Jump to content
CCleaner Community Forums
luik

Opera shown to be the most secure browser by Symantec

Recommended Posts

"Each year the Enterprise Security division of Symantec (the makers of Antivirus software like Norton Antivirus) publishes a report on the state of Internet security and threats. The report released this month gives statistics about the major browsers, and their findings are showing Opera to be very secure. An article in Norway's digi.no IT website (Norwegian, here is a translation in English) sums the part of the report that talks about browsers, and it's very interesting to know for anyone who cares about keeping out of harm's way on the Web.

 

In 2009, Opera was one of the browsers with the shortest window of exposure before exploits were fixed, averaging less than one day. Opera also had the fewest vulnerabilities of all major browsers, with a total of only 25 in comparison to 169 for the browser with the most.

 

This goes to show that Opera Software is dedicated to security, and we've proven that by having the most secure browser, and by responding as quickly as possible to any security threats that are found. Our company culture is such that we put a great emphasis on security. You can even learn more about Web security from our Security Group blog."

 

Read in Portuguese (Brazilian) here.

 

From: http://my.opera.com/chooseopera/blog/symantec-security-report by Joseph D. Lien.

(in reply to: "Opera highly critical flaw")

Share this post


Link to post
Share on other sites

*rolls on the floor laughing*

This is just proof Symantec doesn't know anything about security. Does Opera runs in a Protected-mode-like on Vista and 7 ? No. Does it sandboxes tabs ? No. Sandboxing plugins ? No.

Opera is secure because no one will ever write an exploit for a browser that has less than 2% market share - especially considering that Opera users are probably more tech-savvy than users who still use old IE versions.

For the same reasons, there are not much hackers who are looking for Opera flaws.

 

The most secure browser if you don't use Flash is Chrome, thanks to its sandboxm (it doesn't eve allow reading the disk). Else it's IE8 since it can run Flash in a sandbox (but the sandbox allows reading from disk). And if you really want something secure, I think running Firefox from a Linux LiveCD is secure since no virus will be able to install itself.

Share this post


Link to post
Share on other sites

Google Chrome might be the most secure web browser..., when you completely forget about extensions:

http://www.pc1news.com/news/1303/hackers-target-google-chrome.html

 

This is just an example of what can be done with extensions.

 

This is just proof Symantec doesn't know anything about security.

I'm sure Symantec knows nothing about security, AV-Comparatives agree with us, they awarded Symantec its top Gold award of Best Anti-Virus Product of 2009:

 

From: http://www.symantec.com/about/news/release/article.jsp?prid=20100120_01

 

PLEASE NO DIRECT DOWNLOAD LINKS - REMOVED BY MODERATOR

 

award-hasil-test.jpg

 

Symantec won great awards in many other months and in other test companies as stated in the link above.

"Symantec really knows nothing about security." #fail

Share this post


Link to post
Share on other sites

Symantec won great awards in many other months and in other test companies as stated in the link above.

"Symantec really knows nothing about security." #fail

 

Yeah. Like when they said PatchGuard in Vista x64 was a bad thing because their AV couldn't work with it - McAfee said that, too. All other AVs worked fine, however. (PatchGuard is one of the best security features in x64 Windows...)

Or when Norton 2006 slowed your hard drive access by 23x (yes, I'm serious - 23x). They also have a nice Norton 360 which, with its "optimization" module, deletes Registry keys if it thinks they are useless, without user consent nor backups.

Simply looking at the number of flaws and saying "this is more/less secure" is useless. They should have taken into account other factors, such as tabs/plugin sandboxing, protected mode (i.e. low integrity level for child processes) and market share (since Opera has somewhere around 2%, no hacker will search for flaws in it).

 

PS : Did you read the link to the malicious "Chrome extension" you posted ? It's not a Chrome extension at all, simply a trojan. ;)

Share this post


Link to post
Share on other sites
PS : Did you read the link to the malicious "Chrome extension" you posted ? It's not a Chrome extension at all, simply a trojan. ;)

Yes, it's a Trojan that only affects Chrome, showing a fake extensions page with more viruses.

Share this post


Link to post
Share on other sites

Yes, it's a Trojan that only affects Chrome, showing a fake extensions page with more viruses.

 

Anyone could do the same with Opera widgets/Firefox addons/IE addons/Safari addons/Windows programs/ponies. ;)

Share this post


Link to post
Share on other sites
Simply looking at the number of flaws and saying "this is more/less secure" is useless. They should have taken into account other factors, such as tabs/plugin sandboxing, protected mode (i.e. low integrity level for child processes)

Even with all these things Google Chrome has, it scored 41 flaws and Opera scored 25.

 

since Opera has somewhere around 2%, no hacker will search for flaws in it

That explanation doesn't changes the fact that Opera might be the safer in this moment.

And if a browser is safe it should be safe don't matter the market share it has.

 

Anyone could do the same with Opera widgets/Firefox addons/IE addons/Safari addons/Windows programs/ponies. ;)

Yes, that was only to show that Chrome isn't bulletproof.

Share this post


Link to post
Share on other sites

Even with all these things Google Chrome has, it scored 41 flaws and Opera scored 25.

Where are those numbers from ? Currently, Opera 10.x has 9 vulnerabilities found, and Opera 9.x has 56, according to Secunia.

I can't believe they are seriously saying all flaws were patched in an average of less than one day - the flaw patched in Opera 10.51, for example, was "open" for a week if I remember correctly.

Unless, of course, they also count the flaws they found themselves - it's quite easy to say "we found a vulnerability" just after you patched it, but it's cheating ;)

That explanation doesn't changes the fact that Opera might be the safer in this moment.

And if a browser is safe it should be safe don't matter the market share it has.

It does. Since they have a very low market share, they don't have to lose time in finding security flaws, because no one will exploit them, and they know that.

If Opera had, say, 50% of total market share, there would be a lot of other vulnerabilities found. And since those vulnerabilities would be exploited, they'd have to spend more time finding them, and less time making a better browser.

Share this post


Link to post
Share on other sites

Where are those numbers from ? Currently, Opera 10.x has 9 vulnerabilities found, and Opera 9.x has 56, according to Secunia.

I can't believe they are seriously saying all flaws were patched in an average of less than one day - the flaw patched in Opera 10.51, for example, was "open" for a week if I remember correctly.

The flaw was open for one week because they spend the time trying to exploit the flaw themselves, I think the instructions Opera Software received should have something wrong or missing, but now it's fixed. :)

 

Unless, of course, they also count the flaws they found themselves - it's quite easy to say "we found a vulnerability" just after you patched it, but it's cheating ;)
[citation needed]

 

It does. Since they have a very low market share, they don't have to lose time in finding security flaws, because no one will exploit them, and they know that.

If Opera had, say, 50% of total market share, there would be a lot of other vulnerabilities found. And since those vulnerabilities would be exploited, they'd have to spend more time finding them, and less time making a better browser.

Companies has various divisions, Opera has a security group of employees, web developers group, UI designers group, etc., they wouldn't spend more time finding them since there's a team specially for it and a separated team for improving features and making a better web browser.

You just gave me an insight: maybe other companies doesn't haves separated teams, that's why their products sucks in both features and security. :P

 

;)

Share this post


Link to post
Share on other sites

The flaw was open for one week because they spend the time trying to exploit the flaw themselves, I think the instructions Opera Software received should have something wrong or missing, but now it's fixed. :)

Yes, but if one flaw out of 29 took one week (7 days) to be patched...it means all other flaws were patched in less than 18 hours. That's a bit too low IMHO.

Besides, do you know there currently is an unpatched vulnerability in Opera 9.x ? Yes, it's old, but companies like Apple, Microsoft or Mozilla still support old versions of their browsers... http://secunia.com/advisories/product/10615/

 

[citation needed]

I can't see what you are trying to say :huh:

Companies has various divisions, Opera has a security group of employees, web developers group, UI designers group, etc., they wouldn't spend more time finding them since there's a team specially for it and a separated team for improving features and making a better web browser.

You just gave me an insight: maybe other companies doesn't haves separated teams, that's why their products sucks in both features and security. :P

Yes, but since Opera is free (except the mobile one), they have limited money. And if they had to pay more people in the security part, they'd be less money left for the other groups. Besides, sandboxing tabs/plugins basically means "redo a major part of the browser's architecture", so the security group wouldn't be the only one working on that.

 

Opera is like Linux in security ; they have a very low market share, so they can freely decide what to do with security. It's not a bad thing.

Share this post


Link to post
Share on other sites

Yes, but if one flaw out of 29 took one week (7 days) to be patched...it means all other flaws were patched in less than 18 hours. That's a bit too low IMHO.

Besides, do you know there currently is an unpatched vulnerability in Opera 9.x ? Yes, it's old, but companies like Apple, Microsoft or Mozilla still support old versions of their browsers... http://secunia.com/advisories/product/10615/

I don't care about old versions. Do you keep an old version of your anti-virus software and expect to have the same security as someone that do updates? (version doesn't mean viruses database here)

 

I can't see what you are trying to say :huh:

You practically said Opera count the flaws they found themselves and they say "we found a vulnerability" after it has been already patched. Do you have any source on what you're saying? If yes, do you have any source to confirm that other companies mightn't do the same?

 

Opera is free (except the mobile one)

Opera Mobile is free.

Share this post


Link to post
Share on other sites

I don't care about old versions. Do you keep an old version of your anti-virus software and expect to have the same security as someone that do updates? (version doesn't mean viruses database here)

No, but if Symantec's report was well done, they'd have pointed that out.

You practically said Opera count the flaws they found themselves and they say "we found a vulnerability" after it has been already patched. Do you have any source on what you're saying? If yes, do you have any source to confirm that other companies mightn't do the same?

Other companies probably do the same, too. Which is why a path time average doesn't really mean anything.

Opera Mobile is free.

Really ? Always thought it wasn't. How does Opera Software earn money then ? :huh:

Share this post


Link to post
Share on other sites
Really ? Always thought it wasn't. How does Opera Software earn money then ? :huh:

Default search engines, bookmarks and Speed Dial partners, just like others.

 

No, Opera Mini (J2ME and Android) is free. Opera Mobile for Windows Mobile is not free.

You can select and download Opera Mobile 10 here, it's free.

Share this post


Link to post
Share on other sites

opera is good for US users too? AND MOST IMPORTANTLY!!!: WHERE did you find that hilarious face that you use here as your avitar??? i am ROTFLMAO! i LOVE it! i want one! please tell me where i can find one like the one you use!!! thank you, karen

Share this post


Link to post
Share on other sites

opera is good for US users too? AND MOST IMPORTANTLY!!!: WHERE did you find that hilarious face that you use here as your avitar??? i am ROTFLMAO! i LOVE it! i want one! please tell me where i can find one like the one you use!!! thank you, karen

About Opera.

I can't tell you if Opera is good for you, because I'm not you, you have your own needs on Internet and I have mine. Test it yourself and evaluate if it's good for you.

If your question is about computer security, I think it's another thing that depends on the person using the computer. The person somewhat chooses to click on things that install malware or not depending on the knowledge he/she has.

If we believe low market share is the reason for more security, Opera might be the safer browser on US, because it's the less used making it the less aimed by hackers. Opera is more safe on US than in other parts on the world such as Russian Federation where the market share is higher.

BTW, they patched a security issue in two days (10.52 > 10.53) recently so maybe they're really good and aren't just good because of low market share.

 

About my avatar.

I found it on a someone else's social network website photo album then searched it on the Internet using TinEye (it lead me here), I don't know who exactly made it or how the person made it.

What I know is that my avatar is an edited scene from a Kirby anime episode which it turns evil because of an evil monster sent by King DDD (here at 2:36) with this worse face expression.

I like this avatar a lot, I love the Nintendo's Kirby video games series and watched the anime a lot when I was younger. :)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...