The latest changelog seems promising, right? Nope, it’s still a joke.
Faster and better browser VPN
In September 2016, we introduced the free, built-in, no-log browser VPN service. Opera remains the only major browser providing such a unique service. Now, we are introducing our first major upgrade to the browser VPN service.
Moving to Opera data centers
Previously, the VPN service was hosted and operated by SurfEasy LLC, a company recently acquired by Symantec. We have investigated the best options for hosting the service and concluded the browser VPN service will be moved to our own data centers. Opera’s current server infrastructure, one of the highest capacity super-computer clusters in the world, is already hosting services such as the compressing engine for Opera Mini.
The coloration of the browser VPN service to our data centers is expected to give increased performance, scalability and balancing capabilities, while keeping it a free and no-log service.
From countries to regions
As we move the service to the Opera data centers, we are also changing from listing locations based on countries to regions. For the updated browser VPN, we will provide these options: Optimal location (default), the Americas, Europe and Asia. Locations will be rolled out gradually, starting with Europe today and the Americas and Asia coming soon.
Remember the old story when Opera released their VPN? Right, it was a proxy (extension) integrated into their own Browser. And nothing has changed except adding more location to it.
A Look into the So-Called Opera VPN
According to Michael Spacek, who is an experienced IT security specialist and a web developer from Prague, Opera Software isn’t being honest with what they are providing. He says that the ‘VPN’ bit is more marketing and less web security and i need to agree. It’s just marketing.
So, if you’re looking for enhanced privacy and security, you shall find none here. Web security must always be the foremost priority of anyone accessing different websites using a VPN. Opera’s VPN cannot be used in conjunction with different web or email applications such as Outlook – exposing your IP.
“I’d just like to point out that the proxy in Opera (the thing they call “VPN”) is actually a secure proxy. That means that all data between the browser and the proxy server are encrypted no matter the protocol used by the browser to load the page. Even if the browser loads a page over plain HTTP the connection between the Opera browser and the proxy server will be encrypted using HTTPS – that’s why it’s so called secure proxy. Also here’s an implementation of the handshake in Python, it will generate credentials used by the browser to authenticate to proxy servers.”
What Opera VPN does is to mask your IP, giving you access to a private network, however, it does not protect your data in anyway.
When this happens, any website you access with the VPN enabled begins to send requests to gain a proxy authentication request, which is a header.
Spacek was able to decode the proxy authentication header, which showed the following credentials:
The fact of the matter is, the credentials listed above, which belong to a proxy, can be utilized irrespective of the computing device you use, regardless of whether or not Opera is installed on that browser – you will get the same IP as with the device you originally used.