Search Engine Default
-
stealth789 last edited by
It is about security, they provide only 5 default search engines to avoid malware which changes the search engine.
Sure it is. But also from other side you know. And it's not about number (5). Also if security is main issue, then there should be question "How can I change search engine?". Not only like is it now "Can I even change search engine?"
My point is, there is possible space for compromise. Not only restricting. I'm just used to rather look for a beteer way, than use the easier one. I'm sorry if it's bothering you, but from my point bigger problem is, that in current situation I'm not persuaded that current engines are safe. No matter ho much of them there is.
-
stealth789 last edited by
Also I did another check of file "
default_partner_content.json
"". While starting Opera is also looking for file ""custom_partner_content.json
"". But I'm not sure what is the purpose of this. Also I tried to install Opera to virtual machine, and checked content of "default_partner_content.json
". It's the same (also Base64 key). It indicates, that it's filled in Opera package. So it looks pretty hard-coded. So probably (without hacking Oprea dicectly) there's possible to change this file only on Opera side. Still it's not good that this file resides in Program Files directory. Then it's global, not per user setting like in profile directory. -
Deleted User last edited by
It is about security, they provide only 5 default search engines to avoid malware which changes the search engine.
Sure it is. But also from other side you know. And it's not about number (5). Also if security is main issue, then there should be question "How can I change search engine?". Not only like is it now "Can I even change search engine?"
My point is, there is possible space for compromise. Not only restricting. I'm just used to rather look for a beteer way, than use the easier one. I'm sorry if it's bothering you, but from my point bigger problem is, that in current situation I'm not persuaded that current engines are safe. No matter ho much of them there is.I said 5 because it is what we have in Opera. Are you going to discuss this untill you feel convinced? We are just repeating everything. I'm out...goodbye.
-
stealth789 last edited by
@blackbird71 @lem729 @sidneyneto
After editing of 1 line in JavaScript code of Disconnect Search Extension I managed to change "default" search engine to StartPage. Simply it's possible to change it to whatever I want. Basically major part of Disconnect Search is not needed, but I have no time to study extensions API, and how to alter Omnibox events. For now it's working for me. I still predict, that after update of extension there could come up some problems with this "solution".
So for safety of others (I feel pretty safe with my configuration) I just hope, that Opera really check codes of extensions thorough, as any extension can have code to use API and alter search URL! Also then it's just really strange, that Opera is making change of default engines in file "
default_partner_content.json
" almost impossible, but API is opened to manipulation of searches the easy way. This way still change of default search engine is opened. Basically malware cannot change json file (can change but it won't help, as Opera use hard-coded engine), but can simply alter Disconnect Search, or in the future any other search extension, and override default search engine. From this point of view, it's really not safe concept, and therefore also bad approach to this whole problem. -
stealth789 last edited by
This is not a diary to talk to yourself, Stealth.
Sure, I should have known long ago, that I won't get answers. My mistake, that I'm probably used to other kind of forums. Sorry for your time. I'm just making things thoroughly.
-
Deleted User last edited by
You got the answers you wanted. We ( @lem729, @blackbird71 ) gave you all the reasons why Opera does not allow other deafauts search engines. This topic got off the topic. It became personal discussion.
-
A Former User last edited by
@stealth789 I think you are right. Some members here are fearful of encountering trolls and in the heat of a premature self-defense are bashing people like you who don't deserve it.
Your point about the search engines using secure connection (HTTPS) is kinda out of the context of the original issue (the lack of ability to set custom search engine as default, a different thing altogether), but it's a valid different security issue nevertheless...
The Opera devs already acknowledged both issues discussed here, but I imagine something is preventing them from fixing the URLs to use HTTPS, etc.
Why Opera can't add StartPage, Ixquick,... to default search engines, when it's safe, probably much safer than engines they provide, and many are asking for it? When it's not big deal to expand one configuration file?
The default search engines preloaded in browsers like Opera and Firefox are sponsored. All these options (Google, Bing, Amazon, etc - except Wikipedia I guess) pay these browser vendors so they're included. I suspect it wouldn't be fair or interesting to those companies if Opera added their competition for free...
These contracts, plus the built-in Speed Dial entries partnerships, are the main revenue streams of the desktop browser and they're what makes the browser free for us.About the lack of ability to set custom search engines as default:
"The option was removed after we got targeted by malicious third-party "applications". It will return when we can protect against alterations by other apps and not the users themselves." - Daniel Aleksandersen, Opera employee. -
lem729 last edited by
@rafaelluik
It's not at all bashing people for a different view. I find that characterization extremely offensive. At this point, after that comment, my feeling is, let people say what they want about Opera 22. I don't give a damn.
Those of us who responded to this thread -- and you could have earlier, but didn't -- tried very hard to engage the poster in an honest discussion. But at some point, when it drones on and on forever, it becomes destructive. When you described at the end of the post the issue malicious third party applications made adding additional default engines a problem, that's exactly what we said. And in a manner that was courteous. And we tried to be clear. The poster was getting lost on "personal freedom and liberty.". The issues he raised -- while they were not coherent in my view -- took time to deal with. I mean, who has the patience and time to follow all the dismissals by the poster of answers provided, and all of the convolutions of what was presented?
At some point -- in my humble opinion -- this thread should have been closed by the moderator as being repetitive and going nowhere. Instead, you suggest, people are bashing the poor poster. I mean, you can play both sides of the fence only so far. And this is a bit too much!
-
Deleted User last edited by
@rafaelluik
It's not at all bashing people for a different view. I find that characterization extremely offensive.
Those of us who responded to this thread -- and you could have earlier, but didn't -- tried very hard to engage the poster in an honest discussion. But at some point, when it drones on and on forever, it becomes destructive. When you described at the end of the post the issue -- malicious third party applications made adding additional default engines a problem, that's exactly what we said. And in a manner that was courteous. And we tried to be clear.
At some point -- in my humble opinion -- this thread should have been closed by the moderator as being repetitive and going nowhere. Instead, you suggest, people are bashing the poor poster. I mean, you can play both sides of the fence only so far. And this is a bit too much!I agree with you. Rafaelluik is right in one thing: this topic does not belong to stealth.
-
A Former User last edited by
Whaaat?
I think you misunderstood my post. Or maybe I didn't read the full thread properly, missed something, I don't know.
Those of us who responded to this thread -- and you could have earlier, but didn't
Haha... When I answer tricky topics like this one I tend to do a lot of research in previous topics (to find this quote from Daniel for example, sometimes I recall I replied to a similar thread a similar answer I wish I could copy and paste but I can't find it or I find some parts in posts and random fragments of memory... And sometimes I have to give up and think and write everything from scratch...) and it takes time to write a concise answer. I simply didn't have the time... I couldn't even keep up with all the long comments, quoting, and (friendly) debate you all managed to write here.
If I had read and answered this thread before, I would have left other 10 small ones without replies... And I wouldn't have had the time to write that long text in reply to the question "Why you use current Opera over other browsers" (which I wrote in a spare time I had at my job today).The issues he raised -- while they were not coherent in my view -- took time to deal with. I mean, who has the patience and time to follow all the dismissals by the poster of answers provided, and all of the convolutions of what was presented?
So now you see why I couldn't reply before...
at some point, when it drones on and on forever, it becomes destructive
Destructive?? I don't get it... This thread doesn't seem to be doing harm... Except that the OP created it in the wrong forum and it's probably a duplicate from an old suggestion box thread asking for setting custom search engines as default, and then the discussion became a mix of the original subject plus an argument about other kind of security which is missing... But that doesn't matter now, a book of replies was already written.
And I wouldn't like to close this book before getting to a satisfactory end, so I won't close this topic now (continue reading in the next paragraph).I agree with you. Rafaelluik is right in one thing: this topic does not belong to stealth.
I didn't say that. I think the lines are very blurry because stealth789 brought an argument to attempt to justify the initial complaint about the lack of setting to make a custom search engine default (which is on-topic!)... But another moderator might want to discuss this with me though and that's going to be fine (if any of you are reading this, we can exchange e-mails)...
-
lem729 last edited by admin
Oh, come Rafaelluik, I did not misread your post, and you can do better than you just did feigning innocence. You said to the original poster: "I think you are right," they were just being defensive, "fearful of encountering trolls," "bashing people like you who don't deserve it." Now there's no ambiguity there. Suddenly, we're the ones "bashing people." That was -- for me -- a really offensive reading of that thread. Quite frankly, I can't believe you read it at all, other than maybe a quick look at the end, when, I know for sure, we were all fed up. At one point, here was Blackbird71's summary of what was taking place with original poster, and the endless arguing of his:
"On the contrary, I've come to the conclusion you simply want to argue. To reprise: you made a complaint about the way Opera has dealt with default search engines, and made a suggestion here and elsewhere about what they should do to improve things. I responded with an explanation of what Opera has said regarding why they did what they did, indicated that indeed there is a security issue regarding browser hijacking, along with making some further comments about possible design complexities, workloads, prioritization, etc. that may have a bearing on implementing your suggestion. You then have dragged in all sorts of security-related things you don't agree with Opera about, and ultimately argued that any counter-discussion here supports Opera's infringing on your "freedom". The sum of it is that you've found something in Opera you don't like, made a suggestion, and now want to argue endlessly by invoking all manner of irrelevant things that only serve to keep your argument alive. Enough. I'm out of here... have a nice evening."
I kept saying to myself where was a moderator? as the two threads (the poster opened threads in two parts of the Opera forum simultaneously) dragged on and on and on (because Blackbird71's summary came after a period of rapid-fire, convoluted seemingly endless argumentation by the poster -- where suddenly having to type one letter in front of search query (to deal with a concern about search engine hijacking) was equated to an issue of taking away someone's "liberty" and/or "forced control . . ." You know, people have given the lives to defend real issues of "liberty" and "forced control." And a piece of the context is that the moderators had already just closed a post on the exact same topic a week before that had run for almost a month and 1/2. So I wondered, how can they let these new repeat threads go on endlessly. In that regard, the same issue -- wanting more default search engines -- was closed by the moderators on June 10. https://forums.opera.com/topic/2352/i-want-to-add-my-own-default-sarch-engines/39
Now the thread that was closed had taken a lot of time to deal with, and suddenly, a week or so after it was closed, the phoenix rises from the ashes (and in two parallel threads), one has to repeat the same discussion again, with the argumentation by the poster, in one thread, then willy nilly in the other, essentially endless, raising issues, which even you acknowledged were: "kinda out of the context of the original issue (the lack of ability to set custom search engine as default, a different thing altogether)..." Well, "something kinda of out of context . . . a different thing altogether" can be discussed in a place other than a discussion of a the need for Opera to permit more default search engines. Raising one security issue, doesn't mean the whole can of worms of security issues can or should be opened up for discussion, and is fair game. Because there's no end to that.
-
Deleted User last edited by
I made a mistake, Rafael. You said about "poor poster" which is not stealth.
-
blackbird71 last edited by
...
The default search engines preloaded in browsers like Opera and Firefox are sponsored. All these options (Google, Bing, Amazon, etc - except Wikipedia I guess) pay these browser vendors so they're included. I suspect it wouldn't be fair or interesting to those companies if Opera added their competition for free...These contracts, plus the built-in Speed Dial entries partnerships, are the main revenue streams of the desktop browser and they're what makes the browser free for us.
About the lack of ability to set custom search engines as default:
"The option was removed after we got targeted by malicious third-party "applications". It will return when we can protect against alterations by other apps and not the users themselves." - Daniel Aleksandersen, Opera employee.I think this is where the "ouchy" point of the issue really rests. When a security change is implemented that reduces user control and it coincides with an income-center for a company, there will be suspicion raised about whether the reason was truly "security". Over time, and in the minds of some users, that suspicion will eventually rise to almost paranoia levels. I take Opera at its word on this, which is that the default search engine limitation was introduced as a security measure; not everyone will.
-
Deleted User last edited by
I made a mistake, Rafael. You said about "poor poster" which is not stealth...
...because this topic does not belong to stealth.
-
A Former User last edited by admin
a piece of the context is that the moderators had already just closed a post on the exact same topic a week before that had run for almost a month and 1/2. So I wondered, how can they let these new repeat threads go on endlessly. In that regard, the same issue -- wanting more default search engines -- was closed by the moderators on June 10. https://forums.opera.com/topic/2352/i-want-to-add-my-own-default-sarch-engines/39
Now the thread that was closed had taken a lot of time to deal with, and suddenly, a week or so after it was closed, the phoenix rises from the ashes
The "lack of HTTPS" argument wasn't discussed back then, stealth789 posted it but no one replied directly to it.These "custom as default search engine" threads will simply keep reviving from the ashes until Opera Software gets their act together. It's something people want to have control and it's their right IMO (the workarounds are acceptable only to some extent). And Opera can give them the option! I already suggested for example (DNA-20050) that they encrypt the custom search engine storage and options file with user OS (like they do for passwords already) or with a master password. Other solutions could be found, the devs just have to be given permission (by their management) and time to work on it.
-
lem729 last edited by admin
I use the extension HTTPS everywhere.
https://addons.opera.com/en/extensions/details/https-everywhere/
I believe Stealth said he does also. It seems like that's a reasonable workaround addition.
Now we have a suggestion thread for adding more default search engines.
https://forums.opera.com/topic/3431/option-to-edit-default-search-engines/39
I think it's confusing to add that HTTPs issue to that thread (as the https issue is totally buried in the discussion -- either here or there, I'm confused where it came up), but, perhaps, we ought to work to having a separate suggestion thread identifying https as an issue in connection with search engines, and identifying what exactly the user wants from Opera. Https and search engines could be in the title of the proposed new thread (or something like that), if we think it's a useful addition. I'm still not clear on it yet. Is it that the extension https everywhere isn't sufficient? If so, how not? Let's add to the discussion here, identify why the extension "Https Everywhere" isn't enough (if it isn't), and what it is that would be helpful from Opera.
And then maybe someone could create a new suggestion thread highlighting that https issue in connection with default search engines. The https issue, perhaps, shouldn't be buried in the suggestion thread that's currently active, if it's that important. And this is a good place for us to focus on whether it is, and why it is. I mean I see Https Everywhere (as an extension), and "Disconnect Search" and I'm thinking what more is needed from Opera. Isn't there good functionality in protecting ourselves via extension?
-
stealth789 last edited by
You got the answers you wanted. We ( @lem729, @blackbird71 ) gave you all the reasons why Opera does not allow other deafauts search engines. This topic got off the topic. It became personal discussion.
I don't think that I've got answers I wanted ;). Sure I'm thankful for your (all of you) effort in this conversation, also when sometime I can be pain in the as* ;). But you know, I've got some knowledge in this area. Basically if you tell me simple sentence or reason, it's just not enough. To make anything like this through, I need details. And many statements here have flaws. So it's not acceptable for me to just let it go.
It's like when you tell kid: "Don't go to wood." (as you know you can simply replace wood with almost anything ;)). Then basically are possible few scenarios:
- Kid will go to do wood. It's most likely.
- Kid will ask you why?
- Sure maybe there are kids that will do just as you asked. But this is least possible scenario.
So telling me, this is due to security is just creating more and more question to me. Not answering one. Because in my principle, restriction should be last possible option, if nothing else is not reasonable possible. Not the first one.
And sure you think I don't like Opera. But on the contrary I like Opera. I just want to be good software. I don't want see it become corporate SW that doesn't care for users, and is making at least suspicious decisions. And restricting default search engine as top essential part of browser is just not acceptable to me. And in this case with current knowledge, security is just fear factor.
Also now I can see many users having problems with local setting of search engine. Sure there are workaround. But writing multistep procedure, how to change search engine, looks like madness to me. And if Opera want new users. Just imagine how will any of them react, when you show them, that to choose search engine, they have sometimes to edit filed. Or just make it as it is now. They just simply can't.
-
stealth789 last edited by
@stealth789 I think you are right. Some members here are fearful of encountering trolls and in the heat of a premature self-defense are bashing people like you who don't deserve it.
I didn't feel it like bashing. Just I didn't get proper reasons why this option is restricted. And feel no will to find a way to change it.
Your point about the search engines using secure connection (HTTPS) is kinda out of the context of the original issue (the lack of ability to set custom search engine as default, a different thing altogether), but it's a valid different security issue nevertheless...
It was used in concept and as result of conversation. Someone tells me statement that I can't change my default search engine, due to security reasons. So sure, as this option to me is essential, and also issue to be free to choose what I like, I started to analyze it. And when one of first things I see is that even links don't use HTTPS. Then I started to think what this security means, and really doubt it. As even simple security settings are not met.
The Opera devs already acknowledged both issues discussed here, but I imagine something is preventing them from fixing the URLs to use HTTPS, etc.
Sure, but as I said, it's not main problem. It's just example.
Why Opera can't add StartPage, Ixquick,... to default search engines, when it's safe, probably much safer than engines they provide, and many are asking for it? When it's not big deal to expand one configuration file?
The default search engines preloaded in browsers like Opera and Firefox are sponsored. All these options (Google, Bing, Amazon, etc - except Wikipedia I guess) pay these browser vendors so they're included. I suspect it wouldn't be fair or interesting to those companies if Opera added their competition for free...
These contracts, plus the built-in Speed Dial entries partnerships, are the main revenue streams of the desktop browser and they're what makes the browser free for us.Also adding engines by Opera was result of conversation. It was stated, that due to security, it's not allowed to used to change engine. Or even that it's to expensive. So it's logical to ask to add it by Opera (safe), or even create rules for them. It's just argument how this could be made, when there are arguments, that it's about security.
Sure I know about this model of partners. Even file name "default_partner_content" can tell you something ;). And sure Opera is free to set any engine here. But still it's not changing fact, that if I want from my reasons to change it, I simply can. Even Firefox that's getting huge money can change this. Money are factor, but cannot by used in this case as reason to build walls.
About the lack of ability to set custom search engines as default:
"The option was removed after we got targeted by malicious third-party "applications". It will return when we can protect against alterations by other apps and not the users themselves." - Daniel Aleksandersen, Opera employee.If statement is "We will add it", and security is only reason, sure it's acceptable, and we need to wait. But from my point it's kind of we need to option. Not some kind of low priority issue, to be able to excuse forever by security only.
Also when I see this location problems, and see how hard it's for simple user to use correct engine. It's just madness for this kind of essential option.
-
stealth789 last edited by
@rafaelluik
It's not at all bashing people for a different view. I find that characterization extremely offensive. At this point, after that comment, my feeling is, let people say what they want about Opera 22. I don't give a damn.Basically I can say whatever I want. Here or somewhere else, so what's the point? You can simply disprove my arguments or statement.
Those of us who responded to this thread -- and you could have earlier, but didn't -- tried very hard to engage the poster in an honest discussion. But at some point, when it drones on and on forever, it becomes destructive. When you described at the end of the post the issue malicious third party applications made adding additional default engines a problem, that's exactly what we said. And in a manner that was courteous. And we tried to be clear. The poster was getting lost on "personal freedom and liberty.". The issues he raised -- while they were not coherent in my view -- took time to deal with. I mean, who has the patience and time to follow all the dismissals by the poster of answers provided, and all of the convolutions of what was presented?
You said also many other related reasons to why, and some of them just looks like not reasons, or not good one. And sure I want be able to select engine I want freely.
And some of arguments has flaws, or was not correct, so it's not point to finish. Sure there should be maybe someone else included in conversation.At some point -- in my humble opinion -- this thread should have been closed by the moderator as being repetitive and going nowhere. Instead, you suggest, people are bashing the poor poster. I mean, you can play both sides of the fence only so far. And this is a bit too much!
I don't think so. But as I stated, this was not about bashing. At least I didn't see it this way. Just some of the arguments in current situation was looking rather like excuse than real reason why.