PDA

View Full Version : Opera 9.5 Built in Firewall



ASCII
06-08-08, 06:09 PM
Don't know if any other browsers these days have firewalls but the new
Opera does and passes as stealth on shields up as well as withstands all
pcflank can throw at it. Also passes the latest leak test so probably
does stateful packet inspection too. http://tinyurl.com/z85y

Ansgar -59cobalt- Wiechers
06-08-08, 06:41 PM
ASCII <f@l.se> wrote:
> Don't know if any other browsers these days have firewalls but the new
> Opera does and passes as stealth on shields up as well as withstands
> all pcflank can throw at it. Also passes the latest leak test so
> probably does stateful packet inspection too.

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

ruens
06-08-08, 11:57 PM
On Sun, 08 Jun 2008 16:09:29 -0700, ASCII <f@l.se> wrote:

>Don't know if any other browsers these days have firewalls but the new
>Opera does and passes as stealth on shields up as well as withstands all
>pcflank can throw at it. Also passes the latest leak test so probably
>does stateful packet inspection too. http://tinyurl.com/z85y

Spammer!

Root Kit
06-09-08, 01:09 AM
On Mon, 09 Jun 2008 04:57:18 GMT, ruens <posted@usenet.group> wrote:

>On Sun, 08 Jun 2008 16:09:29 -0700, ASCII <f@l.se> wrote:
>
>>Don't know if any other browsers these days have firewalls but the new
>>Opera does and passes as stealth on shields up as well as withstands all
>>pcflank can throw at it. Also passes the latest leak test so probably
>>does stateful packet inspection too. http://tinyurl.com/z85y
>
>Spammer!

I wouldn't call that spam. It's either a joke or a sad example of a
clueless dude mislead by "security" sites.

ASCII
06-09-08, 04:40 AM
Root Kit wrote:
>a sad example of a
>clueless dude mislead by "security" sites.

If you know of any effective attack against it,
how about posting a URL,
otherwise you're as clueless as those other idiots
who sell hardware routers on commission
and need to maintain their illusion of superiority

Ansgar -59cobalt- Wiechers
06-09-08, 06:12 AM
ASCII <f@l.se> wrote:
> Root Kit wrote:
>> a sad example of a clueless dude mislead by "security" sites.
>
> If you know of any effective attack against it, how about posting a
> URL, otherwise you're as clueless as those other idiots who sell
> hardware routers on commission and need to maintain their illusion of
> superiority

Buster, you don't have the slightest idea of what you're talking about.

1. There's no such thing as "stealth" in IP. That's just braindead
marketing babble of people who failed to understand how IP works.

2. Client applications (like, say, web browsers) are not supposed to
open listening sockets on external interfaces. Therefore there's no
need at all to firewall them.

3. Stateful inspection doesn't have anything at all to do with
preventing data leaks.

Now get lost.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

VanguardLH
06-09-08, 09:30 AM
"ASCII" wrote in <news:484c64bc.3917282@reader.usenet4all.se>:

> Don't know if any other browsers these days have firewalls but the new
> Opera does and passes as stealth on shields up as well as withstands all
> pcflank can throw at it. Also passes the latest leak test so probably
> does stateful packet inspection too. http://tinyurl.com/z85y

Why would there be any advantage for firewalling just one application?
Sandboxing: yes. Web browser: why? And why promote a BETA version?

Must be a very minor feature if they don't even bothering mentioning it
at http://www.opera.com/products/desktop/next/ on the page or in their
tour video, nor is a firewall mentioned in their changelogs at
http://www.opera.com/docs/changelogs/windows/.

ASCII
06-09-08, 01:29 PM
Ansgar -59cobalt- Wiechers wrote:
>
>Now get lost.

Good idea, since you obviously have nothing to contribute.
....and go find some other venue to air the frustration with your devoid
life, maybe play superman with an Amtrak.

ASCII
06-09-08, 01:41 PM
VanguardLH wrote:
>
>Why would there be any advantage for firewalling just one application?
>Sandboxing: yes. Web browser: why?

Just guessing that the primary interface (browser)
to the major source of danger (internet)
is the most likely focus of concern.
Sandboxing would be an unnecessary encumbrance
if all your applications were trusted

>And why promote a BETA version?

Not really 'promoting' it (I have no interest in the company) it was the
version I finally upgraded to from an earlier legacy v6.06 that I used
to run with everything from ATGuard to ZoneAlarm, but there are still
enough unresolved bugs that I've now gone back to the stable v9.27.
This version seems a little faster loading pages yet just as invisible
and/or invulnerable, so I'll stay here for awhile.

VanguardLH
06-09-08, 06:04 PM
"ASCII" wrote in <news:484e76d8.1840626@reader.usenet4all.se>:

> VanguardLH wrote:
>>
>>Why would there be any advantage for firewalling just one application?
>>Sandboxing: yes. Web browser: why?
>
> Just guessing that the primary interface (browser)
> to the major source of danger (internet)
> is the most likely focus of concern.

Which would be covered by a general firewall that enforces connectivity
on any particular application, including the web browser.

> Sandboxing would be an unnecessary encumbrance
> if all your applications were trusted

You just said that you didn't trust the web browser. Sandboxing doesn't
sandbox every application. It sandboxes just the application that you
want sandboxed. Have a look at Sandboxie.

>>And why promote a BETA version?
>
> Not really 'promoting' it (I have no interest in the company) it was the
> version I finally upgraded to from an earlier legacy v6.06 that I used
> to run with everything from ATGuard to ZoneAlarm, but there are still
> enough unresolved bugs that I've now gone back to the stable v9.27.
> This version seems a little faster loading pages yet just as invisible
> and/or invulnerable, so I'll stay here for awhile.

And as for the part that you snipped out, just WHERE does Opera claim
that their beta 9.5 version contains a firewall within just their
browser?

ASCII
06-10-08, 01:54 AM
VanguardLH wrote:
>"ASCII" wrote in <news:484e76d8.1840626@reader.usenet4all.se>:
>
>> VanguardLH wrote:
>>>
>>>Why would there be any advantage for firewalling just one application?
>>>Sandboxing: yes. Web browser: why?
>>
>> Just guessing that the primary interface (browser)
>> to the major source of danger (internet)
>> is the most likely focus of concern.
>
>Which would be covered by a general firewall that enforces connectivity
>on any particular application, including the web browser.
>
>> Sandboxing would be an unnecessary encumbrance
>> if all your applications were trusted
>
>You just said that you didn't trust the web browser. Sandboxing doesn't
>sandbox every application. It sandboxes just the application that you
>want sandboxed. Have a look at Sandboxie.

I never said I didn't trust the browser, just offered a guess as to why
it would include firewall behavior.

>>>And why promote a BETA version?
>>
>> Not really 'promoting' it (I have no interest in the company) it was the
>> version I finally upgraded to from an earlier legacy v6.06 that I used
>> to run with everything from ATGuard to ZoneAlarm, but there are still
>> enough unresolved bugs that I've now gone back to the stable v9.27.
>> This version seems a little faster loading pages yet just as invisible
>> and/or invulnerable, so I'll stay here for awhile.
>
>And as for the part that you snipped out, just WHERE does Opera claim
>that their beta 9.5 version contains a firewall within just their
>browser?

I don't recall them ever making such a claim, even though I was
surmising that it behaved as if it had a built in firewall.

Hey I'm not like that other twit that's only here to bicker and flame, I
was simply curious about the behavior of a browser I had just installed.

Root Kit
06-10-08, 02:49 AM
On Mon, 09 Jun 2008 23:54:46 -0700, ASCII <f@l.se> wrote:

>I never said I didn't trust the browser, just offered a guess as to why
>it would include firewall behavior.

Which it doesn't.

>I don't recall them ever making such a claim, even though I was
>surmising that it behaved as if it had a built in firewall.

Which it hasn't.

>Hey I'm not like that other twit that's only here to bicker and flame, I
>was simply curious about the behavior of a browser I had just installed.

Wrong. You were making ridiculous claims based on foolish "security
testing tools" providing output you didn't understand how to
interpret.

Opera is a good browser. It doesn't need clueless promotion.

VanguardLH
06-10-08, 04:21 AM
"ASCII" wrote in <news:484e2400.1342069@reader.usenet4all.se>:

> I don't recall them ever making such a claim,

Read your Subject line.

> even though I was
> surmising that it behaved as if it had a built in firewall.

Oh. Guess I won't waste more time trying to find out where was that
firewalling within Opera. If they had added it inside the app, I wanted
to see why they thought it was necessary. Please don't make up stuff.

ASCII
06-10-08, 09:55 AM
VanguardLH wrote:
>"ASCII" wrote in <news:484e2400.1342069@reader.usenet4all.se>:
>
>> I don't recall them ever making such a claim,
>
>Read your Subject line.

My subject line, not Opera's, and it was because I got online results
that would indicate some firewall behavior was taking place. I thought
there might be a new trend in current browsers that I was unaware of,
sorry to see this group has fallen so far.

>> even though I was
>> surmising that it behaved as if it had a built in firewall.
>
>Oh. Guess I won't waste more time trying to find out where was that
>firewalling within Opera. If they had added it inside the app, I wanted
>to see why they thought it was necessary.

I only guessed why it behaved as it does, I have no idea why some
Norwegian company thinks something is necessary, if they even think that
in the first place

> Please don't make up stuff.

No need
You're doing a good enough job of that as it is

You know, I've got a little extra time the next few days so I won't
plonk you guys, maybe just see the depths of intellectual depravity that
has come to inhabit this forum.
carry on kids...

ASCII
06-10-08, 09:59 AM
Root Kit wrote:
>
>>I never said I didn't trust the browser, just offered a guess as to why
>>it would include firewall behavior.
>
>Which it doesn't.

Returning a full 'stealth' rating from an online nmap site is definitely
firewall behavior, even if you deny it.
Just how much commission do you get from selling those hardware routers,
enough to put chitlins on your plate?

VanguardLH
06-10-08, 12:25 PM
"ASCII" wrote in <news:484f942b.4779282@reader.usenet4all.se>:

> VanguardLH wrote:
>>
>> Please don't make up stuff.
>
> No need. You're doing a good enough job of that as it is

Oh, yeah, it was me claiming Opera had a web browser, sure.

> You know, I've got a little extra time the next few days so I won't
> plonk you guys,

While killfiling does eliminate "noise" in a newsgroup that you inhabit,
it also does mean the plonked get the last word. I have no qualms about
you killfiling me.

> maybe just see the depths of intellectual depravity that
> has come to inhabit this forum.
> carry on kids...

Yes, we're the children based on your so-adult opinion announced as fact
based your conjecture on some unindentified behavior in a web browser
where YOU say they have some functionality which has obviously been
proven that you didn't have a clue about your statement. Yes, it was
our fault in interpreting your misleading claim. You contrived, you
mislead. When you got caught, like a child, you tried to recover with
justifications hoping to provide you with excuses and now you try to
redirect the blame. Pathetic.

I never said that they do not have a firewall built into their browser.
I said that they make no mention of such functionality. I found nothing
to substantiate your unfounded claim. If you wanted to validate your
claim regarding your *guess* about behavior, you couldn't do some better
investigation before spouting your claim? Since you are an Opera user,
you couldn't go ask in the Opera newsgroups (a list of which is
available at http://www.opera.com/newsgroups/)? Instead of professing
knowledge and announcing added functionality (but which was based on
conjecture), you could've asked over there first.

I don't use Opera but thought it was something to review if only to
figure out why they thought an application-embedded firewall had any
value. Since I don't use Opera, there would be no past history of
experience with it by me nor would I have been visiting the Opera
newsgroups to know about any such feature enhancement. You made the
claim so I figured you were an Opera user. Not many users go extolling
a product unless they actually use it. It's been awhile since I've seen
a user touting a feature that doesn't exist in a product. I've seen
spammers do it but not actual users.


So now to move onto your claim although based on conjecture ...

When you tested Opera and did the stealth and leak tests, did you
disable any and all software firewalls running on your test host?
Obviously if you wanted to test Opera's conjectured firewall abilities,
you would have to disable all other firewall, security, anti-virus,
anti-malware, or other protective software to ensure that they weren't
already providing the firewalling effect that you noticed.

Did you also disable any upstream firewalls, like in your NAT router?
Did you bypass the router and hook your host directly to the your
Internet access point (dsl/cable modem, satellite, whatever)? Many
users do these tests and then claim success but were never testing the
software on their host. Instead they were testing the firewall that is
in their router.

"Passes as stealth on Shields Up". Not sure why you would make that
claim. The web browser is a client process that issues connect requests
(it initiates the handshaking to establish a socket with the server that
was listening for the inbound connection requests). The web browser is
not a server process listening on a port. The web browser isn't going
to respond to a ping or accept connection requests on a port on which it
isn't listening. The web browser issues outbound connect requests to
somewhere else that listens on, for example, port 80 (for HTTP). The
web browser is not listening for inbound connection requests on port 80.

Leak tests have a client (that you allow to run) on your host try to
make an outbound connection to see if the firewall blocks that attempt
or prompts you for permission to allow that connection. Since you
obviously need to permit the firewall to allow connections for your web
browser to be useful (unless you are unique in wanting to use it to only
render your own local HTML files), the web browser is always "leaking"
through the firewall. It is the leak clients you are testing, not the
web browser.

PCFlank doesn't explain just how its leak tests function? You didn't
see the button was labelled "Download" and that you were downloading an
..exe program to execute locally that would then test your firewall (and
that the .exe you downloaded was not the Opera web browser)? You need
to spend some time reading the GRC and PCFlank web sites to understand
just what those tests do and how they execute.

Root Kit
06-10-08, 12:55 PM
On Tue, 10 Jun 2008 07:59:29 -0700, ASCII <f@l.se> wrote:

>Returning a full 'stealth' rating from an online nmap site is definitely
>firewall behavior, even if you deny it.

More babble.... nmap does not use the term "stealth" - and ShieldsUp
does not build on nmap.

Gary
06-11-08, 11:19 AM
These are the only security enhancements that I can see. But that's no
reason to pounce on the OP. I guess this is Usenet after all...


Security

* Improved back-end for Fraud Protection, now enabled by default.
* Added support for Extended Validation (EV) certificates.
* Added automatic updates of root certificates.
* Introduced a new security notification scheme in the address field:
o gold lock on green field for secure sites with Extended Validation
o silver lock on yellow field for regular secure sites
o question mark on gray field for HTTPS sites with problems
o no notification for normal sites
o fraud warning on red field for blacklisted sites
* Opera now distinguishes between local servers on localhost, intranet
servers, and remote servers on the Internet. Local servers can use remote
resources, but not vice versa.

http://www.opera.com/docs/changelogs/windows/950b2

ASCII
06-12-08, 12:44 AM
Gary wrote:
>These are the only security enhancements that I can see. But that's no
>reason to pounce on the OP. I guess this is Usenet after all...

The vehement attack over semantic distinctions of what a firewall
involves, suggests a woefully vacuous level of immaturity. Reminds me of
a know it all that once posted here under the name Duane Arnold of Elgin
Illinois, seems he worked at some retail outlet pushing hardware routers
and swore up and down that nothing was better.

Cunnilingus
06-12-08, 03:35 PM
On Mon, 09 Jun 2008 11:41:38 -0700, ASCII <f@l.se> wrote:


>to run with everything from ATGuard to ZoneAlarm, but there are still

ATGUARD? Lmao!

Please tell me you aren't still using that relic.

ASCII
06-12-08, 09:41 PM
Cunnilingus wrote:
>On Mon, 09 Jun 2008 11:41:38 -0700, ASCII <f@l.se> wrote:
>
>
>>to run with everything from ATGuard to ZoneAlarm, but there are still
>
>ATGUARD? Lmao!
>
>Please tell me you aren't still using that relic.

How convenient you snipped the part
that indicated its use was in a historical context.
Once I migrated from my w95b box ZA worked better,
but nowadays the newer Opera obviates even the need for that.
BTW the 9.5 official full release happened today, I checked it out and
thought the default skin was dreary as did other folk, so they now have
the classic skin on their server, will get around to playing with it
this evening.
Friday 13th will be a good test day, lots of malware releases. <g>