We realize that those of you on old operating systems like Windows XP SP1 and older are left without much choice beyond using our Presto-based browser. With security standards on the web changing so much we didn’t want to leave you completely alone (even though we are not updating this product any longer) – we’ve...

Recently, Google found a google.com pre-certificate in a CT log, without having ordered one. This lead to a series of incidents, also involving Opera and its security team. The backstory Google promptly contacted Symantec who had issued the pre-certificate, and blocked the certificate in Chrome. Symantec investigated and found out that they had made mistakes...

Remember the SuperFish scandal? A third party application installed a Certificate Authority on PCs, and then hijacked all secure connections by serving browsers certificates from this local certificate authority. The SuperFish issue was widely publicized, partly because it combined several bad practices, but it is far from the only program out there that attempts to...

When a browser and website communicate over a secure connection, they encrypt and decrypt the data using a shared symmetric encryption key; the same key is used for encryption and decryption. In order for the browser and server to make sure they use the same key, they first need to share the key with each...

The FREAK TLS attack Following the trend of memorable names for TLS attacks, FREAK was recently announced. This exploits a bug in some TLS libraries, combined with the support of ancient weak ciphers, to enable a MitM to force crackable encryption. (The story of these ciphers is quite interesting, but plenty has been written elsewhere...

You might have seen our press release that Opera’s Rocket Optimizer can now optimize encrypted video streams. The attentive reader will already have halted and said, “wait, what?”. In this blog post, we’ll explain how this works. Rocket Optimizer works at the ISP level, ensuring that all subscribers get an optimal experience. When available bandwidth...