Do more on the web, with a fast and secure browser!

Download Opera browser with:

  • built-in ad blocker
  • battery saver
  • free VPN
Download Opera

Option to edit DEFAULT SEARCH ENGINES

  • ...
    Please give me an example, when custom / extension provided search engine is not threat, but changing default one is.
    ...

    The entire subject of extensions is incredibly complex, in part because it opens a door to a browser becoming an entirely different "animal" than it was in its bare-bones state. Opera is accountable for the design of its browsers; in most cases, 3rd-party developers are responsible for the design of their extensions. Opera does what it deems safe in its browsers. If extensions bypass some of Opera's safety-related design choices, that's for the extension developers and the users to decide... but it doesn't impact what Opera feels is safe at any given time. Just because an extension might bypass a protection of a default setting doesn't equate to Opera necessarily agreeing with it.
    Frankly, the whole business of extensions is its own security "fur ball", at least in how it's usually done (the extensions not being designed, supported, vetted, and supplied by the browser maker itself). It's one of the modern browser developments that I take strong issue with... but that's just me.

    I used extension as example. To know if problem is?

    • a) We can't use any / specific search engine - mean to select engine ABC, as Opera didn't check it whatever.
    • b) We can't use other engines, because for now there's no secure way to change this engine, without compromising security.
  • Opera extensions undergo a fairly rigid Opera review, before being approved, including Opera's "review of the code," and that the extension: "must not collect private information without authorization from the user."
    http://dev.opera.com/extensions/tut_publishing_guidelines.html
    My understanding is that Opera gives has given a more rigorous review/vetting to it's extensions than Google has to Chrome extensions, at least as of a year ago. http://browserfame.com/1928/chrome-vs-opera
    In any event, this issue of Opera setting up a procedure where one can add a search engine, by going to the website of the search engine and right clicking on the search bar, then have a one letter (or maybe two) code to type before a search from the Opera address bar is strictly within Opera. It is not an extension work-around. And it is presumably deemed by Opera safer than permitting the adding of more default search engines.
    If the Opera developer deems that process safer for the user than adding default search engines (which has certain hijacking risks deemed by Opera unacceptable), I have no reason or desire to second-guess Opera on that.

    From developer point of view. Practically speaking, there's no huge difference between custom and define search engine. If we're talking about code. More about are different reasons why don't allow it.

    But if I make extension that allows to use any there defined engine, would it be acceptable by Opera? Let's say some Disconnect Search act like extension with ability to use custom engine? Or when this extension will have let's say 100 fixed engines, but you can set any as default. Will Opera allow it? Again using also address bar to input search term?

  • But if I make extension that allows to use any there defined engine, would it be acceptable by Opera? Let's say some Disconnect Search act like extension with ability to use custom engine? Or when this extension will have let's say 100 fixed engines, but you can set any as default. Will Opera allow it? Again using also address bar to input search term?

    You say: "But if I make extension that allows to use any there defined engine, would it be acceptable by Opera?"

    I have no idea as to the answer to your question. You'd have to meet the Opera review criteria, which are fairly extensive. http://dev.opera.com/extensions/tut_publishing_guidelines.html

    Every case is individual, and must meet the extensive Opera review criteria for approval of an extension. You cannot generalize from Opera's approval of the Disconnect Search extension. The Disconnect Search extension was approved by Opera (but the whole Disconnect enterprise is focused on safety (designed to prevent Internet Service Providers and thousands of websites from seeing your searches and tracking you), so the Opera review (of the code of that extension) and the determination that it was okay and safe for Opera users, is no precedent for how Opera would react to a different extension that permitted a search (using a search engine that is not one of the five Opera Default engines) from the Opera Address Bar. It would no doubt be coded differently, reviewed on its own terms, based on the Opera review criteria. The whole Disconnect enterprise by an ostensibly reputable enterprise has has a lot of positive reviews, and surely was determined by Opera to add needed and valuable functionality (providing a search that is anonymous).

    http://techcrunch.com/2013/04/17/disconnect-2-brings-more-privacy-to-your-browser-lets-you-block-2k-sites-from-tracking-your-activity-online/

    http://blogs.wsj.com/digits/2011/02/27/wall-street-journal-privacy-series-inspires-one-start-up/

    http://www.nytimes.com/2014/04/03/technology/personaltech/sweeping-away-a-search-history.html?_r=0

    Opera's review of extension codes is designed to determine among other things, that there are no obvious bugs. If Opera deems the extension code malicious (one that could permit a search engine hijacking), one could easily guess to a 99.9 percent certainty that they would not approve it, or at least I would hope 🙂 I mean a third party search bar (created by an extension) which can be easily taken over and hijacked would seem like an obvious "bug." Also, all extensions are reviewed to ensure that the extension must not collect private information without authorization from the user. It must not send private data to an external store.

    On the insurance of safety through the native browser, and its review of extensions, at this point, it seems to me that it's Opera's call. I see no reason to second guess Opera. The safety decision is theirs.

    As to the "safety" issue in the native Opera browser, I cannot urge Opera developers to "safely" add additional default search engines (as you have suggested), because that presumes that it can be safely done, and in a cost effective manner. That's putting the cart before the horse. Rather, I would urge that IF they can safely and cost-effectively add additional search engines, then they should do it.

  • But if I make extension that allows to use any there defined engine, would it be acceptable by Opera? Let's say some Disconnect Search act like extension with ability to use custom engine? Or when this extension will have let's say 100 fixed engines, but you can set any as default. Will Opera allow it? Again using also address bar to input search term?

    You say: "But if I make extension that allows to use any there defined engine, would it be acceptable by Opera?"
    I have no idea as to the answer to your question. You'd have to meet the Opera review criteria, which are fairly extensive. http://dev.opera.com/extensions/tut_publishing_guidelines.html
    Every case is individual, and must meet the extensive Opera review criteria for approval of an extension. You cannot generalize from Opera's approval of the Disconnect Search extension. The Disconnect Search extension was approved by Opera (but the whole Disconnect enterprise is focused on safety (designed to prevent Internet Service Providers and thousands of websites from seeing your searches and tracking you), so the Opera review (of the code of that extension) and the determination that it was okay and safe for Opera users, is no precedent for how Opera would react to a different extension that permitted a search (using a search engine that is not one of the five Opera Default engines) from the Opera Address Bar. It would no doubt be coded differently, reviewed on its own terms, based on the Opera review criteria. The whole Disconnect enterprise by a ostensibly reputable enterprise has has a lot of positive reviews, and surely was determined by Opera to add needed and valuable functionality (providing a search where that search is anonymous).

    Sure I understand that it's individual. But I don't find there anything mentioning my scenario. Still Opera can remove any contents on their pages if they want. Or there's part about option to edit.

    To be accurate, Opera has 10 engines (now). But sure 5 are active based on location. When I don't count location variants there are: allegro, amazon, baidu, bing, google, rambler, seznam, wiki, yahoo, yandex. From this 10: 1 use secure connection, 2 don't use HTTPS (even it's supported by server), and 7 don't use HTTPS, because they just don't support it. So basically only 1 is secure, without uncovering my privacy!

    And when we're talking about positive reviews, also read about StartPage/Ixquick or DuckDuckGo. Or other secure and safe search engines. Not to force you, but to know, there are other alternatives. And power users knows it, and want to be secure.

    http://techcrunch.com/2013/04/17/disconnect-2-brings-more-privacy-to-your-browser-lets-you-block-2k-sites-from-tracking-your-activity-online/
    http://blogs.wsj.com/digits/2011/02/27/wall-street-journal-privacy-series-inspires-one-start-up/
    http://www.nytimes.com/2014/04/03/technology/personaltech/sweeping-away-a-search-history.html?_r=0
    Opera's review of the codes is designed to determine among other things, where there are any obvious bugs. If Opera deems the extension code malicious (one that could permit a search engine hijacking), one could easily guess they would not approve it, or at least I would hope 🙂 I mean a third party search bar (created by an extension) which can be easily taken over and hijacked would seem like an obvious "bug." Also, all extensions are reviewed to ensure that the extension must not collect private information without authorization from the user. It must not send private data to an external store.

    Sure I understand about privacy. But there are extensions that allow you to search from specific popup windows. But still if it's possible to override default engine like Disconnect Search extension, then it's just possible.

    On the insurance of safety through the native browser, and its review of extensions, at this point, it seems to me that it's Opera's call. I see no reason to second guess Opera. The safety decision is theirs.

    Sure if Oprea won't approve it, there's no way. At least not to provide extension on Opera site. Still there are Options to use different site. But it sure will look unsafe in first place. So hope people don't use any of this kind of extensions.

    I cannot urge them to "safely" add additional default search engines, because that presumes that it can be safely done in a cost effective manner. That's putting the cart before the horse. Rather, I would urge that if they can safely and cost-effectively add additional search engines, then they should do it.

    Sure. I'm not asking anybody to do it, just because. I'm trying to argument, and find a way. And anybody can read arguments, and made decision on their own. I don't think that argue more is worse for decision.

    As for now I use 5 browsers. For example IE for specific portal applications, and also Chromium, Firefox, TorBrowser and sure Opera as main browser. In any other of them I have custom engine. So basically when I switch to another one, I'm expecting it to work. Now when I'm in Opera I have to press key. And as you know people forget. So time to time it's hard when you again see results you won't see. It's disturbing, and also from my personal point un-secure (it's just personal preference).

  • Does it is necessary to discuss the same thing in two topics?

  • Does it is necessary to discuss the same thing in two topics?

    Perhaps not "necessary"... but you have to admit, it adds to the challenge of keeping one's mind straight as to where one posted what. 😃

  • Does it is necessary to discuss the same thing in two topics?

    Perhaps not "necessary"... but you have to admit, it adds to the challenge of keeping one's mind straight as to where one posted what. 😃

    LOL

  • @stealth789

    You mentioned in that other thread that you never save your password on a browser.

    https://forums.opera.com/topic/3441/search-engine-default/29

    I do, and I'm sure many others do. There are just too many passwords at too many sites one needs to access to have to re-enter them all the time. But maybe that is is a reason why you are less concerned about a search engine hijacking. If your search engine is hijacked, there are no passwords of yours in the browser that are insecure/compromised. Fine, so you can be relaxed about using a less secure/higher risk search engine.

    I feel strongly about the issue (that I want Opera to not offer less safe search engines) because if my search engine is hijacked my data, including passwords, is compromised -- and a lot of things adverse to me can come into play from that.

  • @stealth789
    You mentioned in that other thread that you never save your password on a browser.
    https://forums.opera.com/topic/3441/search-engine-default/29
    I do, and I'm sure many others do. There are just too many passwords at too many sites one needs to access to have to re-enter them all the time. But maybe that is is a reason why you are less concerned about a search engine hijacking. If your search engine is hijacked, there are no passwords of yours in the browser that are insecure/compromised. Fine, so you can be relaxed about using a less secure/higher risk search engine.
    I feel strongly about the issue (that I want Opera to not offer less safe search engines) because if my search engine is hijacked my data, including passwords, is compromised -- and a lot of things adverse to me can come into play from that.

    My answer's here https://forums.opera.com/post/42565 . Also more about your "safe" engines I mentioned just here above https://forums.opera.com/post/42511 . From 10 only 1 act at least in secure connection. But is suspicious from tracking uses, so basically their privacy!

  • But if I make extension that allows to use any there defined engine, would it be acceptable by Opera? Let's say some Disconnect Search act like extension with ability to use custom engine? Or when this extension will have let's say 100 fixed engines, but you can set any as default. Will Opera allow it? Again using also address bar to input search term?

    You say: "But if I make extension that allows to use any there defined engine, would it be acceptable by Opera?"
    I have no idea as to the answer to your question. You'd have to meet the Opera review criteria, which are fairly extensive. http://dev.opera.com/extensions/tut_publishing_guidelines.html
    Every case is individual, and must meet the extensive Opera review criteria for approval of an extension. You cannot generalize from Opera's approval of the Disconnect Search extension. The Disconnect Search extension was approved by Opera (but the whole Disconnect enterprise is focused on safety (designed to prevent Internet Service Providers and thousands of websites from seeing your searches and tracking you), so the Opera review (of the code of that extension) and the determination that it was okay and safe for Opera users, is no precedent for how Opera would react to a different extension that permitted a search (using a search engine that is not one of the five Opera Default engines) from the Opera Address Bar. It would no doubt be coded differently, reviewed on its own terms, based on the Opera review criteria. The whole Disconnect enterprise by a ostensibly reputable enterprise has has a lot of positive reviews, and surely was determined by Opera to add needed and valuable functionality (providing a search where that search is anonymous).

    Sure I understand that it's individual. But I don't find there anything mentioning my scenario. Still Opera can remove any contents on their pages if they want. Or there's part about option to edit.
    To be accurate, Opera has 10 engines (now). But sure 5 are active based on location. When I don't count location variants there are: allegro, amazon, baidu, bing, google, rambler, seznam, wiki, yahoo, yandex. From this 10: 1 use secure connection, 2 don't use HTTPS (even it's supported by server), and 7 don't use HTTPS, because they just don't support it. So basically only 1 is secure, without uncovering my privacy!

    Just to be accurate one mistake in numbers. So as I tried now there's one more engine that can use secure connection, but is not set correctly:

    • 1 engine use secure connection HTTPS (SSL secure connection): google
    • 3 engines are set wrong by Opera, as they accept secure conection (on server side), but are not set to use it: bing, wiki, yahoo
    • 6 engines doesn't support secure connection: allegro, amazon, baidu, rambler, seznam, yandex

    And when we're talking about positive reviews, also read about StartPage/Ixquick or DuckDuckGo. Or other secure and safe search engines. Not to force you, but to know, there are other alternatives. And power users knows it, and want to be secure.

    http://techcrunch.com/2013/04/17/disconnect-2-brings-more-privacy-to-your-browser-lets-you-block-2k-sites-from-tracking-your-activity-online/
    http://blogs.wsj.com/digits/2011/02/27/wall-street-journal-privacy-series-inspires-one-start-up/
    http://www.nytimes.com/2014/04/03/technology/personaltech/sweeping-away-a-search-history.html?_r=0
    Opera's review of the codes is designed to determine among other things, where there are any obvious bugs. If Opera deems the extension code malicious (one that could permit a search engine hijacking), one could easily guess they would not approve it, or at least I would hope 🙂 I mean a third party search bar (created by an extension) which can be easily taken over and hijacked would seem like an obvious "bug." Also, all extensions are reviewed to ensure that the extension must not collect private information without authorization from the user. It must not send private data to an external store.

    Sure I understand about privacy. But there are extensions that allow you to search from specific popup windows. But still if it's possible to override default engine like Disconnect Search extension, then it's just possible.

    On the insurance of safety through the native browser, and its review of extensions, at this point, it seems to me that it's Opera's call. I see no reason to second guess Opera. The safety decision is theirs.

    Sure if Oprea won't approve it, there's no way. At least not to provide extension on Opera site. Still there are Options to use different site. But it sure will look unsafe in first place. So hope people don't use any of this kind of extensions.

    I cannot urge them to "safely" add additional default search engines, because that presumes that it can be safely done in a cost effective manner. That's putting the cart before the horse. Rather, I would urge that if they can safely and cost-effectively add additional search engines, then they should do it.

    Sure. I'm not asking anybody to do it, just because. I'm trying to argument, and find a way. And anybody can read arguments, and made decision on their own. I don't think that argue more is worse for decision.
    As for now I use 5 browsers. For example IE for specific portal applications, and also Chromium, Firefox, TorBrowser and sure Opera as main browser. In any other of them I have custom engine. So basically when I switch to another one, I'm expecting it to work. Now when I'm in Opera I have to press key. And as you know people forget. So time to time it's hard when you again see results you won't see. It's disturbing, and also from my personal point un-secure (it's just personal preference).

  • alaxanderzeus,

    You're repeating verbatem the arguments already made by stealth789 and me.

    We all agree that if they can safely and cost effectively add additonal search engines, we recommend they do it. Everyone agrees it shouldn't be done if Opera concludes it's not safe.

    There is nowhere else for this thread to go. It's really time to close it.

  • alaxanderzeus,
    You're repeating verbatem the arguments already made by stealth789 and me.
    We all agree that if they can safely and cost effectively add additonal search engines, we recommend they do it. Everyone agrees it shouldn't be done if Opera concludes it's not safe.

    I just don't agree that they can't do it safely and cost effectively.

    As you stated before you're not specialist on this specific topic or developer. So basically no one responsible didn't react the way why exactly this cannot happen. So then I can argue to it, why it should be possible. As I'm used from any other forums that I can argue about my suggestion also with people really responsible for possible application of suggestion. But maybe my misunderstanding.

    There is nowhere else for this thread to go. It's really time to close it.

  • alaxanderzeus,
    You're repeating verbatem the arguments already made by stealth789 and me.

    Of course he was, because he was (past tenths) a spammer.

  • linuzmint7

    Crazy? Past tense? (yes, his post was thankfully deleted). Thanks.

  • alaxanderzeus,
    You're repeating verbatem the arguments already made by stealth789 and me.
    We all agree that if they can safely and cost effectively add additonal search engines, we recommend they do it. Everyone agrees it shouldn't be done if Opera concludes it's not safe.
    There is nowhere else for this thread to go. It's really time to close it.

    Sigh...!
    @lem729 -- OT: things I really wish this forum possessed: a means of indicating (in the original place) that a poster's message was deleted by a mod. I read forums in linear fashion... so when I stumbled on your reference to alaxanderzeus's post, I went back looking for it, over and over again (thinking it really must be there somewhere). Eventually I gave up and continued reading beyond your post, only to discover that he was a spammer and his posts were made to evaporate... quite understandably, of course. But it does leave a messy trail behind in references of subsequent posts, and readers can too easily fall off that cliff as they follow along. Oh well... there are worse things in life, I guess. 😉

  • You are right, blackbird71. I noticed it too 🙂 Like what were we all commenting on (once the spammer's post was deleted). If I had been quick enough, I would have ignored the post, so there would be no trail when the moderator deleted the post. I'll try to remember that in the future.

    Yes, ideally if the Moderator deletes a post, maybe the name of the spammer should remain with the message by the Moderator about "Post deleted because it . . . " (whatever). Then if people saw the comments, they would understand it. Sometimes, I've seen the Moderator's do that.

  • @lem729, it's only a guess, but the mods may have more than one way to attack spamming, and depending on what technique they use, the results/effects may vary. If they go after an individual post, perhaps they can comment in place of it... but if they extinguish the hacker's account in certain ways, perhaps all his posts simply evaporate... I'm really not sure. In any case, the mods have a heavy enough load, so I certainly wouldn't want to add to it by asking for more manual intervention in such situations. I just wish the forum machinery itself did some things a little differently, this being one of them...

    But, as I noted earlier, in the grand scheme of things, there are certainly worse things. Frankly, I'm glad (and very appreciative) that the mods are jumping on spam as fast as they do... it's a major, major improvement over the early days of this forum.

  • Does it is necessary to discuss the same thing in two topics?
    Very confusing, specially when it comes to chose where I'd post. 😛

    I hope all interested can see my comment here and that we are able to learn more together about the two issues (lack of HTTPS in some built-in engines and the setting of custom search engine as default):
    https://forums.opera.com/post/42867

  • For me, the issue was Opera's inability to add additional search engines because of the fear of a malicious takeover/hijacking of the search engine. And while there was agreement as to that by everyone, it would seem, except the original poster, there was an unfair, offensive characterization by rafaelluik of some of the posters in that other thread (including myself), unfortunately cross-referenced in the post above. In repeating -- through the cross-reference -- something, in my view, very much inappropriate, double damage was done. Now here was my response.

    https://forums.opera.com/topic/3441/search-engine-default/78

    Notwithstanding the above, every moderator has a difficult job, and I repect those who take on such arduous, sometimes thankless responsibilities. It's not always possible, like Solomon, to offer to divide the baby in two. This was a case in particular where the offer to divide really doesn't work.

  • I'm sorry about any confusion... I'll try to clear up the things as we continue replying in that thread. I didn't mean to hurt anybody (and I believe you misunderstood what I wrote, or maybe I wrote very badly so it was impossible for something else to come out from this? IDK).

    I'd like to remember you that although I'm a mod, I'm also a member. When I post, I post also as a member and I can let my opinions flow like everybody else. As a mod, I didn't condemn any of your attitudes nor advised/warned you, nor pointed to the forum rules nor anything. (I hope this can be understood and I don't feel remorse later. huh lol)

Log in to reply