Today, we want to share with you another big thing that you will first see in the developer channel for Opera for computers.
We are the first major browser maker to integrate an unlimited and free VPN or virtual private network. Now, you don’t have to download VPN extensions or pay for VPN subscriptions to access blocked websites and to shield your browsing when on public Wi-Fi.
A great addition to a browser, and in these times, every browser should have it.
WebRTC still leaking, use uBlockOrigin (has an option) or WebRTC Network Limiter extension ( https://chrome.google.com/webstore/detail/webrtc-network-limiter/npe… ).
Their Privacy Policy says “No logs” so that’s nice.
What they don’t say, how will they pay for all this new bandwith? They bought SurfEasy VPN a while ago, but that service was free (500Mb) and for money, now, everyone is on free?
Licaon Kter,
Actually I also wonder how this service can be offered for free in the long term. I didn’t find answers on the website. If I relied on this feature, I’d be very concerned about it’s long term viability. A peer to peer network like tor seems more robust to me.
In the comments, there are complaints about the VPN gateway IPs being blocked. I tried to confirm this, but every time I tried starting opera with the VPN enabled it crashed (there were many complaints about this too). Oh well, maybe I’ll try it again once it’s production ready.
Their mods say:
Kornelia (Mod)
We are profitable company, we do have the money.
Aneta Reluga (Mod)
Well, we appreciate cute kittens too.
The question is sort of philosophical though. Actually, how do you finance any freeware application, feature or service? Since it is not a matter of simple “do ut des” calculations, there are varying business models, and the market is constantly evolving. I can only address your understated doubts by saying that we are doing our job in both the legal and the ethical way, and ethics is a meaningful word.
So yeah, no answer yet…
Edited 2016-04-22 06:07 UTC
Looking around a bit, SurfEasy is still being backed by venture capital funding. So while Opera may be a profitable company, it probably isn’t injecting that much money into SurfEasy beyond the original purchase. It could be that, by incorporating SurfEasy into its own networking infrastructure, it’s providing a large-scale example of SurfEasy technology for future clients.
It’s been a while…
Since the te “Opera” browser is not open source, How do I know that the VPN client is really secure?
I am not claiming that this is inherently insecure, but I would have some concerns about a VPN that has zero configuration and a service whose configuration and encryption levels are unknown to you.
For all you know, you may be sending all your VPN traffic up for inspection by anyone that Opera decides to share it with because who knows how “well” encrypted that traffic really is.
Nothing more dangerous than a false sense of security.
If the browser were open source and the encryption implementation was available for review, then I would be more inclined to see this VPN in the browser as a positive feature.
Edited 2016-04-22 08:22 UTC
Nothing more dangerous than a TRUE sense of security.
We all live in a sense of continuous danger, Porcel.
Praying to our Lesser Gods that our thoughts and dreams be miserable minutia to the Status Quo.
First, you have to trust Opera really a lot to call this an improvement: with routing under Opera’s control, they have yet more information about user. Even if Opera (browser) does not track users, VPN operator may do a lot, all transparently to end user.
Next, VPN’s impact on privacy is frequently overstated. There are still fingerprinting tactics that VPN does not help with. And there are social sharing buttons that don’t care about VPN…
The only real benefit here is a breach of region lock (US-only services, “This video is not available in your country,” etc). This is a nice thing to have, but it really should not be taken for advancement in privacy direction.
SurfEasy VPN is wholly owned by Opera. They openly store logs of usage and share the info if requested by agencies. This offers the questionable defence in already oppressive systems of government
Edited 2016-04-22 09:32 UTC
SurfEasy on privacy:
https://www.surfeasy.com/blog/why-surfeasy-vpn-is-a-no-log-network/
From that link provided by AVL:
Other free VPNs obviously don^aEURTMt make their money this way. Their make their money by logging your usage and personal data and then selling this on. They make money by building huge amounts of information and handing that over to someone else. We don^aEURTMt believe that this is how an online security company should work. This is why we are proud to be a no-log network.
There are a few instances in which we^aEURTMre obliged to monitor or keep some information to ensure that the service keeps running properly, sometimes in real time. We also may be legally obliged in certain circumstances to disclose personal information to governmental authorities or agencies ^aEUR“ although because we don^aEURTMt keep any information beyond your email address, all we can hand over is this, and the information that you do, in fact, hold an account with us.
This isn’t entirely correct. In their privacy policy, they say they may collect some metrics and data to improve their service. This could include aggregate bandwidth usage for billing info etc., temporary usage data to assist with debugging that is not retained once troubleshooting is resolved, and SurfEasy clients may use in-app analytics technologies.
From their Privacy Policy:
SurfEasy is required to comply with law enforcement where subpoenas, warrants or other legal documents have been provided. We may collect and disclose personal information, including your usage data, to governmental authorities or agencies, including law enforcement agencies, at their request or pursuant to a court order, subpoena or other legal process, if there is a good faith belief that such collection or disclosure is required by law.
Since we manage a global network, your Internet traffic may be routed through one or more different countries.
I interpret that last sentence, sitting on its own in the policy, as an acknowledgement that may be served with a court order from any country that suspects data has travelled through its infrastructure.
So it seems they hold very minimal information except when there’s some troubleshooting going on. If a court order arrives during a troubleshooting period, when they are holding “temporary usage data”, would they submit that as well? They don’t explain what this temporary usage data is (not IP addresses, according to what they say elsewhere).
Most of the time, that “usage data” they will provide may be no more than “Jane Brown used 33MB of data allowance in December, 450MB in January, 32MB in February, 34MB in March.” But if there had been a troubleshooting period in January and a court order had been served in that month, what would it show about Jane Brown’s usage? Especially as that was the month she received the scanned documents showing illegal activity that P.H.P. Residual Solutions Inc. had been engaging in for the past decade.
That’s quite a big change, happening of late, that could well contribute -on the long term- to evolve Wild Wild Web into a more Civilian Place.
“…at their request[,] or…”
Small companies doesn’t have the resources for ‘Big_Shot’ Lawyers’ Teams.
Subpoena? Why the trouble? Sorry about the seconds pause.
So, just a detour in Web_Use data harvesting?
Leaving aside trust [I trust Opera People more than quite a bunch of FOSS projects], being it so high on the stack, [as WhatsApp]it amounts to not so much. [Framed within the navigator policy].
And ‘sniffing’ detours.
Soon people will start abusing it,and it sites will have the vpn ip addresses banned.
Is that engine.
They switched to the Chrome engine a while back (2013?)
They are basically little more than a reskin company these days which isn’t focused on power users. This is why Vivaldi has come into being (from some of the original team).
Thanks Adurbe
Apparently this is not a true VPN and is really just a pre-configured HTTP proxy
And of course it does not work in China.
Who would of though that about a (freshly) Chinese bought company/browser? Eh
You mean this I guess: https://www.helpnetsecurity.com/2016/04/22/opera-browser-vpn-proxy/
also: http://www.opera.com/blogs/news/2016/04/opera-doubling-server-capac…
Edited 2016-04-24 07:38 UTC