Opera Security

Opera recently became aware that source code from our legacy browser engine, Presto, has appeared in some online code and file sharing sites. This code is the property of Opera Software and has been published illegally and without our permission. Opera has taken legal steps to have the source code removed from these sites. The...

» Read more
Thumbnail

To enhance your privacy when using Android devices, we recently introduced privacy mode in Opera Max. Some of you asked how Opera Max classifies requests from apps you are using into three different risk levels. What do they mean? First, a quick overview of how Opera Max’s privacy mode works: After you press the button...

» Read more

Earlier this week, we detected signs of an attack where access was gained to the Opera sync system. This attack was quickly blocked. Our investigations are ongoing, but we believe some data, including some of our sync users’ passwords and account information, such as login names, may have been compromised. Although we only store encrypted...

» Read more

A number of researchers and website testers have offered their assistance throughout the year to help us tighten the security of our many websites. Thanks to all! Special mention goes to those who discover and report security issues: Dinesh Vicky Aamir Khan Muhammad Abdullah We will update this post with more names throughout 2016, if...

» Read more

We realize that those of you on old operating systems like Windows XP SP1 and older are left without much choice beyond using our Presto-based browser. With security standards on the web changing so much we didn’t want to leave you completely alone (even though we are not updating this product any longer) – we’ve...

» Read more

Recently, Google found a google.com pre-certificate in a CT log, without having ordered one. This lead to a series of incidents, also involving Opera and its security team. The backstory Google promptly contacted Symantec who had issued the pre-certificate, and blocked the certificate in Chrome. Symantec investigated and found out that they had made mistakes...

» Read more

Remember the SuperFish scandal? A third party application installed a Certificate Authority on PCs, and then hijacked all secure connections by serving browsers certificates from this local certificate authority. The SuperFish issue was widely publicized, partly because it combined several bad practices, but it is far from the only program out there that attempts to...

» Read more