The FREAK TLS attack Following the trend of memorable names for TLS attacks, FREAK was recently announced. This exploits a bug in some TLS libraries, combined with the support of ancient weak ciphers, to enable a MitM to force crackable encryption. (The story of these ciphers is quite interesting, but plenty has been written elsewhere...

You might have seen our press release that Opera’s Rocket Optimizer can now optimize encrypted video streams. The attentive reader will already have halted and said, “wait, what?”. In this blog post, we’ll explain how this works. Rocket Optimizer works at the ISP level, ensuring that all subscribers get an optimal experience. When available bandwidth...

At Opera Software, we run a large number of websites for our products and services, and we like to give credit to the researchers and website testers who offer their assistance to help us tighten the security of those websites. We would like to take this opportunity to thank the researchers and testers of 2015...

So the last weeks have been rather hectic behind the scenes in the browser security world, when Google security group found a new way to exploit a rather well known design weakness in SSLv3 published in the paper This POODLE Bites: Exploiting The SSL 3.0 Fallback. You might wonder why that would be serious, when...

Opera 23 has been out on the stable channel for a while, and we have just released a few silent security updates as well. The first was a regular Opera security fix, the second was to take in a security patch in advance of the regular Chromium update cycle, and the third was to take...

In the recent Opera 21 Stable release, we fixed a number of bugs relating to the address field. Normally, we would not want to give away too much about a security issue, as it would give a potential attacker the instructions for how to abuse it. However, the exploit for DNA-18354 requires the user to...