Agreed - if you are a security hound, don't do anything important on Opera. There's a server in the middle, and they should be at the bar I just left.
Quote:
Originally Posted by kyububba
In general since they control the entire path from your client to the server, you must trust that they don't store any secure information.
I'm pretty sure Opera Mini can store all sorts of stuff about your content on their servers (cache, cookies, as well as security certificates needed for SSL). This is because it's their servers that ultimately acts as the HTTP client to the external sites.
Note, this is different from the traditional HTTP proxy server model in that the proxies are not able to view your content in a SSL/TLS session, as they don't have the private key required (which is stored in your browser). Also, traditional proxy servers generally will not parse any of the http body content. In order for Opera Mini to work and optimize a regular HTML page for the phone they have to parse the content and send down optimized rendering info.
So whether you trust them or not is up to you. Personally I have no problem using it for non-encrypted content. Yes, they can cache and use the information, but anyone with a packet sniffer can also do the same with your desktop browser. My browsing patterns aren't that interesting anyway...
I wouldn't use it for any secured https traffic though, based on the reasons above. Plus, most half-way decent secure sites (e.g. banks) probably won't accept any https sessions coming from Opera Mini.
|