Skip to content
Naked Security Naked Security

Opera brings back free VPN service to its Android browser

Opera lost its Android browser's VPN after it was sold to a Chinese consortium, but now it's back.

Opera announced on Wednesday that it’s added its free Virtual Private Network (VPN) service to its Android browser app …again.

The Norwegian browser maker offered a stand-alone, built-in VPN service before it was sold to a Chinese consortium, but it stopped working after the sale.

Now, it’s back: the latest, VPN-bearing, mobile browser version – Opera for Android 51 – is available now in the Google Play store or on Opera.com. The company hasn’t given any hints about whether it’s planning to bring the VPN to its iOS browser.

The VPN is free, unlike private VPN services for which you have to pay additional fees, Opera stressed. It’s also easy: users don’t have to sign in every time they want to use it; all you have to do is hit a switch.

What this is…

The Opera browser VPN will create a private and encrypted connection between Androids and a remote VPN server, using 256-bit encryption. It will shield users’ geographical locations, thus making it hard to track us, Opera says. That will hopefully provide a bit of relief from the apps that have been sucking our location data like so many leeches and selling it to third parties.

One example of that: Los Angeles recently sued the Weather Channel for allegedly posing as a “personalized local weather data, alerts and forecasts” app that’s more like a money-making stalker, tracking users “throughout the day and night” so as to sell their private, personal location data…

…it being just one of at least 75 companies that the New York Times recently found have been getting purportedly “anonymous” but pinpoint-precise location data from about 200 million smartphones across the US. They’re sharing our location data or selling it to advertisers, retailers or even hedge funds.

That’s just fine if you want to, say, see ads for personal injury lawyers when you’re sitting in an emergency room. Otherwise, not so much.

Opera’s Android VPN service is also a no-log service, which means that the VPN servers don’t log nor retain activity data, so as to protect users’ privacy.

Opera says that its built-in VPN will be good for connecting to sketchy public Wi-Fi hotspots in coffee shops, airports and hotels, protecting our internet traffic by keeping it encrypted …a useful thing, given that we’ve seen a number of Android apps sending unencrypted data that’s easy to spy on over public Wi-Fi.

Peter Wallman, SVP Opera Browser for Android:

By enabling Opera’s browser VPN service, users make it very difficult for third parties to steal pieces of their information and can avoid being tracked. Users no longer need to question if or how they can protect their personal information in these situations.

In its release, Opera referenced a report from the Global World Index that found that there were more than 650 million VPN users as of 2018 and that the use of mobile VPNs is on the rise.

Not surprising, given that people are probably just a teensy bit keen on improving their privacy these days. Of course, it doesn’t hurt for a browser like Opera, with its tiny market share, to jump on that bandwagon. As of February, Opera claimed only 3.53% of the mobile browser market, according to web analytics service StatCounter. It’s a shrimp compared with market leader Chrome, with its 56.74%.

Been there, done that, been scoffed at

This isn’t Opera’s first foray into VPNs. The desktop version of the browser picked up a kind-of, not-really “VPN” in 2016.

What that meant, as we said at the time, was that Opera would encrypt all web traffic through the browser, that it would block cookies, and that the user’s IP address would be hidden away. It meant more privacy for Opera users from potentially prying eyes, be they criminals trying to sniff Wi-Fi traffic or advertisers trying to track a user’s browsing.

What it didn’t mean: that it was a VPN in the true sense.

As people – including us – were quick to point out at the time, Opera’s desktop “VPN” in your browser didn’t protect all network traffic. It only protected users when they were surfing using Opera, not when they were using Outlook, Skype or any other tool.

Opera for Android is likewise nothing more than that: it’s to protect privacy when you’re using the Opera browser. Opera’s Communications Manager, Alejandro Viquez, explains it like this:

Regarding people discussing if it’s a true VPN, the thing is that there are few differences between VPN services and proxy services. Our browser VPN is a service that allows you to appear at a location of your choice around the world. From a users’ point of view, the only differences are that the browser VPN in Opera is fully free and that it’s restricted to the browser application.

What this isn’t…

A VPN can be a very useful security tool, but it’s not a cure-all. The usual caveats apply: pushing your traffic through a VPN means trusting your VPN provider – a lot. It hides your traffic from interlopers who aren’t your VPN provider by revealing all of it to your VPN provider. Your VPN becomes your ISP, effectively.

And there are good reasons for being leery when it comes to trusting those third-party VPNs. A recent study found that 60% of free VPN services are either from developers based in China or have some form of Chinese ownership: a worrisome connection, given how China has recently clamped down on VPNs.

Nor do most free VPN apps found in Google Play Store and Apple Play Store have much by way of formal privacy protections …or user support.

Can we trust Opera not to sell us out?

Opera itself now has Chinese owners. When TechCrunch’s Frederic Lardinois asked Opera about it earlier this year, he says the company stressed that it’s still based in Norway and operates under that country’s privacy laws. From TechCrunch:

The message being that it may be owned by a Chinese consortium but that it’s still very much a Norwegian company.

Opera is stressing that the VPN service in the Android app doesn’t log “activity of data.” Nor does it attempt to monetize any aspect of the VPN, it said in a conversation with VentureBeat:

The service is provided fully free of charge as a unique feature to improve the privacy and security. Opera monetizes from other unrelated mechanisms, and unlike other VPN services, Opera doesn’t depend on monetizing the browser VPN service.

You have to watch your Ps and Qs in the VPN

The fact that your VPN provider can see what you’re up to hasn’t stopped a number of people who’ve broken the law while using one.

We’ve seen a cyberstalker busted after he used a VPN to try to cover his tracks as he created accounts through which to send harassing messages. As he himself noted on Twitter just days before he was arrested, VPNs provide privacy …not anonymity. Not when your VPN provider can see what you’re up to.

We’ve also seen examples of how bitcoins added to a VPN don’t keep you anonymous, though crooks apparently thought that it would. (That link leads to an article by Naked Security’s Paul Ducklin that’s well worth a read when it comes to defining exactly what a VPN does …and what it doesn’t!)

And then too there was the employee from hell who was busted by VPN logs. A week before retiring, she used her system privileges to create new, fake employee user accounts, plump with high-level privileges and without any authorization whatsoever, from which she wreaked all sorts of havoc on the reservation and ticket system of her former employer, an airline.

People tend to misunderstand VPNs, so it’s worth restating: VPNs hide your computer’s IP address. They encrypt traffic between you and your VPN provider, making it incomprehensible to anyone intercepting it. But your VPN provider isn’t “intercepting” it: your VPN provider gets to see right into that tunnel, witnessing everything passing through your network.

5 Comments

Will never trust Opera with Communist Chinese ownership. It may be in Norway today, but the Chinese government can move it to China tomorrow and forbid its employees from speaking a word. This is a data mining project and a turd polishing project, combined.

Reply

100% agree. They will do whatever they want even within Norway if they feel they can hide it well enough. Can YOU tell if your VPN traffic is being monitored and recorded, even though they say it isn’t? Nope.

Reply

I think it’s more comfortable to use VPN application. I use VeePn,for example. One app for all browsers and all devices.

Reply

I do not trust anything in which the Chinese dictatorship has control over- which is every company in China.

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!