A closer look at Opera’s Browser VPN

Opera Software launched what it calls a Browser VPN or just VPN depending on where you find it in the browser in a recent developer edition of the web browser.

Browser VPN can be enabled in Opera with a simple check of a box in the browser's settings, and then turned on or off on the frontend.

It protects traffic by using encryption which improves both the privacy and security while using the browser.

We have mentioned previously that Browser VPN does not support WebRTC or plugin traffic yet which means that sites and services may find out about the public IP address of the device used to connect to it even if the VPN is enabled.

opera vpn server

A detailed analysis of Opera's VPN integration revealed that it is not a full VPN solution which protects all traffic on the device but a proxy instead.

When you enable the VPN in Opera, the following happens:

  1. Opera connects to the SurfEasy API to obtain credentials and IP addresses (SurfEasy is an Opera company).
  2. The browser sends requests to the proxy with proxy authorization request headers whenever sites or services are loaded in the browser. These include the device ID and device password.
  3. These information can be grabbed and used on different machines, even in other programs that are not Opera (as you have the proxy IP address, username, and password).

The connection itself is secure, with HTTPS being used even if non-HTTPS sites are loaded. Hostname resolution is done remotely on the proxy server which means that hostnames are not leaked as well when the VPN is used.



Two issues emerge from this; first, Opera's VPN is not a real VPN but a HTTP proxy. Second, Browser VPN uses a device ID that is linked to the device you are using.

Opera's VPN is not a real VPN but a HTTP proxy

Most users who run developer or beta editions of browsers probably assumed as much when they read about the new VPN that is built-in to the Opera browser.

Opera's Browser VPN works for the most part just like other VPN extensions that you can install for it.

Read also:  Opera Max gets a nagging feature

The main difference is that the feature is built-in to the browser so that it may theoretically make use of features that extensions cannot make use of.

Additionally, when it comes to trust, users may trust Opera more than third-party browser extensions considering that they are using the Opera web browser which too requires some level of trust.

The takeaway is that Opera's Browser VPN does not encrypt all browser traffic currently (WebRTC and plugins are not included currently but you can disable those features if you don't require them), and that it won't work on a system-wide level but only within the browser.

Opera is aware of this however and plans to fix this in future releases (probably before it hits the stable channel).

Browser VPN uses a device ID that is linked to the device you are using

The device ID that is used by the VPN is the same ID that Opera has been using for a long time. You can read about it by loading opera://about/privacy in the web browser. There you find the following information about it:

Your installation of Opera browser contains a unique ID that can not be linked to you as an individual person. This unique ID is required for auto-updates of the software and any installed extensions. Data about the features (not websites) used in Opera browser is collected with the purpose to improve the software and services. The software also creates a unique ID that is linked to your computer. This unique ID is processed with the sole purpose to measure marketing campaigns and distribution partners.

Opera stated that they have a strict no-logging policy when it comes to the VPN/Proxy.

Summary
Article Name
A closer look at Opera's Browser VPN
Description
A closer look at the new Browser VPN / HTTP proxy that Opera Software built-in to a recent Developer Edition of the web browser.
Author
Publisher
Ghacks Technology News
Logo

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail



Responses to A closer look at Opera’s Browser VPN

  1. Tom Hawack April 26, 2016 at 10:32 am #

    Calling VPN what is in fact a plain proxy is not a semantic approximation : it is a misleading information. Of course 'VPN' sounds, looks nicer than a plain, rude 'proxy' in terms of appeal but engineers over at Opera should have insisted on the requirement of stating truth and not verbose incentives. The opera plays the wrong partition.

    • Dave April 26, 2016 at 11:21 am #

      I agree. False advertising.

    • Var April 26, 2016 at 3:34 pm #

      As others have mentioned on this debate on forums like HackerNews.

      VPN itself is a type of proxy. There isn't really any misleading advertising since they are using the underlying technology and functionality of SurfEasy which was a VPN provider.

      Calling it proxy would be misleading as well. As the Opera post on VPN dev release mentioned with the GWI report, different people use VPN for different reasons.
      Those who want anonymity are a minority in fact.

      Bypassing geo-block to watch/stream some video, this is also understood by end users to be a job for a VPN and this feature of Opera does that.

      Its Semantics were fair use in the end-user case context.

      • Dave April 26, 2016 at 11:11 pm #

        Wait, how do I use Opera VPN/proxy in Firefox? This seems like something I want.

        Can I use StartPage proxy in Firefox too?

  2. Paranam Kid April 26, 2016 at 11:11 am #

    Martin, you state above "We have mentioned previously that Browser VPN does not support WebRTC or plugin traffic yet which means that sites and services may find out about the public IP address of the device used to connect to it even if the VPN is enabled."
    That was 1 or 2 days ago. But in that same article you also recommended an extension to plug the WebRTC leak, which works well. For completeness' sake I believe it should be mentioned in your article above too, otherwise you contribute t the confusion & misunderstanding that is now building up about this subject.

    • Martin Brinkmann April 26, 2016 at 12:53 pm #

      I think I have mentioned that already: The takeaway is that Opera's Browser VPN does not encrypt all browser traffic currently (WebRTC and plugins are not included currently but you can disable those features if you don't require them), and that it won't work on a system-wide level but only within the browser.

      Or do you mean something else?

  3. Ian April 26, 2016 at 11:15 am #

    How does it differ from the Off-road Mode (f.k.a. Opera Turbo), which also is a compressing proxy?

    • Martin Brinkmann April 26, 2016 at 12:52 pm #

      Browser VPN does not compress, and it works for HTTPS content as well.

  4. hennorc April 26, 2016 at 5:55 pm #

    it's only a browser-proxy - ok. No problem. If it would function without problems. Opera advertised loud and then they discovered, that it would be a question of resources to manage this. The days after publishing, opera-servers could not manage the load really. At times not useable. Now it's ok (+/-), but f.e. streams like zattoo are not.
    To manage the webrtc-bug in opera, one can use addon 'WebRTC Leak Prevent'. All other (older) options are inoperable meanwhile.

    • neal April 27, 2016 at 12:38 am #

      I can only imagine when the VPN lands in the stable channel.

  5. Gabriel April 27, 2016 at 2:30 am #

    Martin, do you know of a way to check if Flash content is being "tunneled" through Opera's proxy/VPN?
    As far as I know, Flash never uses any VPN or proxy you might be using.

    • Martin Brinkmann April 27, 2016 at 7:40 am #

      Opera stated that plugins, which includes Flash, and WebRTC, are not tunneled currently.

  6. Dresandreal Sprinklehorn April 27, 2016 at 3:57 am #

    I can't see any reason to install Opera until they have a 64bit version.

  7. -ling April 27, 2016 at 7:37 am #

    they still have a 64bit-version, linux:
    http://ftp.opera.com/pub/opera-developer/38.0.2205.0/linux/opera-developer_38.0.2205.0_amd64.deb

  8. JLB May 1, 2016 at 4:56 pm #

    the Current Dev. version of opera is 38.0.2213.0, which fixes the IP address leaking issue with WebRTC. With this current version it is no longer necessary to use WebRTC "blocking" extensions. Also, if you are looking for the Windows 64 bit version, you can now download and install it with this current release.

    http://www.opera.com/blogs/desktop/changelog-38/#b2213.0

  9. Anonymous May 7, 2016 at 7:44 pm #

    ..does not support WebRTC or plugin traffic

    -What about Zenmate for Firefox or Chrome?

  10. Anonymous December 13, 2016 at 9:07 am #

    vpn is not working from today onwards please clear that problem it was blocking proxy and all

  11. Christopher April 11, 2017 at 1:27 pm #

    SurfEasy offers very little coverage, you have to purchase the premium version soon after using Opera.

Leave a Reply