Opera CEO: Unite not a security risk
Opera has been defending its Unite product, claiming that far from causing security problems it actually increases the security for users who would otherwise be dependent on the cloud.
In an interview reported by NetworkWorld, Opera CEO Jon von Tetzchner claimed that putting servers into every copy of Opera would increase the security of the internet by spreading the risk across millions of computers, rather than providing access to millions of cloud-based accounts with a single hack.
"When you're hacking a single system, if you have everything that belongs to everyone in one location, you only need to break in once," he said. "If you get into one Web server and everyone's data is in there, that's easier than getting into a million computers."
Which is nearly true: some would argue that cloud systems are maintained by (hopefully) competent security personnel, but the same can't be said for the millions of PCs perched on credenzas around the world. Then there's the fact that if the single system hacked is Opera's, then that hack can be automatically exploited on those millions of computers.
Rather more incontrovertible was the assertion that "a lot of people are concerned because this is a new piece of technology", which is fair enough: Unite's security will remain an unknown until hackers start attacking it, but hackers aren't going to attack it until it gets into general use, and that's not going to happen while users are too frightened to install it.
Tetzchner reckons Opera has spent a "fair amount of time" securing Unite, but it remains to be seen if that's enough to encourage its use so that we can really see if Unite stands up to a deliberate attack. ®
Opera is the most secure browser on the planet?
If this were only true, I would be still using opera.
More Deatils Please
What level of sandboxing (if any) does Unite employ? Are all inbound connections read-only, as they should be? Are directory accesses outside the 'shared' folders (including via aliases) blocked? What level does the Unite web server process run at on non-admin accounts?
If they do use a very simple system - and simple is the key here - which implements a highly restricted read-only policy for remote connections, then that alone will mitigate many potential security problems. I would be very surprised if they were providing a full-featured web server inside Opera, since that is not only overkill, but asking for a mountain of trouble as well.
What people are forgetting.
Opera is the most secure browser on the planet, more secure than Firefox (not hard), more secure than IE (even easier), more secure than Chrome/Webkit/Safari.
I trust Opera to implement Unite in a way that does not compromise their existing unbeaten security track record, history says when Opera does it, they do it right. When Mozilla do it, it ends up a security swiss cheese...
The fact that Unite is off by default is something rather important to understand, and something that seems to be beyond the logic of some Tech writers.