Opera (Presto) - browser listing suggestion

[freakazoid]

New release was probably security-related with the Presto engine.

Opera Mail also got an update, which kind of confirms my suspicions

[Emka]

We realize that those of you on old operating systems like Windows XP SP1 and older are left without much choice beyond using our Presto-based browser. With security standards on the web changing so much we didn’t want to leave you completely alone (even though we are not updating this product any longer) – we’ve just released an update for Opera 12, the last, stable Presto version.

In order to make your browser, and its mail client, function well on the present-day web, we’ve made a few changes, with a focus on the security aspect. The most important change is the support for ECC cipher suites used in secure connections. Another addition is GCM. Opera 12 now supports the same set of ciphers as other modern browsers. We have seen that many domains are relying on ECC certificates, thus making Opera 12 unable to connect. Similarly most clients using TLS have deprecated RC4 from the list of secure ciphers. We have done the same in this update. There is a setting to turn it back on, in case you need it. Since more servers are supporting TLS 1.2, we have enabled that by default.

Along with the Opera 12 update, we have also decided to update Opera Mail. Recently we were notified of a security issue in the standalone mail client by a security researcher, Zhen Hui Lee from Future Team. This vulnerability may allow code execution on the user’s machine using a carefully crafted message and some specific user interaction. As a company, we are committed to the security of our products, so we took necessary steps to fix this issue.

Those of you who use Opera 12 and Opera Mail should be auto-updated to the latest version soon. Those who prefer offline updates can download the releases of Opera 12 and Opera Mail. You should know that the above-mentioned security issue affects only the Windows version of Opera Mail. Further, as we don’t see a significant number of users of Opera 12 and Opera Mail on non-Windows platforms, we won’t be updating for those.

Finally, even with this security update being issued, we would urge those of you still using Windows XP SP1 and older to upgrade to a newer/supported OS and then to the latest Opera 35. This is essential, since the web is a constantly changing platform and a product not being given any measure of development time cannot stay secure and functional. Today’s websites are also relying on modern technologies and features, which need up-to-date versions of browsers that support them.

http://www.opera.com/blogs/security/201 ... ty-update/

[billon]

We realize that those of you on old operating systems like Windows XP SP1 and older

what a fugin moron

[Specular]

We realize that those of you on old operating systems like Windows XP SP1 and older

what a fugin moron

It's a bit insulting to users, sure. When you think about it though someone at Opera had to justify and frame updating an old release while still trying to make it look like the latest versions were the ones users should use.

Under the circumstances and given the recent Chinese buy-out I'll take any updates over none.

[smaragdus]

Opera Presto rocks, Opera Blink sucks. I wonder how much time do the idiots from Opera Software need to realize that ChromeOpera is an enormous failure. I still have the real Opera installed mainly out of sentimentality. I do hope that the Chinese investors have more brains than the Norwegian morons who destroyed the great browser. I do hope that the Chinese will acquire Opera Software and will resurrect the real Opera.

[Checker]

Opera Presto rocks, Opera Blink sucks.

+1

I still have the real Opera installed mainly out of sentimentality.

Me, too
I'm using Opera@USB v10.0 with a 'special skin' (which sadly isn't compatible to later versions).
But I have the latest Firefox version as well

[webfork]

PFW users:

I've generally made it the policy of the site to add a security notice to some of the older browsers mentioned here on the site (here are a few examples) to help set expectations for visitors. People have strong feelings about Opera (Presto) so I wanted to poll site users before making any dramatic edits to the entry.

My rationale for adding it now is the presence of some recent, high profile security issues that affected a very broad range of software and architectures (e.g. Meltdown and Spectre). There hasn't been an update to the program in 2.5 years and it's unlikely that the old version of Opera somehow escaped all these issues. As such, a note seems warranted.

Thoughts?

[SYSTEM]

PFW users:

I've generally made it the policy of the site to add a security notice to some of the older browsers mentioned here on the site (here are a few examples) to help set expectations for visitors. People have strong feelings about Opera (Presto) so I wanted to poll site users before making any dramatic edits to the entry.

My rationale for adding it now is the presence of some recent, high profile security issues that affected a very broad range of software and architectures (e.g. Meltdown and Spectre). There hasn't been an update to the program in 2.5 years and it's unlikely that the old version of Opera somehow escaped all these issues. As such, a note seems warranted.

Thoughts?

I'm opposed.

Meltdown and Spectre got attention primarily because 1) as hardware flaws, fully fixing them requires new CPUs, and 2) because they affect such a broad range of software. Other than that, they aren't very severe vulnerabilities: just information leaks.

[Specular]

My rationale for adding it now is the presence of some recent, high profile security issues that affected a very broad range of software and architectures (e.g. Meltdown and Spectre). There hasn't been an update to the program in 2.5 years and it's unlikely that the old version of Opera somehow escaped all these issues. As such, a note seems warranted.

Thoughts?

From what I've read with Spectre for it to be exploited over the internet via a web page it requires very precise timing info using Javascript. I had my doubts whether Presto even supported the necessary functions and searching around according to this write-up it doesn't support them.

So I'm not sure it's actually necessary in that specific instance though I think it's fair enough to add a note mentioning that since it hasn't been updated for a while users won't receive the latest security updates, in general.

[webfork]

I'm opposed.

Meltdown and Spectre got attention primarily because 1) as hardware flaws, fully fixing them requires new CPUs, and 2) because they affect such a broad range of software. Other than that, they aren't very severe vulnerabilities: just information leaks.

I can appreciate that the Presto browser engine may have escaped Meltdown and Spectre, but do you feel like the program is still secure with no updates in the last ~30 months?

[SYSTEM]

I'm opposed.

Meltdown and Spectre got attention primarily because 1) as hardware flaws, fully fixing them requires new CPUs, and 2) because they affect such a broad range of software. Other than that, they aren't very severe vulnerabilities: just information leaks.

I can appreciate that the Presto browser engine may have escaped Meltdown and Spectre, but do you feel like the program is still secure with no updates in the last ~30 months?

No, definitely not. I think there should absolutely be a security notice (I'm surprised there isn't one already), it just shouldn't be about Meltdown and Spectre.

[webfork]

No, definitely not. I think there should absolutely be a security notice (I'm surprised there isn't one already), it just shouldn't be about Meltdown and Spectre.

Got it, just wanted to make sure I understood. Thanks