Tuesday, December 19, 2006

Review of Opera's new browser Ver.9.10.

And finally the long awaited browser ver. 9.1 from Opera is out. Yes the wait is finally over. Opera has always been a leader when it comes to bringing in new features and the latest version of the Opera browser is full of that and the English version is only 4.9 MB in size.

Taking into account the rampant phishing attacks that has been going on in the net world one of the features that the latest versions of Firefox and Internet Explorer has included is the anti-phishing feature. Firefox 2 even with it's anti-phishing feature was recently reported to have been open to a security flaw through an exploit in it's password manager. The flaw which is known as the reverse cross site request (RCSR)is caused due to the Password Manager not properly checking the URL before automatically filling in saved user credentials into forms. This may be exploited to steal user credentials via malicious forms in the same domain.

What mainly sets Opera 9.1 from IE 7 and FF 2 is it's real time fraud protection. Real time fraud protection is a very cool feature simply because it gives you real time protection from a constantly updated list on Opera’s database to check the legitimacy of the site you want to visit. Unlike Firefox's default method of checking a pre-downloaded list of websites Opera does the checking in real-time so you’ll be protected against new fraud sites that pop-up each day.

The pic above gives you an idea about how it looks in the Opera 9.1 browser.

If the site is determined to be a fraud, Opera will instead display a warning and block you from visiting the site. You’ll still have the option to bypass the warning all for all those who worried about their privacy getting compromised while Opera directs you to the real time checking, Opera will send only a limited amount of information to Opera’s server in plain text, so that you can inspect yourself the information Opera sees about your browsing details.

It's easy to turn on and off the fraud protection from the information dialog you get when clicking the icon.

According to the OPera desktop team's blog "We don't store information on our servers that let us track individual users. IP addresses are discarded and we don't use cookies or other session information. No information goes directly to third parties, all communication goes through our own servers. Our servers get the trust information from a database supplied by GeoTrust, who have a long experience with anti-fraud solutions." Also apart from GeoTrust the new browser has real-time protection provided by PhishTank. PhishTank is a collaborative clearing house for data and information about phishing on the Internet.
PhishTank, operated by OpenDNS and community members, enables anyone to submit, verify, track and openly share phishing data.

The open access of PhishTank, and the use of PhishTank data in Opera, is intended to encourage the sharing of information and increase the chance of eliminating phishing all together.

The other worry would be whether speed is compromised when all these things are done in real time to check against the list. But since everything is done asynchronously and the content load is really minimal it would not affect the speed.

The anti-fraud feature is an opt-in feature for now. Opera is about giving users the choice now since they believe that it would take a bit of time for users to get used to this feature. Also to transmit the data to the site check server Opera uses https when they send information about an https server, to ensure that the trust information is at least as reliable as the original content. Opera still prefers to use http most of the time, since they are not very comfortable with sending home information that Opera users can't easily inspect.

From the desktop team here is a list of problems that has been addressed and fixed in the new version:
* Improved stability
* Prevented page reload when navigating to "#"
* Fixed problem where pages showed the incorrect favicon
* Fixed problem where multimedia keyboard shortcuts would not work when Opera was focused
* Attempted to fix problems experienced on some pages when using a slow Internet connection by increasing opera:config#Network|HTTPLoadingDelayedTimeout to 60 seconds
* Fixed bug where document.body.currentStyle.height reported the wrong value
* Fixed bug where currentStyle.width was not correct if width is set by a script
* Fixed bug where 'Open all' from Widgets menu was broken
* Fixed bug where BCC header was visible to recipients in resent messages
* Fixed bug where cookies could not be removed using XMLHttpRequest
* Fixed bug where one could not log in to Gmail with "Accept only cookies for the site I visit" enabled
* Changed Mozilla ID string spoof to mimic Firefox
* Fixed bug where browser.js wasn't cached correctly
* Fixed issue where stored passwords were lost after enabling/disabling the master password
* Made IE ID string spoof as Windows on Linux/UNIX and Mac
* XMLHttpRequest didn't handle redirects
* Enabled use of the Authorization header in XMLHttpRequest
* "Save target as" and "Save to disk" now play well together
* "Save directly to" now works
* Improved error message when a dictionary isn't installed for the spelling checker
* Fixed accidental deletion of a feed when unsubscribing.
* Windows media plugin now works even if java is disabled

Also apart from the real time fraud protection and the stuffs listed above the new version has the following features:
* A whole set of web developer tools integrated including:
* Live CSS (Cascading Style Sheets) inspector
* DOM inspector
* view source
* view live source (generated code)
* cool colour picker/inspector: lets you hover over any colour on the screen and get the code for it.
* windows resizer to common sizes for devices, mobile phones and pcs
* Tabbed browsing and pop-up blocking
* Opera integrated search
* Integrated search
* Password manager
* Opera skins
* Customization
* Integrated voice features
* Full support for Gmail
* Atom newsfeeds
* First Web browser to natively support Scalable Vector Graphics (SVG)

So with all these cool features Opera 9.1 is going to be in the same league as the Firefox 2 and Internet Explorer 7. May be the delay in the release has also been a blessing in disguise to them since it allowed them time to look at and analyse the new features in the other two browsers and be one up. Now, this is what we call healthy competition, not cut-throat.

Download Opera 9.1 (4.9 MB)

Related Reading:-
Opera 9.0 security vulnerabilities.
Firefox 3 Alpha 1 released.
Security flaw in Firefox 2 allows phishing attacks.

A lie detector for Skype users.

The Kishkish lie detector is a software that uses the Voice Stress Analysis to analyse the stress level in a person's voice. This tool monitors in real-time the stress level in the person's voice.

Before the software starts it's analysis it first calibrates the general stress levels of the speaker.

If you are clever enough you can modify your questions accordingly like what happens in a real lie detecting test as you watch the four indicators that shows you the stress level.

The four indicators are the needle that moves up and down and registers the stress level of the speaker, the meter which measures the stress level from 0-100, the light indicator that changes from green to red when stress levels go up and finally the messages that are displayed as "high" or "normal" according to the stress level.

Also, if you want to analyze the stress level off-line you can use the Kishkish SAM VSA.

On the Kishkish lie detector website you can make a test call to analyse the performance of the software. For this they have set up a recording of Bill Clinton's famous denial of having sex with Monic Lewinsky and as soon as Clinton says "I did not have sexual relations with that woman, Miss Lewinsky" the indicators registers a high stress level.

The software also lets the user at the other end know that his voice is being monitored by a lie detector. This is done to avoid any legal issues that might arise out of conducting such a test without the user's knowledge.

One of the problems with any lie detectors has been it's inability to clearly distinguish between the nervousness in a person's voice from the stress level. Since the Kiskkish lie detector is a new software we have to wait and see how it performs in that area.

But all said and done this tool will at least give some idea about the other person especially when you realise the amount of strangers you stumble upon on the gentle yet wild world of the Internet.

Minimum system requirements:
. Skype™ 3 Version
. Microsoft Internet Explorer 5.0 or higher
. Windows XP or Windows 2000 (SP3)