Day 6: Advanced Preferences 3

April 24, 2005

This page has been revised to be part of the meta Opera Advanced Preferences page. Apologies for any inconvenience may cause you, but I believe it will better in the long run.

{ 13 comments… read them below or add one }

1 Jeff C 04.24.05 at 1:44 am

Hi. I have a small question on maximum connections. Are there factors other than connection speed with which you should make your choice in this setting?

2 TjL (tntluoma.com) 04.24.05 at 1:53 am

None that I am aware of. Hopefully others will chime in if they do.

3 Nils Heuermann 04.24.05 at 7:14 am

I’ve got one question to the master-password:


I’m a little bit confused, because in every explanation of that is said, that you can set the password and the data will be encrypted.


But can I simlpy unset the master-password (by entering no new password)? I never wanted to try that, because of the case that I probably can not unset it ;)

4 BtEO 04.24.05 at 9:38 am

Jeff C:

For the two connection settings, connection speed actually matters less than you might think.

However, some servers will tend to timeout a little more if you make more simultaneous connections at the same time, generally 2-4 is a good amount.

The second setting can safely be set quite high even on dialup.

There is a little more on the subject in a couple of the entries here: http://nontroppo.org/wiki/OperaPerformance

5 Peter Karlsson 04.25.05 at 10:45 am

A word about “Encode international Web addresses with UTF-8”: If you follow links which contains characters not found in the standard English alphabet (that is, A-Z) and find that these don’t always work, you could try unticking this setting.

This is especially common for east Asian languages (Chinese, Japanese, Korean), although most servers are converting to UTF-8 nowadays.

6 Mischa 04.26.05 at 5:38 pm

I think it’s worth spending more time on the subject of the “Master Password”:

What it does:

  • prevents unauthorised use of your wand (your passwords are never stored in clear text anyway, but this way the wand data is encrypted using your password)
  • prevents unauthorised checking of your email

What it doesn’t do:

  • encrypt your (local or any other) email

I’m not certain about how the wand data is stored, so somebody please enlighten me :-)

ciao
Mischa

7 Flavio Suárez 05.20.05 at 8:52 pm

Mischa:

Try these links:

“Wand” security -> http://list.opera.com/pipermail/opera-users/2003-February/017662.html

and

About the Wand -> http://list.opera.com/pipermail/opera-users/2005-April/thread.html#25109

8 Flavio Suárez 05.20.05 at 8:56 pm

Tim:

Two interesting discussions about cookies:

A few preferences need to be renamed - My Opera Forums -> http://my.opera.com/forums/showthread.php?threadid=66427

Cookie Settings are not labeled corrrectly -> http://home.tbbs.net/shadow/operaforum/ocook.xhtml

9 LionsPhil 06.18.05 at 6:23 pm

Are you sure about “Use cookies to trace password protected pages”? As I understand it, it basically makes Opera treat any page which uses a cookie set by the response to a password form as a “secure page” for the purposes of not remembering it in your history, and the like. As such, security pedants would want it turned on, and people who want web forums and the like to remember visited posts would want it turned off.

I’m sure I found an Opera help page somewhere explaining this, but I can’t find it again now, alas.

10 jrspie 07.02.05 at 9:08 pm

The info contained in your articles has made a believer out of me.

But I’m curious. I use Roboform w/Firefox. It is safe and extremely simple. Just enter a master passcode and click on the site you want to open. I can go higher than 256 bit encryption for each of my accounts. It handles numerous different accounts in the same site, ie Yahoo mail.

How can I make the Wand operate the same way-or how can I get Opera to let people use Roboform.

I have too many sensitive accts. to start taking chances now.

Hope you can help.

Thanks,

John

11 Shane R. Monroe 08.01.05 at 9:39 pm

Just a note on ‘illegal cookie paths’ …

Allowing illegal paths is just another invitation for spoofing.

Third party cookies allow for a cookie to be set from a different domain (i.e. you’re on http://www.sitea.com and they have an ad from http://www.siteb.com which sets a cookie). When you set a cookie programmatically, you can set the path … this is to protect your cookie from being read by another path. For example, you can set a cookie with a path of “www.sitea.com” which is valid for the site as a whole. You can also set a full path to your cookie - to allow cookies the same name for the same ‘server’ ….

Path: http://www.sitea.com/cgi

Name: Script

Path: http://www.siteb.com/cart

Name: Script

These cookie paths should NOT be settable from ANOTHER path other than the one designated. If you’re at http://www.siteb.com/cgi/script.pl - that script should NOT be allowed to set a cookie path of “www.siteb.com/cart”.

How can this be a risk or even a worry? Consider this …

http://www.freesites.com/~user1/index.php

could technically set a cookie for:

http://www.freesites.com/~user2

… this would allow some other user to overwrite a cookie from another path completely!

A great security risk? A huge hole? Maybe … maybe not … but anything that can be exploited to do evil has to be watched closely- bravo for Opera to give us the opportunity to nuke it.

12 kirin 08.03.05 at 2:54 pm

You can use the opera6.ini file to change the History parameters to any number you like:



Max Direct History Lines - Typed in addresses;


Max Global History Lines - Visited addresses;


[Disk Cache]…Size - Disk Cache

13 sajee thomas 08.16.05 at 2:20 pm

opera comunity is our comunity

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Previous post: Hungarian translation

Next post: Day 7: Advanced Preferences 4