comment, it's hard for others not to see the comment coming from you in that moderator role. Still we badly need good moderators, so you are helping to perform an essential function. So please no after-the-fact remorse. If you always agreed with me, maybe -- haha-- I'd find you boring,
Now there was no intent to gang up on anyone, though passions can be heated when posts go back and forth almost, seemingly every minute. I know my own limitations on this issue, and that I don't have the technical knowledge to second guess Opera. That's why I have kept saying in this thread that I have to "defer" to Opera. And though we have some highly astute people, with much programming and computer knowledge in the forum, there's still an issue of whether they know enough about the problem Opera was dealing with, to say Opera was wrong in its determination. I highly doubt it. Therefore, I struggle trying to see what use there is in this thread, other than a vehicle to vent.

I guess we could contribute something in this thread (even make recommendations to Opera that might help it) if we knew (what, alas, I strongly suspect we do not, nor likely ever will):

(1) what data Opera had about the hijacking of its browser engines that led to the limitation in default engines offered, including how exactly the hijackings took place. In that regard, was there a uniform method, or might there be a number of different ways the hijackings occurred?

(2) how default engines (other than the ones approved by Opera) contributed to it, that is, made the hijackings easier.

(3) does Opera view its default engines as inherently safer than others would be if they made them available, and if so, why?

(4) or is that Opera needed to offer some default search engines to compete with other browsers ( maybe even made income out of the default search engines they offered), and that while all engines can equally (and as easily) be hijacked, that the risks of hijacking become greater if you offer more (hence a limitation on the number Opera chose to offer).

(5) or is it that for some reason it would help if we knew, typing the code would make any search safer, but Opera did need to offer some default search engines (to compete with other browsers) but wants to limit the risk of hijackings, by limiting the number of default engines offered.

(6) why typing of the one or two letter code, is in Opera's view safer.

(7) why via extension Opera lets Disconnect Search get around the limitation for DuckDuckGo, and any others in the Disconnect Search engine not in the Opera approved default list. (Surely Opera concluded this extension provides needed functionality). Maybe there's a liability concern. If Opera provides the additional engine, they are more responsible for safety than if a third-party provides it, where their review is on its face lesser.

In sum, unless we could provide Opera with this questionaire ;))) and get a full and complete response, I don't see how we can second-guess Opera and say they made the wrong decision. All we can do is to ask Opera to provide additional default search engines if: (a) Opera deems them as safe as those already provided, (b) concludes that typing the additional code in no way adds to the safety).

notwithoutmymonkey

notwithoutmymonkey last edited by

Despite Opera's excuses, it's clear that this decision has been taken for commercial reasons. The reason itself simply doesn't pass the sniff test of plausibility.

I don't want anything to do with Google. I object to the company, its practices and the insidious power that it is amassing. I used to remove it from my search options. I'm no longer able to do that. I have used duckduckgo, ixquick and qwant interchangeably for some time now.

I object to being corralled into using search engines that Opera has commercial agreements with and for this reason after many years of use, I will be migrating to Firefox where I can at least alter the default search engine.

lem729

lem729 last edited by

Now @notwithoutmymonkey, you say it is ckear the Opera decision to limit default search engines, "was taken for commercial reasons.". How so, clear? On what evidence do you base that conclusion? Am I missing something here? Opera asserted security reasons -- the hijacking of search engines by malware and adware, taking users to dangerous sites. Aren't you concerned about that? Perhaps you would like to have your credit cards and identity stolen. As for gross commercial actions (not that there's anything wrong with business ;)) check this article out, "Firefox hits the Jackpot with almost billion dollar google deal."

http://www.zdnet.com/blog/networking/firefox-hits-the-jackpot-with-almost-billion-dollar-google-deal/1780

Firefox, it seems, takes more money from Google than any other browser. $1,000,000,000. Wow. Perhaps, by a longshot. So that's who you are about to jump in bed with. Smile. If you're that concerned about commercial reasons, what then are you doing? Now, if you want to use another default search engine, not provided by Opera, for what it says are security reasons, and are unhappy with the minimally obtrusive one or two letter code workaround or extensions, which make the code workaround unnecessary (like Disconnect Search) and expand functionality, and if you are not concerned about the safety issue, then fine, switching, of course, is your prerogative,

stealth789

stealth789 last edited by admin

For me, the issue was Opera's inability to add additional search engines because of the fear of a malicious takeover/hijacking of the search engine. And while there was agreement as to that by everyone, it would seem, except the original poster, there was an unfair, offensive characterization by rafaelluik of some of the posters in that other thread (including myself), unfortunately cross-referenced in the post above. In repeating -- through the cross-reference -- something, in my view, very much inappropriate, double damage was done. Now here was my response.
https://forums.opera.com/topic/3441/search-engine-default/78
Notwithstanding the above, every moderator has a difficult job, and I repect those who take on such arduous, sometimes thankless responsibilities. It's not always possible, like Solomon, to offer to divide the baby in two. This was a case in particular where the offer to divide really doesn't work.

Just one point of view. From developer's point of view. Inability is mostly excuse here. I can understand other reasons, but not, that they're not able to make it. It's just not correct. It's about finding a way, not ignoring it.

stealth789

stealth789 last edited by

In sum, unless we could provide Opera with this questionaire ;))) and get a full and complete response, I don't see how we can second-guess Opera and say they made the wrong decision. All we can do is to ask Opera to provide additional default search engines if: (a) Opera deems them as safe as those already provided, (b) concludes that typing the additional code in no way adds to the safety).

:). But I don't agree that we can't second guess unless they give answers. We can. And even more just because they don't give these answers.

lem729

lem729 last edited by

We know search engines have been hijacked in the past. And that if they are, the risk of damage to users can be quite severe. Credit card and identity theft are no laughing matter. So for me, there's no upside to disbelieving Opera when they say that the hijacking of search engines is a reason why they limited the number of default engines. I don't want to push them to do something that could harm users, including myself.

Now personally, I'm delighted if Opera provides more default search engines. My only concern is that they do not do so under pressure from users, even though they believe the risk of default search engine hijackings becomes greater. Rather I hope they are able to conclude, based upon further analysis, that there is no increase in user risk, and that they can, therefore, comfortably provide more default search engines. Let's keep our fingers crossed and hope for the best. If Opera, however, continues to conclude that providing more default search engines would increase user risk, the "best" from my perspective would be for Opera not to provide the increased default engines.

stealth789

stealth789 last edited by

We know search engines have been hijacked in the past. And that if they are, the risk of damage to users can be quite severe. Credit card and identity theft are no laughing matter. So for me, there's no upside to disbelieving Opera when they say that the hijacking of search engines is a reason why they limited the number of default engines. I don't want to push them to do something that could harm users, including myself.
Now personally, I'm delighted if Opera provides more default search engines. My only concern is that they do not do so under pressure from users, even though they believe the risk of default search engine hijackings becomes greater. Rather I hope they are able to conclude, based upon further analysis, that there is no increase in user risk, and that they can, therefore, comfortably provide more default search engines. Let's keep our fingers crossed and hope for the best. If Opera, however, continues to conclude that providing more default search engines would increase user risk, the "best" from my perspective would be for Opera not to provide the increased default engines.

If you refer laughing to my smile, it was meant for your questionaire ;). I never laugh when security is an issue.

And I got it, that are opinions here on some things are different. It's OK. I also don't want it to harm anyone. But from my technical point of view, risk is the same as allowing you to save your password. So it's simple. They can use same mechanism like for saving passwords in file Login Data. It's only SQLite database file with encrypted data. It's not like reinventing the wheel you know. And here I'm ready to argue to anyone with technical background. No problem.

lem729

lem729 last edited by

You smiled at my questionnaire. Good grief! But were you able to answer anything in it? Some of those are reasonable questions (from a technical and a common-sense background), starting with " what data Opera had about the hijacking of its browser engines that led to the limitation in default engines offered, including how exactly the hijackings took place." I mean this is basic, necessary information to decide whether Opera's actions were reasonable. All of that questionaire (one should never hide behind a forced smile) raises important issues without the answers to which you're basically shooting in the dark, in suggesting that Opera's actions have been inappropriate. Who knows what your might hit Having a technical background does not excuse the necessity to answer very essential questions, without which answers one can become like a person shooting a blunderbuss -- the pellets fly in every direction.

Now I'm not saying any of us are in a position where we could easily know the answers to those seven questions that I poseed. The information Opera had, upon which it made its decision on default engines, is not readily available to any of us in the forum. And huffing and puffing and talking about technical expertise in no way changes that essential problem with this thread. It is a reason why this thread is an exercise in futility.

stealth789

stealth789 last edited by

You smiled at my questionnaire. Good grief!

Smile was meant like "Well done ;)", so I'm sorry you're making assumptions and taking the wrong part of it. But it's your choice.

But were you able to answer anything in it? Some of those are reasonable questions (from a technical and a common-sense background), starting with " what data Opera had about the hijacking of its browser engines that led to the limitation in default engines offered, including how exactly the hijackings took place." I mean this is basic, necessary information to decide whether Opera's actions were reasonable. All of that questionaire (one should never hide behind a forced smile) raises important issues without the answers to which you're basically shooting in the dark, in suggesting that Opera's actions have been inappropriate. Who knows what your might hit Having a technical background does not excuse the necessity to answer very essential questions, without which answers one can become like a person shooting a blunderbuss -- the pellets fly in every direction.

These should be answered by Opera in first place. But sure, they don't care... But I'll come back to it. I won't run from question,... Even if it's not strictly question for me ;). And logic is not shooting in the dark. And what kind of excuse do you mean. I should excuse for what exactly?

And once again, you didn't even tried to react on my last assumption. You're again changing topic somewhere else.

Now I'm not saying any of us are in a position where we could easily know the answers to those seven questions that I poseed. The information Opera had, upon which it made its decision on default engines, is not readily available to any of us in the forum. And huffing and puffing and talking about technical expertise in no way changes that essential problem with this thread. It is a reason why this thread is an exercise in futility.

Here we won't agree either. I can make assumption based on analysis, logic, interpolation, ... to assume what's more likely. And I will second guess seriously everything. I won't trust something blindly, stating, I can't have my opinion? Question is, who's assumptions are more likely. But basically you're telling me you can't make assumptions. So sure it's hard to argue.

Deleted User

Deleted User last edited by

You smiled at my questionnaire. Good grief! But were you able to answer anything in it? Some of those are reasonable questions (from a technical and a common-sense background), starting with " what data Opera had about the hijacking of its browser engines that led to the limitation in default engines offered, including how exactly the hijackings took place." I mean this is basic, necessary information to decide whether Opera's actions were reasonable. All of that questionaire (one should never hide behind a forced smile) raises important issues without the answers to which you're basically shooting in the dark, in suggesting that Opera's actions have been inappropriate. Who knows what your might hit Having a technical background does not excuse the necessity to answer very essential questions, without which answers one can become like a person shooting a blunderbuss -- the pellets fly in every direction.
Now I'm not saying any of us are in a position where we could easily know the answers to those seven questions that I poseed. The information Opera had, upon which it made its decision on default engines, is not readily available to any of us in the forum. And huffing and puffing and talking about technical expertise in no way changes that essential problem with this thread. It is a reason why this thread is an exercise in futility.

I agree with you. Discussing this won't change anything now ç.

stealth789

stealth789 last edited by

(1) what data Opera had about the hijacking of its browser engines that led to the limitation in default engines offered, including how exactly the hijackings took place. In that regard, was there a uniform method, or might there be a number of different ways the hijackings occurred?

It's not important what data. Result was locking(signed by opera, and checked in runtime) of file search.ini in Opera Presto, and default_partner_content.json in Blink Opera against changes. Not files with users private data, but with default search engines. Suggesting, that even changing of password data are secure, when they decided to lock only search engines. Also protection of file system is not function of browser. And even if it's nice function, it can't be used as argument to restrict things. Then it's more fear factor, than argument, because then we're dealing with software able to access file system. And then there are much more important things to protect, than default search engine.

Also default search engines are in Chromium stored together with other custom engines in file Web Data. Opera did own mechanism. Yes if was maybe in time, when even Chromium hasn't default search engines there. Even so they could simply encrypt default search engines data in this file same way like they do with passwords in file Login Data. They made it more expensively. So mechanism used in passwords was not safe or was it more important for Opera to secure search engines file, than user's passwords data? If it's not, why did they did it harder and more expensive way? Or they care more about search engines security, or they don't trust mechanism used while saving user's password data. It they care more about search engines, then this security argument can flush itself. It they don't, but they don't trust user's password data saving mechanism, they also gave higher priority to deal with search engines against user's private data.
Still there was easier way how to deal with this problem, without much costs. Or the real problem is much bigger, but in other place.

Even reasons are money based. Or they made really really bad decisions, that don't make much sense. Or maybe they started with good reason, to "correct and enable later", but in time, this is still just better "solution". Still they didn't care to change anything about it in year and half.

(2) how default engines (other than the ones approved by Opera) contributed to it, that is, made the hijackings easier.

It's not about how many of them is, but about mechanism, how they are stored. So mechanism can make hijacking easier, not count of engines.

(3) does Opera view its default engines as inherently safer than others would be if they made them available, and if so, why?

As we know this engines except Wikipedia are paying to be in the list. And as I mentioned before, some are not even set correctly. And there are safer engines. So there's no "good" answer for Opera.

(4) or is that Opera needed to offer some default search engines to compete with other browsers ( maybe even made income out of the default search engines they offered), and that while all engines can equally (and as easily) be hijacked, that the risks of hijacking become greater if you offer more (hence a limitation on the number Opera chose to offer).

Sure we know they're getting income from searches. Sure every browser now offers default engine due to money reasons. Yet it's not reason to restrict change of it. Risk is about mechanism. It has nothing to do with number of engines.

(5) or is it that for some reason it would help if we knew, typing the code would make any search safer, but Opera did need to offer some default search engines (to compete with other browsers) but wants to limit the risk of hijackings, by limiting the number of default engines offered.

Typing of word safer? Really? Then if this is reason, they should disabled default engines at all. It's not making sense. They are not limiting risk by numbers. But by locking mechanism to change engines.

(6) why typing of the one or two letter code, is in Opera's view safer.

Who stated that this is safer? It's nonsense from technical point of view. If this would be reason, then they should change omnibox behavior, add search box, .... . Not has opened API architecture.

(7) why via extension Opera lets Disconnect Search get around the limitation for DuckDuckGo, and any others in the Disconnect Search engine not in the Opera approved default list. (Surely Opera concluded this extension provides needed functionality). Maybe there's a liability concern. If Opera provides the additional engine, they are more responsible for safety than if a third-party provides it, where their review is on its face lesser.

Because it's by design opened API. Just like some extensions can change things, this can override search engine.

And responsibility? So in the first place it's responsibility of user, not extension. This is question of some "Terms of Service", not any restriction of this kind. It's alibism.

And if you care about users security so much, you allow extension to compromise it, and you don't care, because you're safe by law while on the other side using security as argument? So (if this would be true) then yeah, this is approach users should love.