Opera Browser en

From JonDonym Wiki
(Difference between revisions)
Jump to: navigation, search
(add)
(added much)
Line 46: Line 46:
  
 
Java is needed to execute JonDo but Java also serves as a browser plugin than can bring a security and anonymity risk. Java is independent from JavaScript, while without JavaScript many pages are only partially usable or even unusable, Java is rarely a benefit. Disable in '''Preferences''' -> '''Advanced''' -> '''Content''' -> '''Enable plug-ins'''. The other and probably safer way is to install JonDo as "portable" - in that case Opera (like any other browser) will simply not find the Java used by JonDo (there should be no other Java on the system).
 
Java is needed to execute JonDo but Java also serves as a browser plugin than can bring a security and anonymity risk. Java is independent from JavaScript, while without JavaScript many pages are only partially usable or even unusable, Java is rarely a benefit. Disable in '''Preferences''' -> '''Advanced''' -> '''Content''' -> '''Enable plug-ins'''. The other and probably safer way is to install JonDo as "portable" - in that case Opera (like any other browser) will simply not find the Java used by JonDo (there should be no other Java on the system).
 +
 +
== Settings for improved security and privacy ==
 +
 +
To enter the settings page, type in following special address:
 +
 +
<code>opera:config</code>
 +
 +
There you can change following settings:
 +
 +
'''Option:Persistent Storage'''
 +
 +
<i>Domain Quota For localStorage set to 0 (Domstorage)</i>
 +
 +
<i>Global Quota For localStorage set to 0</i>
 +
 +
<i>Databases Access Handling set to false</i>
 +
 +
'''Option:Visited Link'''
 +
 +
<i>Visited Links State set to 0</i> (Protect from history readout)
 +
 +
'''Option:Author Display Mode'''
 +
 +
<i>Author Font and Colors set to false</i> (fixing the font-face problem)
 +
 +
'''Option:User Display Mode'''
 +
 +
<i>User Font and Colors set to false</i> (fixing the font-face problem)
 +
 +
'''Option:User Agent'''
 +
 +
<i>Allow Components In UA String Comment set to false</i>
 +
 +
'''Option:UserPref'''
 +
 +
<i>Allow Scripts To Navigate In History set to false
 +
 +
Enable Webfonts set to false
 +
 +
Google TLD Downloaded set to false
 +
 +
History Navigation Mode set to 0
 +
 +
Max Direct History Lines set to 0
 +
 +
Max Global History Lines set to 0
 +
 +
Max Window History Lines set to 1</i> (disables tab history, if you want to use "back" and "forward" buttons, set a bigger value or keep the default)
 +
 +
<i>Show History In Addressfield Autocompletion set to false</i>
 +
 +
<i>Show Searches In Addressfield Autocompletion set to false</i>
 +
 +
<i>Special effects set to false</i>
 +
 +
<i>Visited Pages set to false</i>
 +
 +
'''Option:Diskcache'''
 +
 +
<i>Enabled set to false</i>
 +
 +
<i>Size set to 0</i>
 +
 +
<i>Cache Docs set to false</i>
 +
 +
<i>Cache Figs set to false</i>
 +
 +
<i>Media Cache Size set to 0</i>
 +
 +
<i>Empty On Exit set to true</i>
 +
 +
'''Option:Cache'''
 +
 +
<i>Cache HTTPS After Sessions set to false</i>
 +
 +
<i>Cache Figs set to false</i>
 +
 +
<i>Cache Docs set to false</i>
 +
 +
<i>Application Cache Quota set to 1000</i>
 +
 +
'''Option:Security Prefs'''
 +
 +
<i>Enable TLS v1.1 set to true</i>
 +
 +
<i>Enable TLS v1.2 set to true</i>
 +
 +
<i>Certificate revocation lists for ssl set to true</i>
 +
 +
<i>Strict Transport Security support set to true</i>
 +
 +
<i>Strict EV Mode set to true</i>
 +
 +
<i>Warn About Imported CA Certificates set to true</i>
 +
 +
'''Multimedia'''
 +
 +
<i>Allow Autoplay set to false</i>
 +
 +
'''BitTorrent'''
 +
 +
<i>Bittorrent set to false</i> (if not needed)
 +
 +
'''Autoupdate'''
 +
 +
<i>Plugin Auto Install Enabled set to false</i> (avoid automatic installation of missing plugins)
 +
 +
'''Do Not Track Header'''
 +
 +
<i>Settings->Extended->Security</i>
 +
 +
Here you can set the Do Not Track Header.
 +
 +
If you don't want to use the WebGL feature, you can disable it this way:
 +
 +
'''User Prefs'''
 +
 +
<i>webgl set to 0</i>
  
 
== Addons improving the security ==
 
== Addons improving the security ==
Line 122: Line 240:
  
 
* Versions 11.00 and 11.01 were almost unusable due to broken '''noscript''' feature
 
* Versions 11.00 and 11.01 were almost unusable due to broken '''noscript''' feature
* Versions 11.xx (reportedly fixed in 12) ignored HTTPS proxy settings in some cases  
+
* Versions 11.xx (reportedly fixed in 12) '''ignored HTTPS proxy settings''' in some cases  
 
(forum thread: https://anonymous-proxy-servers.net/forum/viewtopic.php?f=9&t=6390)
 
(forum thread: https://anonymous-proxy-servers.net/forum/viewtopic.php?f=9&t=6390)
  
 
<p style="background-color:yellow">Use this information at your own risk.</p>
 
<p style="background-color:yellow">Use this information at your own risk.</p>

Revision as of 09:37, 6 October 2012

En2.png De2.png  Main Page (en) | Alternative browser configuration (en)

This manual is not complete and not verified or maintained by JonDos. Please address possible questions to the forum, or major contributors to this page (see history), not the support of JonDos.

Op.png

Contents

Download Opera

Opera

Make sure to use always the latest version of Opera !

Opera 12.00 Release 2012-Jun-14 Changelog Opera 12.00 Version history

Proxy settings

In recent versions you can set a common proxy setting for all protocols, in older versions you had to fill in separately. Enter server address 127.0.0.1 and port 4001 (you can change 4001 to some other number in JonDo settings, then use same value in the browser proxy settings too). For Tor the settings are similar, just the default port value is 8118. Make sure to cover HTTP, HTTPS and FTP protocols, for possible exotic or archaic protocols like Gopher you can enter invalid port 0.

Opera1152proxy.png

Adjust Header Data and User Agent

User Prefs -> Custom User-Agent

There you can enter a modified User Agent:

Opera/9.80 (X11; U; Linux i686; en-US; rv:1.9.2.3) Presto/2.2.15 Version/10.10

Network -> HTTP Accept

text/html,application/xml,*/*

Network -> HTTP Accept Language

en-us

Control plugins

Preferences -> Advanced -> Content -> Enable plug-ins.

Opera1160javaxxx.png

In version 12 of Opera, plug-in execution in a separate process was introduced, but then temporarily disabled due to problems. This is a security feature, but for privacy this doesn't bring too much benefit. All other precautions do apply anyway.

Control Java

Java is needed to execute JonDo but Java also serves as a browser plugin than can bring a security and anonymity risk. Java is independent from JavaScript, while without JavaScript many pages are only partially usable or even unusable, Java is rarely a benefit. Disable in Preferences -> Advanced -> Content -> Enable plug-ins. The other and probably safer way is to install JonDo as "portable" - in that case Opera (like any other browser) will simply not find the Java used by JonDo (there should be no other Java on the system).

Settings for improved security and privacy

To enter the settings page, type in following special address:

opera:config

There you can change following settings:

Option:Persistent Storage

Domain Quota For localStorage set to 0 (Domstorage)

Global Quota For localStorage set to 0

Databases Access Handling set to false

Option:Visited Link

Visited Links State set to 0 (Protect from history readout)

Option:Author Display Mode

Author Font and Colors set to false (fixing the font-face problem)

Option:User Display Mode

User Font and Colors set to false (fixing the font-face problem)

Option:User Agent

Allow Components In UA String Comment set to false

Option:UserPref

Allow Scripts To Navigate In History set to false

Enable Webfonts set to false

Google TLD Downloaded set to false

History Navigation Mode set to 0

Max Direct History Lines set to 0

Max Global History Lines set to 0

Max Window History Lines set to 1 (disables tab history, if you want to use "back" and "forward" buttons, set a bigger value or keep the default)

Show History In Addressfield Autocompletion set to false

Show Searches In Addressfield Autocompletion set to false

Special effects set to false

Visited Pages set to false

Option:Diskcache

Enabled set to false

Size set to 0

Cache Docs set to false

Cache Figs set to false

Media Cache Size set to 0

Empty On Exit set to true

Option:Cache

Cache HTTPS After Sessions set to false

Cache Figs set to false

Cache Docs set to false

Application Cache Quota set to 1000

Option:Security Prefs

Enable TLS v1.1 set to true

Enable TLS v1.2 set to true

Certificate revocation lists for ssl set to true

Strict Transport Security support set to true

Strict EV Mode set to true

Warn About Imported CA Certificates set to true

Multimedia

Allow Autoplay set to false

BitTorrent

Bittorrent set to false (if not needed)

Autoupdate

Plugin Auto Install Enabled set to false (avoid automatic installation of missing plugins)

Do Not Track Header

Settings->Extended->Security

Here you can set the Do Not Track Header.

If you don't want to use the WebGL feature, you can disable it this way:

User Prefs

webgl set to 0

Addons improving the security

NotScripts

You can disable JavaScript either completely, or selectively using the NotScripts addon. After installation, set the Javascript-Cache of Opera to the value 5000.

NoAds Advanced

This addon allows you to block advertising and tracking activities of web pages.

NoAds Advanced

Alternative search engines in Opera

Launch for example Blekko.

Move the mouse arrow into the search field, with a right click call the context menu, and pick "Create Search".

Suche2.png

You will see the menu to register a search engine (see screenshot). You have to set up a keyword, in this case "bl" (blue arrow). You have to decide, whether this one has to become the default search engine (red arrow).

Suche1.jpg

Further privacy-friendly search engines:

Startpage

DuckDuckGo

MetaGer2

All those are accessible with HTTPS too.

Block URLs and advertising

Opera checks the file urlfilter.ini as a block list. The file can hold full names as well as RexExe, matched URLs will not be shown. A list can be downloaded from here: https://www.awxcnx.de/download/urlfilter.ini (right click). Place the file into following directory:

  • Windows (portable Opera) : inside the installation in "profile" directory, besides file "operaprefs.ini"
  • XP (if Opera not portable) : C:\Documents and Settings\...\Application Data\Opera\Opera\
  • Vista: (if Opera not portable) C:\Users\<username>\AppData\Roaming\Opera\Opera\
  • Linux: $HOME/.opera/
  • OSX: /Users/<username>/Library/Preferences/Opera Preferences/

You must restart Opera for the changes to take effect.

Other risks

Opera still has the Font-Face-Problem in version 11.62 :

Opera1160fontsbug.png

but it can be fixed this way:

Option:Author Display Mode

Author Font and Colors set to false

Option:User Display Mode

User Font and Colors set to false

Another problem is the History-Sniffing , it can be fixed this way:

Option:Visited Link

Visited Links State set to 0

Run Anontest to check the problems and success of fixes.

Performance tuning

Worst old resolved bugs

  • Versions 11.00 and 11.01 were almost unusable due to broken noscript feature
  • Versions 11.xx (reportedly fixed in 12) ignored HTTPS proxy settings in some cases

(forum thread: https://anonymous-proxy-servers.net/forum/viewtopic.php?f=9&t=6390)

Use this information at your own risk.

Personal tools