According to data collected by Secunia Software Inspector from over 350,000 inspections, Opera users are most likely to be running old versions of the software. According to this report 5.19% of all Firefox v2 installations miss security updates, whereas 11.96% of all Opera v9 installations miss security updates, and the numbers for Internet Explorer v6 and Internet Explorer v7 are 9.61% and 5.4% respectively.

I am not surprised that Firefox users are most updated because Firefox has an excellent auto-update system which automatically notifies its users when an update is available and downloads only the updated files. Opera also notifies it’s users when an update is available but it’s users have to download the full installation file manually from it’s website.
(more…)

Opera Software has announced yet another Widget Developer contest. Up for grabs are a Windows Mobile phone (that runs Opera), Nintendo DS Lite and Opera goodie bags. You can find more detail here. Few months back Opera gave away a Nintendo Wii and Nintendo DS Lite in another Widget Developer contest. However, this time the contest has a definite theme - “Travellers”.

Widgets was one of the big new features in Opera v9. Since, its release Opera Soft has actively promoted it and encouraged developers to create widget. The surprise new feature in Opera v8 was userjs. However, Opera has done precious little to encourage userjs writers. Opera’s negligence towards userjs is evident from the fact that myOpera doesn’t yet have an userjs gallery. The only site dedicated to Opera’s userjs - userjs.org (created by Arve Bersvendsen - an Opera user), is now defunct. Userjs is a wonderful tool and scripts like oSpell demonstrate its power. Yet, there are very few quality userjs available for Opera (especially in comparison to the number of Greasemonkey scripts being developed by the large Firefox community).

Undoubtedly, widgets are useful (especially on Mobile platform) and I am happy to see Opera actively promising Widgets. Last time we got two fantastic widgets from the winners (Video Manager and Time and Date). If Opera Software makes similar investment into userjs, I am sure we would have more quality scripts being written.

Related : Top 13 Userjs Written for Opera

LaFlecha is reporting that due to a bug in Opera Browser, a malformed Torrent file (*.torrent) can cause it to consume 100% cpu resources thus making the system unusable. According to this report, this bug affects Opera for Windows running on Windows SP1 or SP2. A proof of concept code has also been published. It’s unclear if previous versions of Opera and Opera running on other platforms are affected as well. I am not sure about the severity of the exploit either. If it’s just a problem of high cpu usage, then its not a critical vulnerability. I checked with Secunia, but couldn’t find any mention of this vulnerability there. However, as a precautionary measure you can disable torrent integration in Opera. You can disable it by un-checking the box next to “Enable“.

If the report on LeFlacha is true then this would be the 4rth exploit to be discovered in Opera v9 in 2007 - compared to 3 in Mozilla Firefox v2 (of which 1 is unpatched), and 5 in Internet Explorer v7 (of which 3 are unpatched).

(via TorrentFreak)

Update (22nd May) : This vulnerability has been fixed in Opera v9.21. Opera’s advisory related to this exploit is available here.

The web is a good place to look up many gems of wisdom - like whether “userjs” is a real thing, or just a typo. Find out how to improve Internet speed, locate a loan calculator. Hey, you can even learn how to perform an oil change all by yourself!

Userjs is a powerfull tool that allows the user to modify a website according to his needs. It basically allows you to specify local JavaScript files for Opera to include on every page that you visit. It’s identical to what Greasemonkey does in Mozilla Firefox and Creammonkey does in Safari. It was introduced in Opera v8. However, only very few Opera users make use of this excellent option. My article on Customising Opera had an entire section devoted to userjs but that article is pretty much outdated. Hence, I decided to compile a brand new list.

Before Getting Started - Installing Userjs is very simply. You need to create a separate directory for storing all your userjs files. It may be anywhere on your hard disk. Then go to Tools –> Preferences –> Advanced –> Content –> JavaScript Options.Enter the location of your userjs directory in the My Java script files box. Now you need to place all downloaded scripts in this folder.
I would also suggest that you download this script �by Tarquin for better compatibility with greasemonkey scripts.

13. Windows Media Player ActiveX Control - Recently Microsoft released WMP ActiveX Control plugin for Firefox, which made all WMP videos playable in Firefox. Of course, no big corporate gives a damn about a browser with 1% market share. Hence, as usual Opera users were left high and dry. Thankfully Hallvord has come out with a script that attempts to make websites using WMP ActiveX Control viewable in Opera. It’s not perfect, but you should install it.

12. The world through a Google - This script by Jo�o Eiras (xEarth) fixes most of the issues presented by Google Services like Google Docs, Google Spreadsheets, Google Calender and Google Picassa Web. A must have if you use any of the services mentioned above.

11.�Linkifier Plus�-�Converts text links to clickable hyperlinks. More information is available here.
If you experience problems with Linkifier Plus, give Ayush’s version a try.

10.� Ajax for Yahoo Mail Classic - I have written about this script previously on my blog. If you prefer the classic look of yahoo mail over its present clunky version (some of which doesnt work in Opera even after extensive patching through browserjs), then this script by Vivek Jishtu is a must have. It adds the ability to open emails inline, without opening a new page.

9. �No click-to-activate - Opera 9 requires you to click on embedded content like Java applet or Flash videos to activate them (if you want to know the reason behind this move click here). This can be extremely annoying while browsing an website which uses multiple flash videos or java applets. Allthough the webdesigners can easily override this behaviour very few of them actually do this. This script by Mark Wilton-Jones (Tarquin) allows users to override this browser behaviour.

8.�Extra-download-links�-�Normally links to embedded objects are not visible in Opera’s Links Panel. This script by Jo�o Eiras (xEarth) adds invisible anchors for every image, embed, object, applet and iframe to the page�which�makes�them�available via the links panel for quick download.

7.�Link Alert - This script by Mark Wilton-Jones�(Tarquin)�identifies links to specific file types, and displays an appropriate icon when the link is hovered. Additionally, it can also highlight links with “nofollow”, however this functionality is disabled by default.

(more…)

There is a top-shelf higher education resource that provides great information about school software, along with other meaty learning topics, such as how to pursue an online law degree and even how to afford those expensive schoolbooks. Click over to an enriching online education clearning house.

Hi there! Its time for another longish edition of Opera Bytes. I shall take you through all the hot news and scoops from world of Opera.
Yesterday, Johan Borg posted a rather poetic update in the Desktop Team Blog, regarding the future of Opera. Of course, like everything coming from Opera Soft. Developers, it was vague (and believe me very very vague). You can read his blog-post here. The main revelations were:

• A new (weekly build) build of Opera v9.20 with a new feature (never seen in a desktop browser before), will be unveiled later this month. Meanwhile, you can download the latest weekly build from here.
• The next major build of Opera - codenamed as Kestrel, will aim to further unify various builds of Opera for various platforms. A part from that it will also contain several rendering improvements.
• Kestrel will be followed by Peregrine. This will be a significant update. My guess is that Kestrel will be released as Opera v9.50, and Peregrine will be Opera v10. It will contain significant improvements in the user interface, improved standards support, improved performance, thousands of bug fixes and groundbreaking new functionality (any guesses? ).
• The much requested auto-updater is coming.
• Opera Mail (M2) will also be improved in Peregrine. Tim Altman revealed that one of the most-debated wish list items will finally appear. I am guessing that it may be support for html emails (just a guess). Besides that, the indexing back-end will be replaced, which will hopefully fix a long-standing and dreaded indexing corruption bug.
• David Storey has blogged about the logic behind the codenames. You can read his article here.

(more…)

As I mentioned in my previous blogpost, couple of days ago Opera and iDefence lab announced that opera v9.x suffered from two highly critical vulnerabilities. Both of them have been patched in the latest release v9.1. However, the timing of the announcement has created a fair amount of controversy. Today I read Asa Dotzler’s blogpost - Opera fails to notify users at risk
He says :

Not telling the user that an update is a critical security update and that the unfixed versions of the browser are vulnerable to remote attack is just wrong.

By adopting this practice, Opera is doing their users a great disservice. If Opera has fixed any serious security flaw, the only responsible way to ensure that users are safe is to clearly and consistently explain to those users that the latest release of the browser has fixed security flaws and users should immediately update or face real dangers on the web. Opera should be using the press it gets around releases to forcefully proclaim that previous versions of their browser are unsafe and should not be used. Failing to use the loudest microphone they have to reach their users in cases involving user safety is simply unacceptable.

Asa Dotzler is (in)famous for bashing Opera (for ridiculous reasons) in the past. However, this time around he does make a valid point. Failing to mention in the changelog that you have fixed a critical vulnerability is shabby. Have a look at the timeline of events :

11/16/2006 iDefence notifies Opera about this.
11/17/2006 Opera sends a response to iDefence.
11/17/2006 Opera releases a weekly build of v9.1. Doesn’t say anything about the vulnerability. Between this time and 18th Dec they release several weekly builds. None of the changelogs contain any information about the security vulnerability.
12/18/2006 Opera releases 9.1 final in which this has been fixed. However, the changelog fails to mention this.
01/05/2007 Opera and iDefence jointly releases details about these security holes.

Its baffling that they waited for 3 weeks before going public with this piece of information. In the past they have always revealed the security vulnerabilities fixed in the changelog, and their response time is generally around a couple of days.

Opera has also received flak for downplaying the seriousness of these exploits. If properly exploited (which is difficult but not impossible) it can allow execution of arbitrary code, which can be very dangerous. Yet, Opera Soft chose to classify them as moderate (apparently their reasoning is that the vulnerability is difficult to exploit).

The problem with not declaring that an update has security fixes is that many users (especially those having slow internet connections) may not download the newer version, which they think has only cosmetic additions. The fact that opera doesn’t have a proper update system doesn’t help either. In spite of the fact that in a normal upgrade majority of the files are unchanged users have to download the entire setup file. Opera should either add an update system like Mozilla Firefox or start distributing smaller setups with only the newer files.

However, I would like to state that I do not believe that Opera did this on purpose. It’s probably a mistake/slip-up on their part.

Update (8th Jan) : Opera has issued an clarification regarding this issue.

It is important that both parties do respect each other: if a fix is included also in development snapshot builds that reach a public audience (like the weekly builds on this blog), fixes for the vulnerability are not announced: this is a form of respect both for the reporter and for all the users that only upgrade to stable releases. Making the vulnerability public knowledge before a stable version fixes the issue would leave lots of users vulnerable. Serious reporters do not announce vulnerabilities before vendors have a fix in public builds - and vendors do not announce vulnerabilities before the reporters makes their discovery public, in order to properly credit them.

You can read the entire clarification here. Hopefully this would end this unfortunate controversy.

It’s time again for some Opera stuff. There is some good news for Opera fans. According to Market Share opera’s market share has increased from 0.52% in the beginning of the year to 0.87% in December. It’s currently in 4rth position; well behind Internet Explorer (79.64%), Mozilla Firefox (14% - which is an increase of 4.5% from Jan ‘06) and Safari (4.24%). Netscape is now just behind Opera with 0.85% (it had 1.17% market share in Jan ‘06). So, Opera v9 is indeed making some headway.
Opera 9 has already impressed a lot of Techies. eWeek chose Opera as one of the Top Products of 2006. Digit – leading tech magazine in India now includes Opera in its list of essential software.

However, Opera’s market share is still small enough for major websites to completely ignore the browser. The latest offender is Askx - the new Web 2.0 avatar of the search engine Ask.com. And again the problem is due to lousy web developers. You can find more info on this here.
(more…)

After a pretty long lay-off I am back to blogging again. Hopefully, I will manage to (read: I will not be lazy) to update my blog more often. Anyway, let me first start off with some news about Opera.

i ) Opera v9.02 RC2 released : Opera v9.02 RC2 was released a few hours ago. Do check it out. Among other things live.com now works better in the RC builds.
For Windows, Mac, Unix .

ii) Opera attempts to patch Yahoo mail beta : Last year I had blogged about the new Yahoo Mail beta not supporting Opera ( link ). Opera dev Hallvord had then left a comment stating Opera soft will be working on it. He has kept his promise. Today or so (in Hallvord’s words) OddPatch 0.1 Beta will be launched. It will attempt to fix the flaws in Yahoo mail’s scripting through Opera’s browser.js . He writes in his blog :

iii) Trond Werner Hansen leaves Opera : Trond who was involved with design and UI development related activities for Windows version of the browser, since 1999 left the company last week to pursue interests in music. He wrote a farewell message here .

iv) Opera’s CTO Hakon Wium Lie gets interviewed by Zdnet : A must read for any Opera fan. As usual, Mr. Lie didnt mince his words as far as Microsoft and Internet Explorer is concerned.

Excerpt from the Interview :

Part 1 | Part 2

v) Nintendo showcases Opera for Wii : Nintendo has released a bunch of videos showing Opera for Wii in action.

Searching Google
Zooming and playing Multimedia in Opera
Browsing Google Maps
Source

vi) Opera.com is redesigned : Opera has decided to simplify their home page ( Screenshot of old page and new page ). All details about Opera for Mobile and other devices have been moved to separate pages, which is a good thing in my opinion.

Thats all for now