REVIEW: Opera Unite Has Great Promise--and Great Risk

 
 
By Jim Rapoza  |  Posted 2009-06-24 Email Print this article Print
 
 
 
 
 
 
 

Opera Unite is essentially a Web server embedded within a browser. This has the potential to make the exchange of data on the Web more efficient, but any Web server carries with it security risk--especially one on end users' systems.

Opera recently announced a new technology that it is including as essentially an alpha within the beta of the Opera 10 browser. And in its announcement, Opera claimed that this new technology, called Unite, would reinvent the way that everyone uses the Web.

After using Unite for the last week, I'm not sure if I would say that it reinvents the Web. In the end, this "new" technology is basically just a Web server, and Web servers have actually been around longer than Web browsers.

But Unite is intriguing, and one can definitely see some potential benefits to embedding a Web server within a Web browser. I could definitely see a future where an embedded server within a browser makes the exchange of data on the Web completely seamless.

Click here for a slide show on Opera Unite.

But this current early edition of Unite is nowhere close to that vision, and, despite the fact that it runs in Opera, it is still pretty much a completely separate application within the browser. In addition, there are some big security issues associated with putting a Web server on regular users' systems.

To get started with Unite, I simply downloaded the app from unite.opera.com and installed it on my test systems. The first thing required to enable Unite within the Opera browser is to log into an online Opera service or create an account. I was able to use the MyOpera account that I already had to launch my Unite server in the browser.

Some people may wonder why they need to create an Opera account to run a Web server on their own browser. To ease the ability to share data and send people to one's Unite services, Opera makes it possible to have unique URLs that point to individuals and their individual systems. So, for example, you could have a URL such as laptop.myname.operaunite.com.

This model certainly makes things easier, but to a certain degree it also brings back the centralized cloud system that Unite is supposedly going to free us all from. It is possible to avoid the Opera Unite proxy servers, but to get Unite to run initially an Opera account will still be required.

To access my Unite services directly, I basically just needed the system IP address, and then entered that IP and used port 8840 to access the Unite server. This method could also be used within a DNS server to use your own domain names, but within the Unite services that appear in the browser the embedded links will still want to use the operaunite.com addresses.

While Unite is necessary to run the Web services in the browser, the services can be accessed on any remote system using any other Web browser.

Unite comes with several pre-built services that, at this point, are pretty basic in design and exist mainly to demonstrate the potential capabilities of Unite. These include a media player that lets you listen to music from one system on any other system; a standard Web server; a system called Fridge that is essentially a virtual Post-it note; a chat application; and a file sharing application.

If you focus too much on these services, Unite doesn't seem like that big of a deal. After all, we've all seen similar and better-developed services that do the same thing, such as the Orb online music player or any number of file sharing applications that can run in the browser.

But if you expand your thinking to imagine what types of Unite services we might see from developers in the future, Unite sounds a lot more intriguing. Done properly, such applications could make it as easy to send data and content to colleagues, social networks and businesses as it is to download that content.

Right now, though, this early vision has not been realized, and, in fact, the Unite concept brings up some very serious security issues.

The biggest is the very high risk of putting an always-on Web server on users' computers. Once enabled, Unite is by default always-on when Opera is running. It is possible to change this setting within opera:config.

In the security world, running a Web server is generally seen as a high-risk proposition, and, for hackers, getting control of a Web server is a key goal. Whenever a system gets compromised by an attacker or trojan, typically the first thing that happens is that a Web server gets loaded onto the system. Unite could potentially save the attacker this step.

Of course, Opera is aware of these risks and is taking steps to make Unite as secure as possible. Unite has a sandbox model to prevent attacks from leaving the confines of the browser, and there are many safeguards built into the process by which the app accesses the file system.

But anyone who follows security knows that nothing is completely secure, especially a service designed to be used by novices and to facilitate sharing among many users and sites. Just like every browser, Unite will have security holes, and there will be cases where people's systems are exposed because of it.

There are other potential gotchas, as well.

For example, it is possible that running Unite would be a violation of the terms of service set out by your ISP because many terms of service forbid running a Web server (though these tend to be focused on running a real Web site and not on a more temporary service like Unite).

Unite also has a way to go in terms of usability. It doesn't have the detailed advanced user controls that one would expect from an Opera product, and I'd like to see more benefits from using the operaunite.com proxies and URLs, such as a temporary page that displays when a user's Unite services aren't live. (Right now, you just get an error.)

I do think that Unite is an interesting new service, and I recommend that developers and power users give it a try. However, I wouldn't recommend that novice or even average users load it on their systems, as there are still too many questions to be answered by this new service. 

Chief Technology Analyst Jim Rapoza can be reached at jrapoza@eweek.com. 

 
 
 
 
Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr Rapoza's current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel