Friday, September 12, 2008

Opera - sends all queries to sitecheck2.opera.com

I don't generally use Opera, and I also I use a web filter service, the rather excellent ScanSafe, I feel fairly safe against web based threats.

If you have a similar service you may not need the free service from Opera that sends all your DNS queries to a 3rd party, Seattle-based Haute Secure.


The Opera Fraud Protection can be enabled/disabled from Tools > Preferences > Advanced > Security by checking/unchecking the box marked "Enable Fraud Protection."

You will see the protection operating by querying your firewall for requests to http://sitecheck2.opera.com.

The Washington Post has an article about this, and also some weaknesses, like sending the query clear text, having a weak HMAC so you can reverse engineer the process, or, if you are a malware / phishing 'vendor' querying to see when you need to change hostnames.

It seems performance is not very good. The report says that on a sample page with nearly 3 dozen bad links, the browser blocked just two.

No comments: