• Login
    • Search
    • Categories
    • Recent
    • Tags
    • Users
    • Groups
    • Rules
    • Help

    Do more on the web, with a fast and secure browser!

    Download Opera browser with:

    • built-in ad blocker
    • battery saver
    • free VPN
    Download Opera

    Opera data exposure through search engine behavior

    Opera for Mac
    2
    2
    555
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • nobody2
      nobody2 last edited by

      All,

      After spending a couple hours with the latest version of Opera, reading posts, not finding any answers, seeing numerous posts on this topic…. The issue is when a user (coming from one of the various mainstream browsers) tries to enter an FQDN into Omnibox and the result is a device or namespace being sent to a 3rd party. In today’s environments where concerns around security are on the rise, this can be considered a form of data exfiltration. eg: exposing sensitive namespace(s), device names, etc. to a 3rd party, in addition could be in violation of a security policy.

      Unfortunately, there does not seem to be any configuration option to protect against this behavior. At least in Chrome (which Opera appears to share roots for Omnibox), you can specify a new search engine and make it the default: URL being “http://127.0.0.1/%s” which simply causes the request to fail. Opera prevents creation of a new search being configured as the default, thus removing any possibility of protecting against this condition. Furthermore, Chrome and many browsers remember visited sites and it's faster to start typing the FQDN and then hit <enter> on the first entry (as you've entered enough data for the entry to match) vs. scanning through bookmarks (time savings).

      Unless there’s a solution that isn’t clearly documented, the only option appears to be using one of the default search engines and blackhole’ing the entire namespace in one’s DNS servers. eg: create a zone (www.bing.com as example) and make bing the default search engine. This at least prevents Opera’s behavior of trying to submit data to a 3rd party. It’s a crude workaround, but protects against this behavior.

      If there’s a configuration option somewhere to protect against this behavior, would like to know.

      Thanks!

      Reply Quote 0
        1 Reply Last reply
      • sgunhouse
        sgunhouse Moderator Volunteer last edited by

        Opera does have a couple of included search engines with no autosuggest capability built in - if you switch to one of those the dropdown will not include suggestions.

        Reply Quote 0
          1 Reply Last reply
        • First post
          Last post

        Computer browsers

        • Opera for Windows
        • Opera for Mac
        • Opera for Linux
        • Opera beta version
        • Opera USB

        Mobile browsers

        • Opera for Android
        • Opera Mini
        • Opera Touch
        • Opera for basic phones

        • Add-ons
        • Opera account
        • Wallpapers
        • Opera Ads

        • Help & support
        • Opera blogs
        • Opera forums
        • Dev.Opera

        • Security
        • Privacy
        • Cookies Policy
        • EULA
        • Terms of Service

        • About Opera
        • Press info
        • Jobs
        • Investors
        • Become a partner
        • Contact us

        Follow Opera

        • Opera - Facebook
        • Opera - Twitter
        • Opera - YouTube
        • Opera - LinkedIn
        • Opera - Instagram

        © Opera Software 1995-