Friday, September 12, 2008

Opera - sends all queries to

I don't generally use Opera, and I also I use a web filter service, the rather excellent ScanSafe, I feel fairly safe against web based threats.

If you have a similar service you may not need the free service from Opera that sends all your DNS queries to a 3rd party, Seattle-based Haute Secure.

The Opera Fraud Protection can be enabled/disabled from Tools > Preferences > Advanced > Security by checking/unchecking the box marked "Enable Fraud Protection."

You will see the protection operating by querying your firewall for requests to

The Washington Post has an article about this, and also some weaknesses, like sending the query clear text, having a weak HMAC so you can reverse engineer the process, or, if you are a malware / phishing 'vendor' querying to see when you need to change hostnames.

It seems performance is not very good. The report says that on a sample page with nearly 3 dozen bad links, the browser blocked just two.

No comments: