It's not important what data. Result was locking(signed by opera, and checked in runtime) of file search.ini in Opera Presto, and default_partner_content.json in Blink Opera against changes. Not files with users private data, but with default search engines. Suggesting, that even changing of password data are secure, when they decided to lock only search engines. Also protection of file system is not function of browser. And even if it's nice function, it can't be used as argument to restrict things. Then it's more fear factor, than argument, because then we're dealing with software able to access file system. And then there are much more important things to protect, than default search engine.
I can't follow your answer. Opera had data about how the search engines were hijacked. I can't believe without that data, you can say, it doesn't matter, and argue that Opera should (wihtout your knowing more) provide more engines. You don't have enough information to say that.
Also default search engines are in Chromium stored together with other custom engines in file Web Data. Opera did own mechanism. Yes if was maybe in time, when even Chromium hasn't default search engines there. Even so they could simply encrypt default search engines data in this file same way like they do with passwords in file Login Data. They made it more expensively. So mechanism used in passwords was not safe or was it more important for Opera to secure search engines file, than user's passwords data? If it's not, why did they did it harder and more expensive way? Or they care more about search engines security, or they don't trust mechanism used while saving user's password data. It they care more about search engines, then this security argument can flush itself. It they don't, but they don't trust user's password data saving mechanism, they also gave higher priority to deal with search engines against user's private data.
-- A bit hard to follow what you're saying. I know English isn't your first language; the sentence is disjointed, and not clear to me. Perhaps, others can follow more easily. We don't know how the hijackings occurred. Maybe it's through a method somehow separate from the search engine data. If Opera did the encryption, does that mean it's safe from hijacking. Encryption can be broken. Maybe it's not that simple or financially easy to do the encryption. Does it matter whether Opera gives higher priority to protect user via search engine or passwords? If they don't protect the user in one area, it doesn't mean they shouldn't in another.
Still there was easier way how to deal with this problem, without much costs. Or the real problem is much bigger, but in other place.
There may, as you state, be a better solution. And some of what you are saying may resonate with Opera. But we can't really know at this point in time that there's a better, economically viable solution because of the total lack of information about how the hijackings occurred, the basis for Opera's determinations, etc -- which is the heart of the seven questions I asked.
(2) how default engines (other than the ones approved by Opera) contributed to it, that is, made the hijackings easier.
It's not about how many of them is, but about mechanism, how they are stored. So mechanism can make hijacking easier, not count of engines.
You may well be right. But Opera ought to have the most information on this issue. If as you say, it's the mechanism of storing the speed dial date, maybe it's more burdensome for Opera, when adding additional engines, to have to look to the mechanism for each one. Limiting the search engines as default keeps it more financially do-able, while maintaining safety.
(3) does Opera view its default engines as inherently safer than others would be if they made them available, and if so, why?
As we know this engines except Wikipedia are paying to be in the list. And as I mentioned before, some are not even set correctly. And there are safer engines. So there's no "good" answer for Opera.
The ones you say are safer -- perhaps startpage, duckduckgo -- may be in the context of searches being traced to a particular user, but still may be more susceptible of hijacking. Or at least, every engine addred as a default, may require configuration by Opera to make the engine safe, and expense, and Opera may have had to limit how much configuration and expense it could put into the issue. Now if some search engine owners are paying Opera to use the search engine, it make sense, they they be included as default right off (Opera has the income from them to invest into making adjustments to configuration, so that a search with that engine is relatively safer. If it's money that makes the creation of the free browser possible (and it is free for the user), it doesn't offend me at all. That's the world that "is," the world we live in.
(5) or is it that for some reason it would help if we knew, typing the code would make any search safer, but Opera did need to offer some default search engines (to compete with other browsers) but wants to limit the risk of hijackings, by limiting the number of default engines offered.
Typing of word safer? Really? Then if this is reason, they should disabled default engines at all.
You're missing a "verb" between "should" and "disabled" and it's not comprehensible to me, what exactly you're saying.
It's not making sense. They are not limiting risk by numbers. But by locking mechanism to change engines.>
-- Something with the sentence structure. Can't follow what you're saying to assess if it makes sense.
(6) why typing of the one or two letter code, is in Opera's view safer.
Who stated that this is safer? It's nonsense from technical point of view.
Maybe, maybe not. Look Opera spokesman says it wasn't safe to offer more default search engines, but they do offer for other engines the code. Implicit in that is that the code is safer. If it makes no sense to you, okay, but for me, I have to defer to Opera on that.
And if you care about users security so much, you allow extension to compromise it, and you don't care, because you're safe by law while on the other side using security as argument? So (if this would be true) then yeah, this is approach users should love.
I think you're mixing apples and oranges. To begin with, I myself have enough search vehicles to be happy. I use Disconnect Search which masks my search and purportedly makes it not (or less)(one hopes) traceable to me. I believe it's safer. In place of that, I would type the one letter code with the search engine of my choice, if I didn't want to use google, bing, etc. Now on extensions, I take a safety risk for things really important to me -- the feature the extension offers. I read the reviews, look at the number of downloads, view user comments, and then take some extensions. You claim to be logical, and yet IMHO you're not. You make this "mixing of apples and oranges" argument that, at least to me, makes no sense.