How does Opera's security exceed that of other browsers?
| 4:24 pm on May 26, 2004 (gmt 0)|
First, I don't want this to turn into another "my browser versus yours" thread! ;) I just have a few specific questions about Opera and security.
Since starting in with FireFox (back in FireBird 0.6), I had always thought that the Mozilla browsers were about as secure as they come. But, I've read comments like tedster's, below:
|I won't fire up a less secure browser [than Opera] unless I have no alternative... |
So I'm beginning to wonder, is Opera really more secure than Mozilla or FireFox, and if so, how, why, and in what ways?
Again, we all know that the many diverse advantages of one browser over another have been discussed ad infinitum here. (Or perhaps ad nauseum? ;) ) But I hope a specific question such as this won't be taken amiss.
| 4:42 pm on May 26, 2004 (gmt 0)|
Have you ever heard about a security flaw in Opera? ;)
Yes, there have been a few, but those were stupid programming mistakes...
But you can't hijack a computer or cause it to crash by any means through the Opera browser...
That said -- anything other than IE can be considered secure. If IE wasn't tied into the OS it wouldn't have half the security flaws it now experiences.
| 4:47 pm on May 26, 2004 (gmt 0)|
Not sure where I said that, but I was refering to IE - I have no reason to doubt the essential security of Mozilla. If you search on "Mozilla vulnerability" or "Mozilla exploit" the pickings are mighty slim -- same with Opera.
Of course, part of this is because of IE's ubiquity. Guerrilla hackers won't bother to find an exploit for a browser that isn't a big fat target, because the returns are so slim. Same reason that armies blow up bridges: it's where the resources are concentrated.
Nevertheless, and for whatever reason, IE has had a ridiculous number of security problems. And if you ever research any shady neighborhoods... 'nuff said.
| 4:49 pm on May 26, 2004 (gmt 0)|
Even back in the old Browser War days there were no exploits for NN4, but quite a few for IE :)
| 4:49 pm on May 26, 2004 (gmt 0)|
Off the top of my head, I can remember a very serious cookie hijacking bug, a HTTP/HTTPS redirect bug, and a memory corruption bug with GIFs in Mozilla.
| 5:39 pm on May 26, 2004 (gmt 0)|
Thanks guys, guess I'll stick with the Fox! ;)
Tedster, that quote was from the thread about the Travelocity.com redesign:
I've seen other similar comments around here but yours really summed up the question I wanted to ask. I'm glad you consider FireFox secure as well, though - it's my favorite, but I'd have to at least think about a switch if you believed it has serious security flaws.
| 5:58 pm on May 26, 2004 (gmt 0)|
So, is it like DrDoc said - the main reason that IE has so many security flaws is because it's tied into the OS (ignoring the fact that it is the most targeted browser because of it's marketshare)? It's not necessarily sloppy coding or overlooked security holes?
| 6:27 pm on May 26, 2004 (gmt 0)|
|It's not necessarily sloppy coding or overlooked security holes? |
There's probably some of that too... MS has a limit as to how many known bugs are allowed before releasing a new version. Of course, that's usually not a problem as long as the bugs are not publicly known.
Then, the fact that IE is integrated with the OS makes it so much more interesting to target. You can do much more damage, and access information more easily if you just break that gate. So, why bother with two gates when you can go through one?
| 8:24 pm on May 26, 2004 (gmt 0)|
|Have you ever heard about a security flaw in Opera? ;) |
Yes I have! [webmasterworld.com] (Posted in this forum by me only yesterday). Version 7.50 fixed this particular problem as well as another problem with download extension spoofing (see the changelog for 7.50). A quick check shows that Opera was vulnerable to a cookie path processing vulnerability prior to 7.20 beta, and from memory Opera 6 moved up version increments several times due to security problems.
This is not to criticize Opera specifically. Bakedjake is right about several serious vulnerabilities in Mozilla (and variants), and let's just say that Internet Explorer doesn't have the best reputation either. Overall, Opera has a good security record, and Opera Software appear to take problems seriously and make sure that corrections are made when problems occur. I think that's the best we can ask for. Just don't expect them to be perfect!