Opera Adds Built In VPN and Ad Blocking To Web Browser

Subject: Editorial, General Tech | October 28, 2016 - 12:46 AM |
Tagged: editorial, web browser, vpn, Privacy, Opera, Blink

It has been some time since I last looked at Opera, and while I used to be a big fan of the alternative web browser my interest waned around the time that they abandoned their own engine to become (what I felt) yet another Chrome (Webkit) clone. Specifically, it looks like the last version I tested out was 12.10. Well, last month Opera released version 40 with just enough of a twist to pique my interest once again: the inclusion of a free built-in VPN.

Opera 41 Built In VPN.png

I (finally) got around to testing out the new browser today, and it works fairly well. While setting the default to share usage data is not ideal, offering to enable the ad blocker after installation is a good touch. The VPN feature is a bit more tucked away than I would like but still accessible enough from the settings menu. Further, once it is enabled, it is easy to turn it off and on using the icon in the search/address bar.

According to Opera, the built-in VPN (virtual private network) comes courtesy of SurfEasy – a company that Opera acquired last year. SurfEasy uses OpenVPN and 256-bit encryption and also lauds itself on being a no-log VPN (they do not maintain logs tracking users' usage). Opera is not currently imposing any restrictions on the free VPN built into Opera with bandwith and data usage not being capped. Not bad for a free offering! For comparison, I've used the free version of ProXPN on occasion (public Wi-Fi mostly), and while the VPN is for the entire PC (not just the browser like in Opera's case) they heavily throttle the download speeds to entice you to pay (heh).

In a quick test, I got the following results:

  Ping (ms) Download (Mbps) Upload (Mbps)
No VPN 13 90.26 12.14
Opera VPN 108 89.72 12.06
ProXPN Basic 38 1.74 11.19

Considering the exit point was much further away (SpeedTest chose a Kansas test server, and it looks like the VPN server may have been in Houston, TX), the performance was not bad. Download and Upload speeds were only slightly slower, but (as expected) the ping was much higher.

Opera offers five locations for its free VPN: Canada, Germany, Netherlands, Singapore, and the United States.

Users can enable the VPN by browsing to opera://settings and clicking on Privacy & Security in the left hand list then checking the box next to "Enable VPN."

On another note, the included ad blocker seemed to work well (it apparently has already blocked 86 ads even though I only hit up a couple sites!). My only complaint here is that it does not make it as easy as AdBlock Plus to block/unblock specific elements (or if there is a way it's not intuitive). It is only a minor complaint though, and not really relevant for the majority of users.

I am by no means a browser benchmarker, but it feels fast enough when switching between tabs and loading websites. Fortunately, Michael Muchmore and Max Eddy put Opera through its paces and compiled the benchmark results from several synthetic tests if you are into the nitty-gritty numbers. From their data it appears that Opera is not the fastest, but by no means a slouch. The one test it fell hard on was the Unity WebGL benchmark, though it was not the only browser to do so (Opera, Chrome, and Vivaldi were all close with FireFox and Edge getting the top scores).

Other features of Opera 40 (41 in my case) include a personalized newsfeed that can be fed with any user-supplied RSS feeds, a new battery saver mode, hardware accelerated pop-out videos, Chromecast support, and a number of under the hood performance and memory optimizations (especially with more than 10 tabs open).

I am going to keep it installed and may switch back to using Opera as my daily browser. It looks like it has come a long way since Opera 12 and while it is similar to Chrome under the hood, Opera is doing enough to set itself apart that it may be worth looking into further.

What are your thoughts on Opera 41? 

Source: Opera

Chinese Group Purchases Opera for $600 Million (50% Off!)

Subject: General Tech | July 19, 2016 - 02:38 AM |
Tagged: web browser, Opera, China

Opera is the smallest of the major browser vendors, estimated at about one-fifth the desktop market share of Mozilla's Firefox. That said, it had some fairly high-profile device wins, such as the Nintendo Wii and the Nintendo DS, and they're strong on other mobile devices, too. They had their own rendering technology until 2013, when they switched to Webkit and, when Google forked away from Apple and KDE into the Blink project, followed Google.

opera-2016-logo.png

Recently, a group of Chinese companies have announced that they will be purchasing a large chunk of the browser vendor for $600 million USD. Interestingly, this was after offering $1.2 billion just a few months earlier. This time, the Chinese group will receive less of the company, and thus will pay less for it. The original company, which will have 18 months to find a new name, will maintain ownership of three parts:

  • Opera Mediaworks
  • Opera Apps & Games (including Bemobi)
  • Opera TV

According to Engadget, the original, $1.2 billion dollar deal was canceled when some government organization disapproved of the deal. Looking at the three components that were omit, I cannot see why a regulation body would raise an issue, whether it be for national security or monopoly reasons. They seem pretty innocuous and small, but I guess the EU might take issue with consumer data privacy?

Either way, these three elements will remain, but everything else will go.

Mozilla Publishes Servo Nightly (for Mac and Linux)

Subject: General Tech | July 1, 2016 - 07:12 PM |
Tagged: web browser, gecko, servo, Rust, mozilla, Samsung

No love for Windows at the moment, but Mozilla is showing previews of their new browser rendering engine, Servo. This one is developed in Rust, which is a highly parallel yet very memory safe language, which are two great features for a web browser, especially on mobile and multi-core desktops. You are currently able to pick it up on Mac and Linux, although it is not ready to be your primary browser yet. Windows and Android builds “should be available soon”.

Basically, Mozilla has been spending the last few years re-thinking how to design a web browser. Most Web standards are based on assumptions that the browser is going through a main loop, and that these items will occur in sequence. Back in 2013, most of the research was to see far a browser could travel into parallelization before compatibility just stops following. Samsung, who is obviously interested in smartphone technology, partnered with them, because it's easier to add more cores onto a mobile SoC than it is to make existing ones faster.

mozilla-architecture.jpg

At the time, they weren't sure whether this research would be used to improve Gecko, the current rendering engine that has been around since Netscape 6, or create a suitable replacement for it. As far as I know, that decision has still not been made, but they also haven't bailed on it yet.

Perhaps we'll see a new wave of Web technology coming soon? Maybe even break up the Webkit monopoly that seems to be forming, led by iOS and Android devices?

Source: Mozilla

Java Browser Plug-in Soon Killed Off by Oracle

Subject: General Tech | January 30, 2016 - 07:05 PM |
Tagged: web browser, web, shockwave flash, shockwave director, oracle, Java

After decades of semi-ubiquitous usage, Oracle has announced plans to stop providing the Java plug-in for web browsers. It will still be available in the upcoming Java 9 platform, but classified as a deprecated feature.

ie-wheeee-dead.jpg

This has nothing to do with JavaScript, which is a scripting language that web browsers use. JavaScript is not a plug-in, and it's very secure in terms of the machine the browsers run on. Pretty much all exploits that we see either trick the user to download and run a program, have them disclose sensitive information (passwords, identity, etc.) to the wrong people, try to make the browser impossible to use until it is shut down and restarted, or launch a plug-in that is the actual problem. The joke is “Java is to JavaScript as Car is to Carpet” -- but that's not true: cars often have carpets.

Java, Shockwave Director, and Shockwave Flash filled in a huge gap in Web standards during the late 90s and early 2000s. Plug-ins were about the only way to access files, per-pixel 2D animation functions, and even access to 3D graphics hardware. Web browsers can do almost all of that now, albeit file input and output is limited to individual files, because you don't want every website to be able to read and write files (and site-specific data lockers with APIs like IndexedDB and Web Storage) on the user's hard drive without the user's explicit control.

As such, browsers are trying to kill off native plug-ins. This could be a problem for games like Battlefield 3 and 4, which (Update Jan 30th @ 7:51pm: Used to... it's apparently been a while. Thanks wileecyte in the comments.) require plug-ins to launch the native application, but the browser vendors have been expressing their desires for quite some time. Even companies that are heavily invested in plug-ins for their products, like Oracle, are finally giving up.

Source: Ars Technica

Firefox Developer Tools Can Debug Non-Mozilla Browsers

Subject: General Tech | September 11, 2014 - 04:22 PM |
Tagged: firefox, mozilla, web browser, web development

Well this is an interesting feature. Mozilla, like all browser vendors, has been constantly enhancing their web development tools. They are quite impressive, allowing anyone to debug any page, including WebGL shader replacement, audio network manipulation, and injecting Javascript, HTML, and CSS at run time. Firefox OS and Firefox for Android developers were even able to remotely connect to a desktop Firefox browser as if it were an IDE (which it really is these days). Today, Mozilla announced (via their Hacks blog) early support for remote debugging Safari on iOS and Google Chrome on Android.

The currently supported tools are: "Inspector", which allows searching, modifying, and injecting HTML and CSS; "Debugger", which debugs and injects Javascript; and "Console", which displays console output from the open tab and executes individual Javascript statements (which can be multi-line with shift + enter). You cannot, for instance, modify individual draw calls on a running 3D game, like you can with the same tools when manipulating a Firefox tab, but this is still pretty impressive for cross-vendor.

Remote Debugging for Safari on iOS and Chrome on Android is available in early development on Firefox Nightly with an optional extension.

Source: Mozilla

Google Chrome To Compile Javascript Off Main Thread

Subject: General Tech | February 17, 2014 - 03:10 AM |
Tagged: web browser, Google Chrome, chromium

Google has announced that the latest beta for Chrome, their web browser, will compile Javascript in a background thread. In the current release version, scripts are converted to instructions, executed, monitored for performance, and swapped with a more optimized set of instructions that accomplishes the same tasks. Converting script into optimized instructions takes time. Doing it on a background thread frees up that computation time for something else.

google-chrome-jit-hang.png

This stutter was 628 milliseconds, or about 38 consecutive frames at 60 FPS.

Image Credit: Chromium Project Blog

Web browsers are designed under the assumption that a single thread of instructions will weave through every task, one by one, until everything is done. At some point, since the early 1990s, computers have been give multiple cores (and some of those designs can have multiple threads shoved through at once). The problem is now that, since "Task A" was designed to occur before "Task B", doing them separately... can break stuff good.

mozilla-architecture.jpg

A simplified browser execution flowchart. Execution follows the arrow.

Image Credit: Mozilla

Background Javascript optimization will be most effective for mobile SoCs. These processors tend to have a lot of fairly slow cores; the exact opposite of what a web browser wants. Also, video games have many tasks which occur every frame. Freeing up time on the main thread gives these apps more time to be more complex - and with less stutter (if optimizing blocks execution... which it is trying to optimize). This might also allow browsers more time to try more aggressive optimization strategies.

In case you are wondering, Mozilla started to move compilation to a background thread as of Firefox 21. Firefox 29 will move the entire just-in-time (JIT) compilation process off the main thread. This is currently in their "Aurora" release channel. To the rest of the world: it's an alpha.

This optimization is currently available in Google Chrome Beta (33).

Google Glass Update Will Add Web Browser and New Voice Control Functionality

Subject: General Tech | July 1, 2013 - 11:29 PM |
Tagged: web browser, hands-free, google glasses, google glass, google

Later this week, Google is updating its Glass, well, glasses to add new features. Among the new features, Google is including a full web browser and a couple of new voice controls.

The full web browser will output to the Glass display and can be accessed by hitting the appropriate button. Users will be able to access the web using the Wi-Fi chip, and it will be controlled by the touchpad and motion controls. For example, users can scroll pages by moving a single finger forward on the touchpad. Zooming is handled by using a two finger guesture on the touchpad. Finally, while zoomed in, users can move their head around to pan around the page.

The motion control bit is actually an intuitive idea, though I expect bystanders will find those browsing the web on their Glass a bit odd as they hold two fingers to their glasses and move their head about. (Hopefully people do not try browsing reddit while walking, however.)
 

The upcoming Google Glass update also adds a few more voice controls to the mix. Using voice commands beginning with "ok glass," users will be able to reply to text messages, answer calls, and send photos to other people on their contact list.

Finally, Google has lifted the contact list restriction from a list of ten friends. Users can now access their entire Gmail contact list.

I'm glad that Google is continuing to improve the Glass software. According to The Verge, this new update will be rolled out over the next few days to the Explorer Edition units currently in the hands of developers. I'm looking forward to the final consumer release.

Read more about Google Glass at PC Perspective.

Source: The Verge

IE10 is the safest web browser in one way; checkmate!

Subject: Editorial, General Tech | May 16, 2013 - 03:45 PM |
Tagged: web browser, Malware, IE10

If you consider your browser security based solely on whether it will allow you to manually download a malicious executable: IE10 is the best browser ever!

Rod Trent over at Windows IT Pro seems to believe this when NSS labs released their report, "Socially Engineered Malware Blocking". In this report, Internet Explorer blocked the user from downloading nearly all known malware (clarification: all known malware within the test). Google Chrome came in second place with a little less than 17% fail rate and the other browsers were quite far behind with approximately a 90% failure rate.

ie10-malware.jpg

Based on that one metric alone, Rod Trent used a cutesy chess image to proclaim IE the... king... of the hill. Not only that, he suggests Safari, Opera, and Firefox consider "shuttering their doors." After about a decade of Internet Explorer suffering from countless different and unique vectors of exploitation, now is the time to proclaim a victor for attacks which require explicit user action?

Buckle in, readers, it's a rant.

Firstly, this reminds me a little bit of Microsoft Security Essentials. Personally, I use it, because it provides enough protection for me. Unlike its competitors, MSE has next to no false positives because almost ignores zero-day exploits. The AV package drew criticism from lab tests which test zero-day exploits. Microsoft Security Essentials was ranked second-worst by this metric.

Well, time to shutter your doors Micr... oh wait Rod Trent lauded it as award-winning. Huh...

But while we are on the topic of false positives, how do you weigh those in your grading of a browser? According to the report, and common sense, achieving pure success in this metric is dead simple if you permit your browser to simply block every download, good or bad.

If a 100% false positive acceptance rate is acceptable, it is trivial to protect users from all malicious download. With just a few lines of code, Firefox, Safari, and Opera could displace Internet Explorer and Chrome as the leaders of protection against socially engineered malware. However, describing every download as "malicious" would break the internet. Finding a balance between accuracy and safety is the challenge for browsers at the front of protection technology.

-NSS Labs, "Socially Engineered Malware Blocking"

A browser that is capable of blocking malware without blocking legitimate content would certainly be applause-worthy. I guess time will tell whether Internet Explorer 10 is able to walk the balance, or whether it will just be a nuisance like the first implementations of UAC.

OK, Google did actually release exactly one native Windows application at Google I/O: It's called Android Studio, an application that helps developers create apps that run on Android, Google’s answer to Windows. But don’t worry, Microsoft fans: Internet Explorer (IE) flags the Android Studio download as potential malware.

-Paul Thurrott, Windows IT Pro

Ah crap... that was quick.

Now to be fair, Internet Explorer 10 and later have been doing things right. I am glad to see Microsoft support standards and push for an open web after so many years. This feature helps protect users from their own complacency.

Still, be careful when you call checkmate: some places may forfeit your credibility.

Khronos Group Announces WebGL 1.0.2 Specification and Extensions, Formal Release Expected in April

Subject: General Tech | March 28, 2013 - 12:54 AM |
Tagged: webgl 1.0.2, webgl, web browser, tegra, programming

The Khronos Group recently announced that the WebGL 1.0.1 specification is compliant across mobile and desktop systems on a number of platforms. Chrome 25 and Firefox 19 support WebGL 1.0.1 on Windows, Mac, and Linux operating systems. Further, mobile devices with Tegra SoCs can tap into WebGL using a WebGL-enhanced Android browser.

webgl_logo.jpg

Additionally, the WebGL 1.0.2 specification and its extensions have been submitted for ratification, and is expected to be formally released in April. According to the press release, the following features are being rolled into the WebGL 1.0.2 specification:

  • "adds many clarifications for specification behavioral precision
  • mandates support for certain combinations of framebuffer formats, to ease developer adoption;
  • clarifies interactions with the encompassing HTML5 platform, including the browser compositor and high-DPI displays;
  • dramatically increases the number of conformance tests to roughly 21,000 to improve both the breadth and depth of test coverage - thanks principally to work by Gregg Tavares at Google and the OpenGL ES working group."

The WebGL working group has also submitted several optional extensions for ratifications along with the 1.0.2 spec. On the developer side of things is a JavaScript debugger for WebGL API calls and shaders, and functionality to communicate when a mobile device is powered off while WebGL is running. The other extension deals with adding additional 3D features from OpenGL ES 2.0 including anisotropic filtering (AF), vertex array objects, and standard derivative functions.

Khronos President and NVIDIA Vice President of Mobile Content Neil Trevett stated that "The close cooperation between browser and silicon vendors to ensure the GPU is being reliably and securely exposed to the Web is ongoing proof that Khronos is a highly productive forum to evolve this vital Web standard." Meanwhile, WebGL Working group chair Ken Russell indicated that WebGL 1.0.2 is "a major milestone in bringing the power of the GPU to the Web.”

Although there are security concerns to consider, WebGL does open up some interesting opportunities for new web services. The full press release can be found here.

Source: Khronos

Android Version of Chrome May Get SPDY Proxy Speed Boost

Subject: General Tech | March 5, 2013 - 02:17 AM |
Tagged: web browser, mobile, chrome, Android

Chrome for Android will allegedly be getting a speed boost thanks to a new SPDY-assisted proxy service. If a recent patch is any indication, future versions of Chrome may adopt a proxy service similar to Opera Turbo, Amazon Silk, or BlackBerry Proxy. Google would take advantage of its SPDY protocol to compress and multiplex web sites. We requests would be sent through Google, where Google would take the HTTP/HTTPS pages, compress and otherwise optimize them, and send them to your Android smartphone.

 

Chrome for Android.png

While on Wi-Fi or a wired connection, the performance merits of such proxy services are minimal at best (and at worst can actually slow down page loads). With that said, over a mobile network--especially if you are living in an area with (at best) 3G speeds, the new SPDY proxy service could make a huge difference in page load times. If my experiences using Opera and its Turbo proxy service over a 3G connection for the past month is any indication of the potential benefits of such a setup, some pages will load much faster, a few sites will actually load slower than browsing without the proxy, and the majority of websites will fall somewhere in between those two extremes, providing a slightly faster web browsing experience. Google may be taking things a step further by introducing its SPDY protocol to speed up the HTTP requests, which is an interesting tactic beyond the basic compression and/or caching that the existing alternatives employ.

Details on the hinted-at Google-run SPDY proxy service are scarce, but I hope that it holds true. There are some privacy considerations, but if you are just reading articles and have resigned yourself to the fact that Chrome/Google tracks you anyway (heh) it is a nice optional feature to have!

Source: Engadget