Opera’s Security team at Barcelona Cybersecurity Congress 2023

February 9th, 2023

Hello readers!

If you follow our Security team’s Twitter account (it’s here, by the way!), you’ll have noticed we were busy last week meeting cybersecurity enthusiasts and professionals at this year’s Barcelona Cybersecurity Congress.

The event was attended by over 15,000 international visitors and companies including Cloudflare, Fortinet, Knowbe4, and more. Opera’s Security team joined the conversation about the increased importance of cybersecurity and highlighted a major area of risk that users browsing online might not be aware of.

At the Congress’s Hacking Village, we also took the opportunity to put together a few hacking challenges based on real bug bounties we have awarded in the past, and encouraged ethical hackers and security enthusiasts in the audience to take them on!

Why your browsing history matters

Your browsing history was the topic of a talk by Cezary Cerekwicki, our Head of Product Security. Did you know that, even if you’re careful about everything else when you browse online, your browsing history can still be used to identify you? In fact, according to research, it could only take a browsing history of 100 to 150 websites to identify you.

So if you built up a browsing history over the course of, say, a year, and then moved to a completely new device with no other identifiers (like a user account, cookies, etc.), you could, in theory, be identified through your browsing choices, like which websites you like to browse every day – that’s how unique this activity can be. In his talk, Cezary shared why this is important, how it can place users at risk, and how they can protect themselves.

Opera Head of Product Security Cezary Cerekwicki speaking about the importance of browsing history on the Hacking Village stage at BCC23.

Putting the “hacking” in “Hacking Village”

But we didn’t just talk – we also had some fun games planned for the ethical hackers in the audience.

First and foremost, we had our bug bounty challenge, where participants had the opportunity to try and find vulnerabilities in imaginary Opera products based on previous bug bounties we have issued. This was an advanced-level challenge meant for people like application security engineers or researchers interested in app security.

Additionally, we had beginner- and intermediate-level challenges for participants who wanted to learn more about the state of online privacy and test their cybersecurity knowledge.

Thank you to everyone who joined us at the Hacking Village this year, and of course, the Barcelona Cybersecurity Congress for the hospitality! Stay tuned for more exciting events and insights on privacy and security!