Tuesday, December 19, 2006

Review of Opera's new browser Ver.9.10.

And finally the long awaited browser ver. 9.1 from Opera is out. Yes the wait is finally over. Opera has always been a leader when it comes to bringing in new features and the latest version of the Opera browser is full of that and the English version is only 4.9 MB in size.

Taking into account the rampant phishing attacks that has been going on in the net world one of the features that the latest versions of Firefox and Internet Explorer has included is the anti-phishing feature. Firefox 2 even with it's anti-phishing feature was recently reported to have been open to a security flaw through an exploit in it's password manager. The flaw which is known as the reverse cross site request (RCSR)is caused due to the Password Manager not properly checking the URL before automatically filling in saved user credentials into forms. This may be exploited to steal user credentials via malicious forms in the same domain.

What mainly sets Opera 9.1 from IE 7 and FF 2 is it's real time fraud protection. Real time fraud protection is a very cool feature simply because it gives you real time protection from a constantly updated list on Opera’s database to check the legitimacy of the site you want to visit. Unlike Firefox's default method of checking a pre-downloaded list of websites Opera does the checking in real-time so you’ll be protected against new fraud sites that pop-up each day.

The pic above gives you an idea about how it looks in the Opera 9.1 browser.

If the site is determined to be a fraud, Opera will instead display a warning and block you from visiting the site. You’ll still have the option to bypass the warning all for all those who worried about their privacy getting compromised while Opera directs you to the real time checking, Opera will send only a limited amount of information to Opera’s server in plain text, so that you can inspect yourself the information Opera sees about your browsing details.

It's easy to turn on and off the fraud protection from the information dialog you get when clicking the icon.

According to the OPera desktop team's blog "We don't store information on our servers that let us track individual users. IP addresses are discarded and we don't use cookies or other session information. No information goes directly to third parties, all communication goes through our own servers. Our servers get the trust information from a database supplied by GeoTrust, who have a long experience with anti-fraud solutions." Also apart from GeoTrust the new browser has real-time protection provided by PhishTank. PhishTank is a collaborative clearing house for data and information about phishing on the Internet.
PhishTank, operated by OpenDNS and community members, enables anyone to submit, verify, track and openly share phishing data.

The open access of PhishTank, and the use of PhishTank data in Opera, is intended to encourage the sharing of information and increase the chance of eliminating phishing all together.

The other worry would be whether speed is compromised when all these things are done in real time to check against the list. But since everything is done asynchronously and the content load is really minimal it would not affect the speed.

The anti-fraud feature is an opt-in feature for now. Opera is about giving users the choice now since they believe that it would take a bit of time for users to get used to this feature. Also to transmit the data to the site check server Opera uses https when they send information about an https server, to ensure that the trust information is at least as reliable as the original content. Opera still prefers to use http most of the time, since they are not very comfortable with sending home information that Opera users can't easily inspect.

From the desktop team here is a list of problems that has been addressed and fixed in the new version:
* Improved stability
* Prevented page reload when navigating to "#"
* Fixed problem where pages showed the incorrect favicon
* Fixed problem where multimedia keyboard shortcuts would not work when Opera was focused
* Attempted to fix problems experienced on some pages when using a slow Internet connection by increasing opera:config#Network|HTTPLoadingDelayedTimeout to 60 seconds
* Fixed bug where document.body.currentStyle.height reported the wrong value
* Fixed bug where currentStyle.width was not correct if width is set by a script
* Fixed bug where 'Open all' from Widgets menu was broken
* Fixed bug where BCC header was visible to recipients in resent messages
* Fixed bug where cookies could not be removed using XMLHttpRequest
* Fixed bug where one could not log in to Gmail with "Accept only cookies for the site I visit" enabled
* Changed Mozilla ID string spoof to mimic Firefox
* Fixed bug where browser.js wasn't cached correctly
* Fixed issue where stored passwords were lost after enabling/disabling the master password
* Made IE ID string spoof as Windows on Linux/UNIX and Mac
* XMLHttpRequest didn't handle redirects
* Enabled use of the Authorization header in XMLHttpRequest
* "Save target as" and "Save to disk" now play well together
* "Save directly to" now works
* Improved error message when a dictionary isn't installed for the spelling checker
* Fixed accidental deletion of a feed when unsubscribing.
* Windows media plugin now works even if java is disabled

Also apart from the real time fraud protection and the stuffs listed above the new version has the following features:
* A whole set of web developer tools integrated including:
* Live CSS (Cascading Style Sheets) inspector
* DOM inspector
* view source
* view live source (generated code)
* cool colour picker/inspector: lets you hover over any colour on the screen and get the code for it.
* windows resizer to common sizes for devices, mobile phones and pcs
* Tabbed browsing and pop-up blocking
* Opera integrated search
* Integrated search
* Password manager
* Opera skins
* Customization
* Integrated voice features
* Full support for Gmail
* Atom newsfeeds
* First Web browser to natively support Scalable Vector Graphics (SVG)

So with all these cool features Opera 9.1 is going to be in the same league as the Firefox 2 and Internet Explorer 7. May be the delay in the release has also been a blessing in disguise to them since it allowed them time to look at and analyse the new features in the other two browsers and be one up. Now, this is what we call healthy competition, not cut-throat.

Download Opera 9.1 (4.9 MB)

Related Reading:-
Opera 9.0 security vulnerabilities.
Firefox 3 Alpha 1 released.
Security flaw in Firefox 2 allows phishing attacks.