28 Apr 2010 @ 11:28 PM 
Opera Mini

Opera Mini's Dirty Little Security Secret

The recent release of Opera Mini for the iPhone has seen it shot straight to the top of the Free Apps charts. This in general is good. The Safari iPhone browser is a little lacking in feature and competition is always generally good in such a regimented environment.

Now here comes the but. One thing that isn’t widely known by the majority of the consumer market (I am excluding those with some technical knowledge here) is how Opera Mini works and the ramifications on visit any secure site such as online banking (which should be noted a few banks are now offering mobile device friendly websites and I am sure more to follow).

One of the big selling points is the speed that Opera Mini achieves. Unfortunately it achieves this via proxying all content, compressing it for mobile platform delivery and then passing it on. On the average website this isn’t such a huge problem, however on a secure site such as a banking website, this will expose your details to the servers that are acting as the proxy.

On the whole this itself may not even be a problem, I am certain that Opera have security around this infrastructure to prevent disclosure of information. However I think this does raise a few general questions:

  • How about full disclosure to your customer’s Opera? Yes, this information is available, but to the general punter downloading Apps via the App Store
  • I trust the people employed by services that offer secure connections such as banks. Granted this isn’t iron clad but on the whole any business (such as a bank) that relies on a secure connection for its business will makes efforts to ensure that security is maintained. Opera isn’t in this business and as such don’t really have a stake in protecting your information

Am I saying not to use Opera? No, it is a viable option as a web browser. All I want to point out here is that you need to be aware exactly what is happening to your information and the fact that Opera should be making this fact a little more accessible to the average user

Posted By: Chief Tech
Last Edit: 28 Apr 2010 @ 11:28 PM

EmailPermalink
Tags


 

Responses to this post » (None)

 
Post a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>