Opera Bolsters Web Browser with New Malware Protection

Opera has beefed up security in its upcoming Web browser as it looks to challenge Firefox and Internet Explorer in the area of Web security.

Putting a bull's-eye on Web-based threats, Opera has formed a partnership with Haute Secure, a security vendor founded in 2006, to protect users from rogue sites known to distribute malware as well as from links users might click on that would lead to malicious software downloads.

The fruits of this union will arrive in the upcoming Opera 9.5 browser.

The two-pronged approach of protecting against both drive-by malware and malicious links puts the browser a step ahead of Firefox, which only addresses the former, said Thomas Ford, global communications manager at Opera.

"Haute Secure provides information to protect down to the specific link, instead of blocking entire domains," Ford said. "This is particularly critical because we can block specific hacked pages instead of blacklisting domains."

The technology may offer something of a plug for a security hole for Web surfers at a time when mass compromises of legitimate sites have become more prevalent. According to research by ScanSafe, the vast majority of Web-based malware it blocked for its customers in May came from compromised sites.    

According to Ford, Haute Secure uses a combination of heuristic analysis and community involvement to aid in identifying and addressing false positives and negatives.

"The involvement of the communities creates a neighborhood watch effect where everyone using Opera contributes to the security of all Opera users as well as the respective communities for each partner—in addition to the data coming in many times per hour from each partner," Ford said.

Opera users can choose to send information back to Haute Secure or Opera's anti-phishing partners, Netcraft and PhishTank. Haute Secure also gets Google's malware data, which is the sole data source for Firefox 3, Ford said.

While Opera has enjoyed some success in the mobile market, it remains behind more popular browsers such as Internet Explorer, Firefox and Safari on personal computers. As such, it has not been fodder for hackers as often as the others, Gartner analyst John Pescatore said.

"[Opera is] mostly protected by security through obscurity—no major security problems but not really banged on either," he noted.

"I think our security track record is a matter of both features and philosophy," Ford said. "There are features like Fraud Protection, but probably more important is a commitment throughout the company to protect people using our product.

"We patch our vulnerabilities and we patch them fast. We implement other features with security in mind. Widgets are a good example. We run them in a secure sandbox so these third-party applications can't be used to reach into your file system. Sure, that means you won't see a widget that reports on system-level processes. But that also means you won't have your system owned by downloading a widget. I'd say it's a lot of little things that add up to making Opera an extremely safe browser."

Opera officials were mum about when the new version of the company's browser will be ready, but the company has posted a release candidate for those interested to review.