The Web Design Group

... Making the Web accessible to all.

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Opera 12.18 security update
Christian J
post May 9 2016, 12:51 PM
Post #1


.
********

Group: WDG Moderators
Posts: 7,834
Joined: 10-August 06
Member No.: 7



Seems the classic Opera 12.xx (Presto) browser still gets limited updates: http://www.opera.com/blogs/security/2016/0...ecurity-update/ wub.gif

User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
Christian J
post Jan 24 2018, 08:04 AM
Post #2


.
********

Group: WDG Moderators
Posts: 7,834
Joined: 10-August 06
Member No.: 7



According to http://matejhorvat.si/en/unfiled/opera12.htm Opera 12 is not vulnerable to Spectre.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
thematrix
post Feb 9 2018, 03:55 AM
Post #3


Newbie
*

Group: Members
Posts: 15
Joined: 6-February 18
Member No.: 26,584



Yeah, but on their site, it is written that it is vulnerable to Spectre.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
Christian J
post Feb 9 2018, 06:47 AM
Post #4


.
********

Group: WDG Moderators
Posts: 7,834
Joined: 10-August 06
Member No.: 7



QUOTE(thematrix @ Feb 9 2018, 09:55 AM) *

Yeah, but on their site, it is written that it is vulnerable to Spectre.

Could you link to that page?

(Note that this thread is about the old Opera 12 with the Presto engine, not the newer Chrome-based browser.)
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
pandy
post Feb 9 2018, 08:55 PM
Post #5


Don't like donuts. Don't do MySpace.
********

Group: WDG Moderators
Posts: 17,926
Joined: 9-August 06
Member No.: 6



I think maybe it was vulnerable but is no more? unsure.gif

https://winaero.com/blog/secure-opera-brows...ulnerabilities/
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
Christian J
post Feb 10 2018, 05:30 AM
Post #6


.
********

Group: WDG Moderators
Posts: 7,834
Joined: 10-August 06
Member No.: 7



I assume most newer browsers (including Opera/Blink, Chrome and other Chromium-based ones) were vulnerable before they were patched (which I think they are now?). At least Pale Moon is said to have been safe even before Spectre was known, and so (like Opera12/Presto) supposedly doesn't need a patch for this.

Of course any browser with javascript enabled is a security- and privacy hazard these days (not just due to Spectre), so it's best to disable javascript by default in all of them.

User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
pandy
post Feb 10 2018, 11:06 AM
Post #7


Don't like donuts. Don't do MySpace.
********

Group: WDG Moderators
Posts: 17,926
Joined: 9-August 06
Member No.: 6



I don't know if this test is reliable.
https://xlab.tencent.com/special/spectre/spectre_check.html

It says IE10 and Iron is vulnerable. FF, Edge and - lo and behold - k-mel is not. How could that be? k-mel most certainly isn't patched. Maybe I don't have the latest Iron. But I thought MS had forced patches on us for this on Win10, so their browsers ought to be safe. Not true?
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
Christian J
post Feb 10 2018, 01:47 PM
Post #8


.
********

Group: WDG Moderators
Posts: 7,834
Joined: 10-August 06
Member No.: 7



QUOTE(pandy @ Feb 10 2018, 05:06 PM) *

I saw that link but didn't dare to test my browsers. Who knows what it'll do to your system. ninja.gif

QUOTE
It says IE10 and Iron is vulnerable. FF, Edge and - lo and behold - k-mel is not. How could that be? k-mel most certainly isn't patched. Maybe I don't have the latest Iron. But I thought MS had forced patches on us for this on Win10, so their browsers ought to be safe. Not true?

Yes it's strange that MSIE10 is vulnerable while MS Edge is not (granted they use different engines, but still same company). Firefox/Gecko and Chromium should be patched by now, but then it must be updated in each browser brand (like Iron). Maybe K-Mel is too old to be exploitable (like allegedly Opera12), or too defensively built (like allegedly Pale Moon).

Also (just in case), note that these patches only prevent Spectre exploits through javascript, malware on your computer can still exploit Spectre without any need for a browser.

User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
pandy
post Feb 10 2018, 05:16 PM
Post #9


Don't like donuts. Don't do MySpace.
********

Group: WDG Moderators
Posts: 17,926
Joined: 9-August 06
Member No.: 6



You're paranoid. tongue.gif

Yeah, maybe the k-mel guys have made some changes. There are differences from FF. For instance k-mel doesn't support DDE while FF does, sad as it is.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
thematrix
post Feb 12 2018, 10:24 AM
Post #10


Newbie
*

Group: Members
Posts: 15
Joined: 6-February 18
Member No.: 26,584



QUOTE(Christian J @ Feb 9 2018, 06:47 AM) *

QUOTE(thematrix @ Feb 9 2018, 09:55 AM) *

Yeah, but on their site, it is written that it is vulnerable to Spectre.

Could you link to that page?

(Note that this thread is about the old Opera 12 with the Presto engine, not the newer Chrome-based browser.)


My bad, I've read a post on Reddit about that, but when I checked out more into details it's not correct at all. Sorry for making untruthful statements! Should've checked my facts.
It's a good thing they are almost rid of the CPU problems there were! The last update is stated to be pretty successful!
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 



- Lo-Fi Version Time is now: 18th June 2018 - 12:32 PM