If the traffic is encrypted then they wouldn't see into it, but it would go through their servers, so in worst case scenario you'd be surfing from behind the Great Chinese Firewall
The traffic is encrypted between you and the server. They control that server, where it gets decrypted to be sent out over the public internet (where it may be encrypted or not depending on the site). You've introduced a man in the middle. You must trust that man (but that man also already controls the source code for your browser, which can also see all your traffic).
SurfEasy (the provider of the service) is a Canadian company, so it follows Canadian data privacy laws (which are pretty good; when I worked there, Michael Geist was an advisor).
Opera has a long history of adding innovative browser features. There's no reason to think that this has some kind of ulterior motive related to a rumored sale.
I am thinking that announcing this feature may be a tactic to win back consumer trust or in the least attract new customers who are not familiar with the potential buyout.
The VPN is operated by "SurfEasy Inc., an Opera company based in Canada".
Just tested it and it worked flawlessly to watch a YouTube video that has been blocked in my country. [Edit: Netflix seems to block SurfEasy already. Sad.]
They didn’t exactly get a standing ovation the last time¹ they were mentioned on here though (for good reason… if they’re offering a service to help protect people’s privacy, it seems a bit odd that they’d opt to compromise said people’s privacy by having multiple trackers on their website).
I'd mainly be worried how said VPN is using the subscriber data and what is their policy on storing access logs. But even they promise to not track you how would one even hold them to account considering that they must have an interest in the data due to their adtech part of how the parent/sister Opera company makes its money.
BTW, apparently in order to purchase anything (e.g. to try out YouTube Red -- which checks your Google Payments data) you may still need a credit card matching the country.
This bit me when I tried purchasing foreign versions of games on Steam before (which pre-digital distribution was possible via imports but now tends to suffer from region locking).
As far as Steam is concerned I used Entropay for virtual pre-paid debit cards. I live in the middle east and it happily validated any US address. Entropay does take a 5% commission if you top-up with a credit/debit card however.
Probably they also have some heuristics that look closely at people who geoip in a different country than their billing records, and whose IP address seems to be in a colo rather than a DSL subscriber block.
This is why I would love to see a Visa card that anonymises you to corporations, but not necessarily the government - and available to those overseas. Don't suppose such a thing exists?
Edit: Scratch that. What I'd like is a high speed consumer cable account that I could proxy into.
What you need is a friend abroad and a raspberry pi.
I have a raspberry pi attached to the wall of a home which is not my own. It's in a country where I occasionally want to be (in a geoip sense of "be"). The rpi maintains a VPN connection to me, so I can reach it even though it's behind a NAT middlebox that knows nothing about it.
A danger is that stranger will abuse your connection to send spam or even worse things. And you might have a visit from police. Also, I'm sure, reselling your home connection is forbidden by your provider. So it's kind of grey zone.
Just buy a Visa or Amex gift card with cash. It's a normal credit card number you can use online and some of them can be reloaded. Sometimes not reloading is best, so your subscriptions won't auto-renew and you can cut your paper trail by opening a new account with a new credit (gift) card.
>Probably they also have some heuristics that look closely at people who geoip in a different country than their billing records
I have paid for American Netflix for years and years but I'm forced now to watch Dutch Netflix because I live there. It's not based on where you pay but where you are.
I am running a VPN on my own server to access content, and the server is on the same timezone.
I stopped my Netflix subscription a month ago because they started blocking me.
I would say the IP checking against datacenter block is the most plausible, but I also remember seeing a link on HN showing how to detect VPN usage through MTU size, so that could be a possibly more involved solution ...
It would probably be way too much work to implement on top of their infrastructure though, when IP block checking must be good enough.
If not already, probably soon. Being free and probably popular...this service will hit the radar for Netflix, Cloudflare captcha hell, etc, in fairly short order.
Just tried out the developer version (http://www.opera.com/developer - built-in VPN and ad blocking is currently only available in the developer version of Opera). Both the ad blocking and the VPN works great in the few sites I tested. I especially love that turning the VPN on doesn't require any type of login.
Couple with native adblocking I'm very tempted to switch browsers (from FF) and probably do so when available. But it just sounds too good, what is the catch?
I'm not a specialist, but you can start by researching how the Opera company makes money.
It would seem to me a possible future "catch" would be that they could charge selected advertisers to let their ads through...
"How Opera makes money"
Opera provides cloud-based mobile services and
solutions to operators, publishers and advertisers
and enables hundreds of millions of consumers, via
the Company's global cloud infrastructure, to
connect to the internet content and services that
matter most to them. Along those lines, Opera has
different revenue models, depending on the
customer type:
*Operators.*
Opera's revenue sources from this
hosted solution include active user fees, data
fees, NRE/development fees, hosting services,
advertising and maintenance, and support.
*Mobile consumers*
(via partnerships with search
providers and advertisers). The primary driver of
mobile consumer revenue is revenue from mobile
search, the Opera Mobile Store and active user
growth.
*Mobile publishers and advertisers.*
Revenue comes
from Opera's mobile advertising services and
technology solutions, offered to premium and
performance advertisers, ad agencies, publishers
and developers.
*Device OEMs.*
Revenue comes through license
agreements with a wide range of
consumer-electronic-device OEMs.
*Desktop consumers.*
Revenue comes primarily from
search and e-commerce partnerships.
Thanks, this same announcement says though that Opera now has Support for adding a personal ad blocker list. I don't think they would add this feature to just circumvent later, imho it would do more harm than good for their business.
If they don't want to push me using their other services putting their hands on and selling my data, while working on secure and anonymous browser that would be really nice. Sadly I don't see there is money in a product/service like that.
I switched to opera on Linux recently as Chrome and then Firefox had gotten a bit slow or unstable for me as of late. Have to say, I am very pleased. It's tidy, fast and integrates in pretty well on Linux. It's also featured packed without the agonizingly long startups Chrome was giving me.
I know they monetize with ads and such, but I haven't found them intrusive at all. I think one of their major sources is that they have a kind of Flipboard-esque feed of news articles on your home screen at the bottom. If that is where they do their advertising then it's a model of how to do it IMO. I've found that the articles it shows are genuinely things I want to read and it's not intrusive at all; in fact I'd miss it if it was gone.
Add inherited from Chrome dev console and awesome logo! ;) I'm trying to use it as main browser today. Only annoying thing is [x] button on the left side of the tab.
Really? I am all for it, but in 2016 putting an extra server in the middle of my request isn't really a game changer. Brave is leading the charge with extensions as a service, and I love them for it. However, I just can't see it being profitable. Brave can def make money, but I don't think people care about privacy. The other usecases make sense, but between opera or brave (both totally unknown companies to non tech crowd) Brave would for sure win that.
In Opera's case, one more person would get "all" the data. In all other cases, 1-3 companies get all the data. So it's good, I just can't call it a game changer.
It's better you say nothing at all just read and leave or the down voting brigade will sink you for your freedom of thought or umm speech. There's no tolerance for antidiscipline up on here
"This is why we today have more engineers than ever before working on new features for our desktop browser."
Is this true or just PR BS? Because my understanding is that they had laid off most of the desktop browser team a few years ago and there were only a few left working on it.
Now they're based on Blink, so the they don't have to work on the core features of a browser engine. I imagine that means they have more engineers working on what they class "features for our desktop browser" as in user facing features, rather than W3C spec implementation.
Opera does still contribute quite a lot to blink/chromium (check out https://operasoftware.github.io/upstreamtools/ which lists them), though the gist of what you've said still stands.
They laid off most of their presto team but they did higher more for the new blink browser. It doesn't matter anyway I'm sure the Chinese buying would have given them a temporary revenue
As of now it's working in China. I'm able to access Facebook/Twitter/Youtube/Google without my normal vpn or ssh tunnel. Will be pretty useful if it stands up to the constant changes. Great work!
Data of course! Opera (the company) are one of the big players in mobile advertising. They have their own mobile ad platform [0], and a few years ago acquired a couple of agencies that specialise in mobile advertising [1].
If they can support a secure, adless, anonymous desktop browser for PR exposure by relying on the mobile version displaying ads I would be ok with that.
Or your provider, or Opera, or own server with VPN. For majority of people setting up own server is too complicated, so it's much better than nothing, especially when you are in place where you can use only non-secure wifi network.
Yes, but if you live somewhere that definitely surveils your communications or prevents you from accessing certain content, a VPN is a good way to browse as though you were physically located somewhere more permissive.
I've got a few questions, and their puffy news post doesn't answer them:
* Is this a real VPN service, or simply an HTTP/HTTPS proxy?
* Is DNS resolution also securely handled through the tunnel, or does this stay in the clear?
* What region(s) is their VPN service located in?
* Is it possible for other software to use this tunnel in any way?
Upon first reading, this doesn't seem very different from their old "accelerator proxies" which compressed HTTP traffic into a binary format, and reduced image detail/resolution, but with a new marketing spin and those old features removed or disabled.
Just installed it, and looks like you get, Canada, US, and Germany as options for the VPN. Tiny text below the enable button has this:
"Secure proxy provided by SurfEasy Inc., an Opera company based in Canada. By using the service you accept the Terms of Service.
VPN connects to other servers around the world so your connection speed might be affected."
My only gripe with it so far is the VPN is across all tabs, so I have to switch it off to access some of my office VPN sites
Ultimately, nothing. They could still aggregate your usage data, though, and not necessarily be out anything investment-wise, compared to using the Opera client proper.
There’s a few things that would (probably) stop this from working, but it is possible that the new Opera-based implementation is different than when we implemented it (the proxy version) as a custom Firefox browser back in 2011–2013.
132 comments
[ 4.2 ms ] story [ 55.6 ms ] threadAccording this chart of vpn's, OpenVPN
That One Privacy Guy's VPN Comparison Chart
https://docs.google.com/spreadsheets/d/1FJTvWT5RHFSYuEoFVpAe...
edit: Name of the service is SurfEasy
1:https://www.theguardian.com/technology/2016/feb/11/browser-m...
Just tested it and it worked flawlessly to watch a YouTube video that has been blocked in my country. [Edit: Netflix seems to block SurfEasy already. Sad.]
――――――
¹ — https://news.ycombinator.com/item?id=10700792
This bit me when I tried purchasing foreign versions of games on Steam before (which pre-digital distribution was possible via imports but now tends to suffer from region locking).
Probably they also have some heuristics that look closely at people who geoip in a different country than their billing records, and whose IP address seems to be in a colo rather than a DSL subscriber block.
Edit: Scratch that. What I'd like is a high speed consumer cable account that I could proxy into.
I have a raspberry pi attached to the wall of a home which is not my own. It's in a country where I occasionally want to be (in a geoip sense of "be"). The rpi maintains a VPN connection to me, so I can reach it even though it's behind a NAT middlebox that knows nothing about it.
I'd gladly pay someone to access a portion of their bandwidth - at least enough that I could stream content.
Potential founders should consider the costs of providing tech support for a tunnel that crosses two NATboxes, both controlled by strangers.
Anyway, it was just a thought. It's possible it's impractical :-)
https://www.amazon.com/gp/product/B00YD563L8/gcrnsts
I have paid for American Netflix for years and years but I'm forced now to watch Dutch Netflix because I live there. It's not based on where you pay but where you are.
I stopped my Netflix subscription a month ago because they started blocking me.
I would say the IP checking against datacenter block is the most plausible, but I also remember seeing a link on HN showing how to detect VPN usage through MTU size, so that could be a possibly more involved solution ... It would probably be way too much work to implement on top of their infrastructure though, when IP block checking must be good enough.
https://addons.mozilla.org/en-US/firefox/addon/random-agent-...
Why this thing is called VPN anyway? It looks like HTTP proxy should be enough for browser.
From their own FAQ: http://www.operasoftware.com/press/faq
If they don't want to push me using their other services putting their hands on and selling my data, while working on secure and anonymous browser that would be really nice. Sadly I don't see there is money in a product/service like that.
I know they monetize with ads and such, but I haven't found them intrusive at all. I think one of their major sources is that they have a kind of Flipboard-esque feed of news articles on your home screen at the bottom. If that is where they do their advertising then it's a model of how to do it IMO. I've found that the articles it shows are genuinely things I want to read and it's not intrusive at all; in fact I'd miss it if it was gone.
In Opera's case, one more person would get "all" the data. In all other cases, 1-3 companies get all the data. So it's good, I just can't call it a game changer.
Is this true or just PR BS? Because my understanding is that they had laid off most of the desktop browser team a few years ago and there were only a few left working on it.
Serious question: Money wise, how are they able to afford this?
[0] http://operamediaworks.com/
[1] http://techcrunch.com/2012/02/16/opera-snaps-up-mobile-theor...
* Is this a real VPN service, or simply an HTTP/HTTPS proxy?
* Is DNS resolution also securely handled through the tunnel, or does this stay in the clear?
* What region(s) is their VPN service located in?
* Is it possible for other software to use this tunnel in any way?
Upon first reading, this doesn't seem very different from their old "accelerator proxies" which compressed HTTP traffic into a binary format, and reduced image detail/resolution, but with a new marketing spin and those old features removed or disabled.
"Secure proxy provided by SurfEasy Inc., an Opera company based in Canada. By using the service you accept the Terms of Service. VPN connects to other servers around the world so your connection speed might be affected."
My only gripe with it so far is the VPN is across all tabs, so I have to switch it off to access some of my office VPN sites
I just installed the Opera developer version and can't seem to find anything to enable or configure VPN usage.
After you do that it shows up in the address bar beside the SSL lock
Are the OS overrides for DNS entries (e.g., hosts file) used at all in this case?