Home » Articles » Opera’s New Built-In “VPN”
Click Here To Hide Tor

Opera’s New Built-In “VPN”

Opera, a browser that already has an ad-blocking feature, recently added a new feature to their browser – a free VPN with unlimited data usage. It currently has IP addresses in the United States, Canada, and Germany. This addition was well-received and met with praise, but there’s a twist to it.

opera

It’s actually an HTTP/S proxy that requires authentication. For some reason Opera insists on calling it a VPN even though it says below “Enable VPN”  that it’s a proxy.

According to research by Michal Špaček, when you first enable the “VPN”, it makes 4 requests to SurfEasy’s API. The first request “subscribes” you to the VPN and the second gives you your credentials (ID and password). The last two obtain proxy IP addresses.

When you request a web page, requests are made to *.opera-proxy.net with a Proxy-Authorization header. ‘*’ being a country then a number, e.g. de0.opera-proxy.net. A few of the proxy servers appear to be hosted at Xirra. The Proxy-Authorization header is a SHA1 checksum of your ID with your password concatenated by a colon. An example of this header would be: CC68FE24C34B5B2414FB1DC116342EADA7D5C46B:9B9BE3FAE674A33D1820315F4CC94372926C8210B6AEC0B662EC7CAD611D86A3

Due to the fact that this VPN is actually a proxy, you can technically use it on a different computer that doesn’t even have Opera installed.

SurfEasy, the company that provides the proxies, is a VPN provider owned by Opera, and like Opera, they’re based in Canada – one of the five eyes.

However, SurfEasy claims to be a “no log network”: “SurfEasy does not store users originating IP address when connected to our service and therefore cannot identify users when provided IP addresses of our servers. …”. They then go on to say that they temporarily log usage, perform real-time analysis of traffic (which isn’t logged), comply work with law enforcement, and that their clients may use analytic technology like Google Analytics.

We mustn’t forget that Opera itself is an ad network and does collect your usage data.

As always, proceed with caution when selecting a VPN to use. Check out our VPN comparison chart if you need help.

6 comments

  1. i would never trust opera anyway lol! but hey at least ppl got a free proxy to abuse now ;))

  2. I like that it’s spreading the awareness of encryption. Not sure if their motivation is more than just marketing, but whatever.

  3. nice article. thank you.

    btw, fuck opera – fuck proprietary software and hardware – fuck you microsoft & fuck your directx.

  4. yeah i am totally agree with @420. I am also not believe on opera and 1st of all who opera can protect my data during using public wifi. I think it will definitely not so @420 is right.

  5. nevertrust client on browser

  6. Why bother? Just use Tails with Tor bridges via a public anonymous Wi-Fi hotspot; use a persistent container, and within that, a TrueCrypt container with at least two keyfiles. Passphrases should be above 40 characters with some completely random garbage thrown in for good measure.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *