Opera Releases Updated Version of Its Browser

Opera has released a second beta version of its next browser which addresses the IDN exploit problem. This lastest version, 8.0 beta 2, is now available at http://www.opera.com/windows/changelogs/800b2/ .

The problem is addressed by using a security bar to display information about a site. The yellow security bar appears on secure sites and displays the name of the organization that owns the certificate. I guess the idea is that this'll bust phishing attempts that are used against secure sites like Paypal and so on.

On the other hand I'm wondering how much good is this going to do against more subtle attempts -- like those that direct you to a fake CNN site, which is providing fake information, in order to get you to buy something/take an action. That's why I prefer something like SpoofStick, which just tells you the domain name and doesn't try to give you any security information.

(The URL above mentions: "This release features whitelisting of top-level domains that have implemented anti-homographic character policies or otherwise limited the available set of characters to prevent URL spoofing through use of internationalized domain names (IDN)." That's a good idea, too, if it catches on, but how many TLDs will participate?)

The changelog is also available at the URL above. Other changes include enabled downloading of the file ua.ini for site-specific changing of the user agent string (woo hoo!), click-and-hold history lists and support for and auto-detection of Atom newsfeeds.

Posted to Internet-Technology-Browsers | TrackBack