The Future of the Opera Brand (?)

blackbird71

blackbird71 last edited by

Originally posted by opera1215b1748:

Originally posted by Pesala:

It is a clear progression in terms of user security since it prevents malware from hijacking the user's search engine. When they have found a safe solution, they will again allow users to set their own default search engine.

This puzzles me. For many years with Opera I never ever had my search engine selection hijacked - apart from the Opera v12.15/Opera v12.16 incident. May be because I was protected by some sort of magic?!

No, it was very simple - I never did my everyday jobs from an administrative account - I always use the NON-administrative, least-privileged user account. This policy saves me from all sorts of attacks - no malware has hit me ever. And Opera's insistence in not fixing this v12.15/v12.16 "bug" tells a lot - they do not care about user's privacy anymore...

Make of it what you will, but Opera has stated that there was an "issue" with this: Opera 12.15 Release notes

Release date: 2013-04-04
Opera 12.15 is a recommended upgrade offering security and stability enhancements.
Fixes and Stability Enhancements since Opera 12.14
-- General and User Interface
Fixed an issue where the search bar's default engine could be overridden by third-party apps.
-- Security
Fixed a moderately severe issue, as reported by Attila Suszter; details will be disclosed at a later date.
Added safeguards against attacks on the RC4 encryption protocol; see our advisory.
Fixed an issue where cookies could be set for a top-level domain; see our advisory.

I prefer to take those words from the browser's developers at face value - especially when security may be involved.

As far as why the default bug remains unfixed in 12.15/12.16, just note that it technically also exists in all the "new" Opera versions thus far. The explanation for this from Opera remains the same: they haven't figured out how to both protect the search engine default setting from tampering and allow user engine default selection outside the "hard-coded" options. So either one accepts their explanation, or one believes them to be lying. I have no reason to believe they aren't truthful, though I may not always like some of their design choices. Perhaps they simply value real-world user security against search-engine hijacking more than arguable questions about user search privacy. YMMV.

Deleted User

Deleted User last edited by

Originally posted by blackbird71:

I prefer to take those words from the browser's developers at face value - especially when security may be involved.

I don't take this at face value. The thing is that they don't cite any case or possibility how this hijacking could have occurred, no reference to advisories, nothing. Also the forums here are completely silent about such hijacking. No users ever complained about this. As far as users are concerned, this hijacking never happened.

Now, I know cases of search engine hijacking. For example Ask.com toolbar and search engine used to arrive sneakily with Flash and Java updates on Windows and install itself on IE and FF. So, yes, such hijacking exists. However, this was always impossible in case of Opera. Opera's widgets and extensions API don't allow such hijacking. With a stretch of wild imagination, you could argue that this hijacking would still be possible against all browsers on Windows, but this imaginary argument, even when conceded for Windows, is absolutely impossible for Linux. But the devs implemented the "fix" for all platforms.

My verdict is clear. There is no evidence for any third-party app that hijacked a search engine on Opera Presto. Knowing Chromium/Blink, such hijacking is as plausible as on IE and FF, so it's okay that they are working on countering this possibility, but in case of Presto, the "fix" itself is the only hijacker of search engines. And this last thing is what the users actually complain about in these forums.

Deleted User

Deleted User last edited by

Originally posted by blackbird71:

Make of it what you will, but Opera has stated that there was an "issue" with this: Opera 12.15 Release notes

Release date: 2013-04-04
Opera 12.15 is a recommended upgrade offering security and stability enhancements.
Fixes and Stability Enhancements since Opera 12.14
-- General and User Interface
Fixed an issue where the search bar's default engine could be overridden by third-party apps.

Google for this issue and let us know what you will find

BTW, Opera has stated many things lately...

frenzie

frenzie last edited by

Originally posted by blackbird71:

The explanation for this from Opera remains the same: they haven't figured out how to both protect the search engine default setting from tampering and allow user engine default selection outside the "hard-coded" options.

If some malware has reached a point where it can manipulate my search.ini, will a reset of the search engine really do me any good? I'd think it'd be more likely to make me oblivious to the problem.

Originally posted by blackbird71:

I have no reason to believe they aren't truthful, though I may not always like some of their design choices.

No reason at all?

http://my.opera.com/community/forums/findpost.pl?id=14810762

Originally posted by Frenzie:

Originally posted by somewhere (unbeknown to me at the time, The Vision Behind Opera 15 and Beyond):

Off-road mode in Opera 15 adds SPDY to the mix so that your pages render even faster.

No, it doesn't. Opera 12.10 already added SPDY (proof, or perhaps the official changelog is more to the point). Whoever wrote that is either ignorant or lying.

http://my.opera.com/ODIN/blog/300-million-users-and-move-to-webkit]

Originally posted by Bruce Lawson:

Of course, a browser is much more than just a renderer and a JS engine, so this is primarily an "under the hood" change.

If you want more, here's a random relevant search result: http://my.opera.com/An-dz/blog/opera-dead

blackbird71

blackbird71 last edited by

Originally posted by ersi:

Originally posted by blackbird71:

I prefer to take those words from the browser's developers at face value - especially when security may be involved.

I don't take this at face value. The thing is that they don't cite any case or possibility how this hijacking could have occurred, no reference to advisories, nothing. Also the forums here are completely silent about such hijacking. No users ever complained about this. As far as users are concerned, this hijacking never happened.

Now, I know cases of search engine hijacking. For example Ask.com toolbar and search engine used to arrive sneakily with Flash and Java updates on Windows and install itself on IE and FF. So, yes, such hijacking exists. However, this was always impossible in case of Opera. Opera's widgets and extensions API don't allow such hijacking. With a stretch of wild imagination, you could argue that this hijacking would still be possible against all browsers on Windows, but this imaginary argument, even when conceded for Windows, is absolutely impossible for Linux. But the devs implemented the "fix" for all platforms.

My verdict is clear. There is no evidence for any third-party app that hijacked a search engine on Opera Presto. Knowing Chromium/Blink, such hijacking is as plausible as on IE and FF, so it's okay that they are working on countering this possibility, but in case of Presto, the "fix" itself is the only hijacker of search engines. And this last thing is what the users actually complain about in these forums.

You seem to be assuming that any vulnerability or security concern has to be exploited/publicized before it is legitimate. Independent testers fuzz-test software all the time and discover previously-unrecognized weaknesses in the code, privately informing the code authors and silently assisting in the correction of the problem. Are you suggesting that the code developers themselves, in working some other problem, are somehow unable to stumble on similar weaknesses and repair them? The developers have clearly stated that: an "issue" exists where the search bar's default engine could be overridden by third-party apps. I take that at face value, and I assume it to be true, else somebody has outright lied. Various devs have since repeated essentially the same assertion with regard to New Opera with regard to a user being unable to set a custom search engine as a persistent default. Again, one can either take such assertions at face value, else somebody is lying. My approach to life is to regard people as truthful unless clearly caught in lying.

blackbird71

blackbird71 last edited by

Originally posted by Frenzie:

...

Originally posted by blackbird71:

I have no reason to believe they aren't truthful, though I may not always like some of their design choices.

No reason at all?
...
http://my.opera.com/ODIN/blog/300-million-users-and-move-to-webkit]

Originally posted by Bruce Lawson:

Of course, a browser is much more than just a renderer and a JS engine, so this is primarily an "under the hood" change.

You or I may disagree with Opera that the changes to New Opera constitute "under the hood changes", but in my estimation, that rests in the area of interpretation or exaggeration within 'analagous terminology', rather than outright lying since there is no clear, universally-agreed-upon definition of "under the hood" and how far any of its implications may reach. My personal belief is that a lot of slack exists in adjectives and descriptive phrasing, though someone consistently misusing such terminology is cause for incurring my displeasure as possibly being deceptive. But when somebody tells me "this is why I did thus and so", then they either are telling me at least partial truth (there may be other unstated reasons) or are lying. As I said earlier, YMMV in how you look at all this... but I accept what a person says as truth until, in my estimation, they have been proven to be lying.

Deleted User

Deleted User last edited by

Originally posted by blackbird71:

The developers have clearly stated that: an "issue" exists where the search bar's default engine could be overridden by third-party apps.

One could also write a third-party app that wipes your HD

frenzie

frenzie last edited by

Originally posted by blackbird71:

But when somebody tells me "this is why I did thus and so", then they either are telling me at least partial truth (there may be other unstated reasons) or are lying.

Telling the partial truth is more commonly called lying by omission.

Originally posted by blackbird71:

As I said earlier, YMMV in how you look at all this... but I accept what a person says as truth until, in my estimation, they have been proven to be lying (emphasis added).

That's the crux of the matter, isn't it? Yes, I quite agree. And Opera's PR was quite clearly unsatisfactory in just that part of my message you opted to omit.

blackbird71

blackbird71 last edited by

Originally posted by Krake:

Originally posted by blackbird71:

The developers have clearly stated that: an "issue" exists where the search bar's default engine could be overridden by third-party apps.

One could also write a third-party app that wipes your HD

How does the possibility that other attack forms and avenues might conceivably exist somewhere out in the digital universe relate to developers repairing the particular browser weakness that they actually discovered, and providing their explanation of why they did it?

frenzie

frenzie last edited by

Originally posted by blackbird71:

How does the possibility that other attack forms and avenues might conceivably exist somewhere out in the digital universe relate to developers repairing the particular browser weakness that they actually discovered, and providing their explanation of why they did it?

Because like I said, if a third-party app has that kind of access to my system, some stupid search engines are about the least of my worries.

blackbird71

blackbird71 last edited by

Originally posted by Frenzie:

Originally posted by blackbird71:

But when somebody tells me "this is why I did thus and so", then they either are telling me at least partial truth (there may be other unstated reasons) or are lying.

Telling the partial truth is more commonly called lying by omission.

Originally posted by blackbird71:

As I said earlier, YMMV in how you look at all this... but I accept what a person says as truth until, in my estimation, they have been proven to be lying (emphasis added).

That's the crux of the matter, isn't it? Yes, I quite agree. And Opera's PR was quite clearly unsatisfactory in just that part of my message you opted to omit.

I "opted to omit" simply to try to keep from swallowing an ocean; my posts are often overly long, and I continually practice triage to try to keep them within bounds. In this case you cite, are you submitting that because a contradiction of facts or assertions regarding Opera has occurred, it must be the result of a lie? You yourself stated in that series of posts that it could be ignorance. But it might also be a simple mistake or oversight.

This is part of a problem I've observed with this entire New Opera saga: many people are attributing all manner of evil or ill intent to a whole series of things that have unfolded over the past 8 months, without ever having known personally the people involved or having discussed things with them other than perhaps a brief 2-sentence exchange in a blog. Perhaps Opera has indeed made a business decision that many of us (myself among them) don't like; perhaps they made it for reasons and in ways that seem disconnected from much of their user base as manifested in these forums (which I believe). But to attribute the statements of Opera developers, certain incongruous details within change logs, or "official" statements by Opera to a conscious process of lying, deliberate deception, or such is to take steps I am simply unwilling to take at this point, based on common sense, what I know to have been true of Opera (and many of its still-remaining employees) over many years, and the nature of the facts I have observed thus far.

A Former User

A Former User last edited by

Originally posted by Frenzie:

here's a random relevant search result: http://my.opera.com/An-dz/blog/opera-dead

The comments by Hallvord, Blazej and Bruce Lawson are indeed relevant.

Originally posted by Frenzie:

"Of course, a browser is much more than just a renderer and a JS engine, so this is primarily an "under the hood" change." (Bruce Lawson)

Perhaps we need to consider that was the original plan but one that has gone abandoned for some reason (examples: Opera-Presto UI layer features incompatibility with the Chromium framework ultimately requiring the full rewrite anyway, the opportunity which arose to build a new UI from scratch that adapted better to the OSs native look and to drop the complex code which they pretended to run away from with the move of features used by nearly nobody).

About the search engine hijacking I think I remember a topic here on the forums of a person who had this problem.
There's no need to shout about this issue since the developers already said many times they intend to implement the option to choose the default search engine after implementing proper hijacking protection.

frenzie

frenzie last edited by

Originally posted by rafaelluik:

Perhaps we need to consider that was the original plan but one that has gone abandoned for some reason

That's a fair point.

Originally posted by rafaelluik:

build a new UI from scratch that adapted better to the OSs native look

Hah! You're funny.

Deleted User

Deleted User last edited by

Originally posted by rafaelluik:

... the opportunity ... dropping the complex code of features used by nearly nobody.

Complex code of features used by nearly nobody, like bookmarks... :jester:

A Former User

A Former User last edited by

Originally posted by Krake:

Originally posted by rafaelluik:

... the opportunity ... dropping the complex code of features used by nearly nobody.

Complex code of features used by nearly nobody, like bookmarks... :jester:

Not quite, I meant IRC, M2, MDI, panels, etc... Speed Dial over Bookmarks was more of a vision-led decision.

Deleted User

Deleted User last edited by

from scratch

Does it mean "from zero"? In two or three months they can build a BROWSER much IDENTICAL Chromium from "the scratch"? Amazing!

Originally posted by rafaelluik:

drop the complex code which they pretended to run away from with the move of features used by nearly nobody

They said zero words about they can't manage code. They said they don't like to "waste resources" to "play catch-up".
Removing features because they like (or think the users *WILL* like) the "simplicity".

frenzie

frenzie last edited by

Originally posted by blackbird71:

I "opted to omit" simply to try to keep from swallowing an ocean; my posts are often overly long, and I continually practice triage to try to keep them within bounds. In this case you cite, are you submitting that because a contradiction of facts or assertions regarding Opera has occurred, it must be the result of a lie? You yourself stated in that series of posts that it could be ignorance. But it might also be a simple mistake or oversight.

I think it's fair to assume that the entire post went out the door too quickly, with too little editing. It's not just the one sentence I picked out because it was pushed under my nose by ersi. As such, I also think the word unsatisfactory is quite fair.

Originally posted by blackbird71:

But to attribute the statements of Opera developers, certain incongruous details within change logs, or "official" statements by Opera to a conscious process of lying, deliberate deception, or such is to take steps I am simply unwilling to take at this point, based on common sense, what I know to have been true of Opera (and many of its still-remaining employees) over many years, and the nature of the facts I have observed thus far.

That's not what I'm suggesting, so I probably expressed myself poorly. I shouldn't have copied your word choice. I apologize for having wasted your time.

Deleted User

Deleted User last edited by

I still await the Universal Operating System…
If I understand (at least this much of the discussion…), there's a "conflict" (not yet a war! But history may moot my point…) between Intel/AMD and SPARC-like iron: Should the OS be simple and intuitive, and configurable? Or do our betters know better?
We've seen -over many years- what the latter yields, in application design…

(I think that RISCs offer the better choice…)

aperture-focus

aperture-focus last edited by

Originally posted by STAROSS:

>I mean, as other users have pointed out --- it is only a browser -- find another! But Opera is not "only a browser" . For me. and I suspect many others, Opera was my "gateway to the internet" for many years and frankly my "Comfort Zone" for the many hours spent online.

That's well said. I think I went from Netscape to Opera, and used it for about 10 years. Opera is almost like a childhood memory to me, so I'm a bit sad it's going away.

Yes me too. Never used IE much --- went from Netscape to Opera and stayed with it many years. It is a shame their management does not appreciate the brand value the "Old Opera" had.

There is always Sea Monkey I guess --- but that is too much a regression in terms of the interface as far as i am concerned.

aperture-focus

aperture-focus last edited by

Originally posted by Pesala:

It is a clear progression in terms of user security since it prevents malware from hijacking the user's search engine. When they have found a safe solution, they will again allow users to set their own default search engine.

In previous versions of Opera I never once had an issue with search engine hijacking, and could easily set DDG as my default ------ so it is not clear to me at all how you would consider this a "clear progression".?

Forcing users to jump hurdles (now matter how small the hurdle) to avoid using Google is a clear regression in terms of privacy.