Discussion:
PSA - I just noticed Epic browser is a "proxy" just like Opera (I think)
(too old to reply)
Dan Jenkins
2018-01-07 18:02:13 UTC
Permalink
There may be two freeware web browsers with full-time encrypted proxy.
* Epic
* Opera

This is only a PSA as I was rooting around the Epic web site to figure out
how to find the full offline installer link, when I just now noticed the
Epic browser says it is a "proxy" just like Opera (I think).
https://www.epicbrowser.com/encrypted_proxy/

I can't tell if, like Opera, it keeps a special unique ID for each user.
https://www.epicbrowser.com/privacy/intro.html

All I can say is the Epic Chrome-based browser does give you proxy options:
Loading Image...

I also noticed something new in the latest Opera, which is that Opera has a
new'ish switch that allows you to bypass the proxy-vpn for
default-search-engine searches (for speed).
Loading Image...

I don't know anything more than this, so this is just a public service
announcement - but what that seems to tell us is that there are at least
two free Windows-based free "proxy" browsers.
Mayayana
2018-01-07 19:12:02 UTC
Permalink
"Dan Jenkins" <***@plusnet.uk> wrote


| There may be two freeware web browsers with full-time encrypted proxy.
| * Epic
| * Opera
|

Are you concerned with privacy? Epic won't
let you install without letting it call home. The
resource data in the stub includes something
called GOOGLEUPDATE and the string table
includes a number of google URLs. Why is all that
there in a program that claims to remove all Google
spyware from their version of Chromium?
Dan Jenkins
2018-01-08 04:31:31 UTC
Permalink
Post by Mayayana
Are you concerned with privacy? Epic won't
let you install without letting it call home. The
resource data in the stub includes something
called GOOGLEUPDATE and the string table
includes a number of google URLs. Why is all that
there in a program that claims to remove all Google
spyware from their version of Chromium?
This is good to know as I was unaware of this.

Since Goodguy showed us how to create an offline full installer (see
below), maybe we can block the Googleupdate stuff?

Here's how to create full offline installer.

You can create an offline installer zip from the stub installer setup.
http://epicbrowser.blogspot.co.uk/2015/06/offline-setup-of-epic-browser.html

1) Download the online stub setup from the official website.
https://www.epicbrowser.com/
https://winepic-cbe.kxcdn.com/Release/58.0.3029.110/EpicSetup.exe
2) Install the stub installer which will require an Internet connection.
3) Once the installation is completed, look for the following 7z file:
C:\Users\<user name>\AppData\Local\Epic Privacy Browser\
Application\<version>\Installer\chrome.7z
4) That "chrome.7z" file is the full offline installation zip file.

A) To install elsewhere, just extract that chrome.7z file.
B) When you extract, you get a directory called "Chrome-bin".
.\Chrome-bin\<version>\
.\epic.exe
C) Create a shortcut to the epic.exe (which is the browser).

Do you think running that offline full install 7z file also phones home?
Mayayana
2018-01-08 13:21:52 UTC
Permalink
"Dan Jenkins" <***@plusnet.uk> wrote

| Do you think running that offline full install 7z file also phones home?


I don't know. You'd have to try it behind a
firewall and see whether the firewall tells you
that something is trying to call home. Though
most things do that these days. Firefox does.
Even extensions try to call home and log the
install + IP address, probably along with some
basic system info.
On the other hand, if you use it in proxy mode
then you're "living" at Epic. Websites will not
get your IP address, but Epic will have your whole
history.

I avoid anything Chrome-esque
because of Google, so I haven't tried it. And
I'm not willing to install something that requires
calling home for the install. That seems to defeat
the purpose. I'd have to let that program through
the firewall before I've even tried the software.
There's no excuse for them wanting that kind
of control.
The PE version info in the unpacked download
(What you'd see in right-click -> Properties if the
EXE were not obfuscated) says it's called
epicupdate.exe and copyrighted by Google.
The code is supposedly OSS, so I wonder why
they need to credit Google with the copyright
for their version if Google is not involved.

I also don't use "social" sites and I don't
want all history deleted when I close, so Epic
seems to be everything I don't want.

Then there's proxy browsing. That's an interesting
idea, but it also means that the people at Epic
would be getting my total browsing history. Why
should I trust them with that?

I do like the idea of blocking tracking scripts and
ads. I do that now with a HOSTS file, but most
people wouldn't know how to do it. So I guess if
you trust Epic then their browser seems like a good
plan.
Dan Jenkins
2018-01-08 16:32:28 UTC
Permalink
Post by Mayayana
On the other hand, if you use it in proxy mode
then you're "living" at Epic. Websites will not
get your IP address, but Epic will have your whole
history.
Yes. But. If you do 1/5th your activity at Epic, 1/5 at Opera, 1/5th with
any of a billion proxies - most of which are probably the same company,
1/5th on VPN, and 1/5 on the Tor Browser Bundle, you've "spread out" your
activity a bit by that "ip spoofing".

It's *easy* to do ip spoofing when it's all built into the browser (Tor,
Epic, and Opera) and even easier when you're on VPN. It's only the proxy
that takes any effort, however miniscule, once it's all set up.

Is there any other general ip-spoofing solution other than
1. Tor
2. VPN
3. Proxy
4. Opera
5. Epic
6. ?
Post by Mayayana
I avoid anything Chrome-esque
because of Google, so I haven't tried it.
There are a lot of chrome-based browsers - I like SRWAre Iron, but there
are so many I can't count them.

Obviously the official Mozilla Firefox & Google Chrome are off limits since
they're so riddled with holes that you can't hope to patch them.
Post by Mayayana
And
I'm not willing to install something that requires
calling home for the install.
Does this test plan sound reasonable?
1. Go on VPN.
2. Download & install Epic stub.
https://www.epicbrowser.com/encrypted_proxy/
3. Optionally, put epic web sites in the hosts file as 127.0.0.1
4. Save the full offline downloader
C:\Users\<user name>\AppData\Local\Epic Privacy Browser\
Application\<version>\Installer\chrome.7z
5. Uninstall Epic
6. Disconnect from the net
7. Unzip that "chrome.7z" file in your app directory
8. Start Wireshark
9. Go online
10. See what happens when you use that offline Epic
Post by Mayayana
I also don't use "social" sites and I don't
want all history deleted when I close, so Epic
seems to be everything I don't want.
I don't use anything I have to log into, except web forums and email, whose
utility outweighs the privacy loss. Google hates VPN with a passion, so it
took me years to come to terms with Google as to how to prevent them from
locking me up when I check my mail. Their algorithms are ridiculously tight
in that they block you out just for your IP address even though you've
never once spammed anyone. I understand - but they're really anal about it
as I was locked out once a week for a while before I figured out all the
tricks (it takes about a dozen separate things you have to do, especially
since I never give Google any real information ever - although email is
filled with real information itself).
Post by Mayayana
I do like the idea of blocking tracking scripts and
ads. I do that now with a HOSTS file, but most
people wouldn't know how to do it. So I guess if
you trust Epic then their browser seems like a good
plan.
My HOSTS file is well used!
As is my firewall.
Post by Mayayana
Then there's proxy browsing. That's an interesting
idea, but it also means that the people at Epic
would be getting my total browsing history. Why
should I trust them with that?
There is the strategy: You can't trust anyone.
There are the tactics: Yet, you must browse.

Hence, one approach is to spread out your browsing history.
Epic is just one of those that you can spread it out to.
VPN is another.
Proxy is another.
Opera is another.
Tor is another.

(Are there any other ways to spread out your browsing history?)
Mayayana
2018-01-08 17:19:53 UTC
Permalink
"Dan Jenkins" <***@plusnet.uk> wrote

| Does this test plan sound reasonable?
| 1. Go on VPN.
| 2. Download & install Epic stub.
| https://www.epicbrowser.com/encrypted_proxy/
| 3. Optionally, put epic web sites in the hosts file as 127.0.0.1
| 4. Save the full offline downloader
| C:\Users\<user name>\AppData\Local\Epic Privacy Browser\
| Application\<version>\Installer\chrome.7z
| 5. Uninstall Epic
| 6. Disconnect from the net
| 7. Unzip that "chrome.7z" file in your app directory
| 8. Start Wireshark
| 9. Go online
| 10. See what happens when you use that offline Epic
|

Sounds complicated, but I can see the logic.

| There is the strategy: You can't trust anyone.
| There are the tactics: Yet, you must browse.
|
| Hence, one approach is to spread out your browsing history.
| Epic is just one of those that you can spread it out to.
| VPN is another.
| Proxy is another.
| Opera is another.
| Tor is another.
|
| (Are there any other ways to spread out your browsing history?)
|

You bring up some interesting ideas.

It's an interesting strategy. There may be
someone at the NSA scratching his head....
He's spends all his time reading news...
No, he spends all his time shopping...
No, he never leaves ESPN... :)

I guess it's a good approach given that you
also use a HOSTS file. And script blocking? I
think the biggest factor is the spying is the ubiquity.
The average person is allowing a number of
companies to track their moves online just
by acting normally.

I guess there are a lot of ways to do it and people
have different priorities. For people who use the
likes of Twitter, Facebook, LinkedIn, etc -- they
probably feel they have no choice and thus they
can't afford realistic concerns about privacy.

I don't use any of those things. I don't download
illegal files or plot bank robberies. For me the
issue is mostly one of maintaining reasonable
privacy and enforcing some semblance of dignity.
I don't want to actively accept a norm that says
any company online has a right to your data.
(I was just reading the other day that in Estonia
it's a very serious crime for someone else to
look at your data without cause because it
belongs to you. And gov't authorities' access is
recorded.)

So I wouldn't consider using anything like gmail.
The basic deal is "we give you a freebie and you
agree to let us spy on you and co-own your files".
That's simply dishonest at the core. It can't
be made decent/dignified except by changing
it to: You pay by seeing ads but we won't spy.

Google have no basic ethics. They act sleazy
and rationalize it to themselves as the inevitability
of tech. There's no clean deal there. I also don't
consider it ethical the other way around: If you
try to steal the service and avoid the price then
you become part of the sleaze. Stealing from a
pickpocket is still stealing. Unfortunately, for now,
there are not many options. The whole Web is turning
into a number of spyware walled gardens.

I'm also wary of VPNs. It's allowing an unknown
company to track you. I've seen rumors about
VPN faults and also about VPNs cooperating with
the NSA. But that does mean that my IP address
is distinct. For now I accept that. I just try to block
3rd-party files, script and tracking as much as
possible. I figure that if more people would just
block the basics and set up a HOSTS file, spyware
advertising would become untenable and companies
like Google would have to settle for the billions
they used to make with context advertising.

I don't actually block ads and don't see a need to.
If a website needs ads to support their operation
that's fine. I'll decide whether I want to go to that
site. If I do then I'll see any *honest* ad they have.
In other words, if the ad is actually on their
website I'll see it. If they're going to try to trick
me into being tagged and involuntarily going to
Google/Doubleclick then I'm going to block that
and they won't get to show me any ads at all.

But just blocking Google is a big project. Google
fonts. Google jquery. Google tag manager. Doubleclick.
It goes on and on. I block everything I find of
theirs except the search and the maps API. I
occasionally use their search. And they show ads
at the top. Normally I use duckduckgo.

This is my HOSTS file list for Google alone.
(Using wildcards through Acrylic DNS proxy HOSTS file.)

127.0.0.1 *.googlesyndication.com
127.0.0.1 *.googleadservices.com
127.0.0.1 *.googlecommerce.com
127.0.0.1 *.scorecardresearch.com
127.0.0.1 *.1e100.com
127.0.0.1 *.1e100.net
127.0.0.1 *.doubleclick.net
127.0.0.1 *.doubleclick.com
127.0.0.1 *.googletagservices.com
127.0.0.1 *.googletagmanager.com
127.0.0.1 *.google-analytics.com
127.0.0.1 google-analytics.com
127.0.0.1 fonts.googleapis.com
127.0.0.1 googleadapis.l.google.com
127.0.0.1 ssl.gstatic.com
127.0.0.1 plusone.google.com
127.0.0.1 cse.google.com
127.0.0.1 www.google.com/cse
127.0.0.1 www.youtube-nocookie.com
127.0.0.1 *.appspot.com
VanguardLH
2018-01-07 19:49:06 UTC
Permalink
Post by Dan Jenkins
There may be two freeware web browsers with full-time encrypted proxy.
* Epic
* Opera
This is only a PSA as I was rooting around the Epic web site to figure out
how to find the full offline installer link, when I just now noticed the
Epic browser says it is a "proxy" just like Opera (I think).
https://www.epicbrowser.com/encrypted_proxy/
I can't tell if, like Opera, it keeps a special unique ID for each user.
https://www.epicbrowser.com/privacy/intro.html
In Opera, the unique ID remains until whenever you decide to flush its
local data. From a prior submission of mine regarding Opera's ID ...

Are you using the app-specified pseudo-VPN incorporated into Opera?
That is when the device ID gets used (when connecting to SurfEasy VPN
server, owned by Opera).

You can clear the device ID: Opera menu -> More tools -> Clear
browsing data -> Third party services data. A new ID gets created when
you next connect to their VPN server. There may be extensions that
include purging the third party data when they purge Opera's other local
data. The unique/device ID is sent in the encrypted traffic only when
connecting to Opera's SurfEasy VPN server.

https://www.surfeasy.com/privacy_policy/
"For the VPN in Opera Browser for Desktop, we create a subscriber ID
(generated in sequential order across all subscribers) that allows us to
manage that user on our system. If that user clears their browser
cache/history, they’re assigned a new generated subscriber ID."

Since the traffic is encrypted, you won't be able to read it when
intercepting the web traffic from that web browser using a local proxy
(e.g., Wireshark). The ID sticks in Opera until you clear it. When you
next use their VPN, a new ID gets creates and sticks thereafter. You
can clear it as often as you want. Check if there is an extension that
clears it upon exit from the web browser so it will be new in every web
session of the web browser (*if* you use their VPN service).

As for Epic, you would have to see what options it has for clearing its
local data. I thought Epic's intent was to be a [more] secure Chromium
based web browser, so it doesn't support extensions since those can
share or steal data.

https://www.epicbrowser.com/FAQ.html
Why does Epic block almost all Addons or Extensions?
"... Epic only allows a few trusted Addons."

Didn't see any listed at https://epicbrowser.com/webstore/. Maybe the
only addons that Epic supports have already been pre-installed into the
product.

The Epic author's site has a dearth of information about his product.
Although some pages have a top banner advertising the availability of
the VPN fetaure, there is no further information: nothing about when it
gets used, how to enable/disable it, if it is a true VPN or just an
anonymizing proxy to hide your IP address, if it is implemented solely
at the client (which means it isn't a VPN) or connects to their server
and what is that server, etc. Guess the author equates hiding
information as a security measure.

There is the Epic forums where you could ask other Epic users how that
product works, if they know.

http://forum.epicbrowser.com/

By searching there on "vpn", I saw a user saying they were queried as to
which country to use a proxy. So it looks like Epic uses scattered
servers to achieve its claimed VPN feature. However, there is still no
informtion if Epic is running those proxy servers or if they're from
some public list of public proxies. If they are public proxies (because
the Epic author cannot afford the cost of all those resources for a free
product that has no advertising or tracking) then all Epic's "VPN" does
is anonymizing. You don't need Epic, Opera, or any particular web
browser to configure them to use a public proxy to hide your IP address.

http://forum.epicbrowser.com/viewtopic.php?id=1963

So a banner at their site claims Epic has a VPN feature (which works
only if provided as a service at some server) and yet the admin in their
forum says it is just a proxy, not a VPN server.
Post by Dan Jenkins
I also noticed something new in the latest Opera, which is that Opera has a
new'ish switch that allows you to bypass the proxy-vpn for
default-search-engine searches (for speed).
https://s17.postimg.org/4vch862ov/Clipboard02.jpg
Opera has a feature that it will use their server to submit queries to
the online search engines. This would hide your IP address from the
search provider. Well, either the search engine provider gets to track
your searches or Opera can. The privacy risk is not mitigated: you
either trust the search provider to not abuse the tracking information
or you trust Opera with the same information. I disabled that feature
in Opera when I trialed the product but still saw search queries going
to their proxy server. I found a config file that dictated the
resulting destination for various search engines. Don't remember which
ones were left behind but any queries to those search engines sites
still had Opera sending the queries through Opera's proxy server.
Post by Dan Jenkins
I don't know anything more than this, so this is just a public service
announcement - but what that seems to tell us is that there are at least
two free Windows-based free "proxy" browsers.
EVERY web browser can be configured to use a free public (or free
private) or paid proxy server. Do a search on "free public proxy" and
you find lots of them; however, the free ones are not reliable nor are
they fast (and even the fastest proxy will still add delay as it is
another hop in the route but also has to deconstruct and rebuild the
traffic so it looks like it originated from only that server).

https://www.google.com/search?q=free%20public%20proxy

Note that there are blacklists of public proxy servers. There are
blacklists of the private/paid proxies, too. That's how sites can block
you from connecting to them. They may not want someone visiting that is
deliberately attempting to thwart their regional restrictions on content
access or other reasons they want to restrict access based on IP pools.
Dan Jenkins
2018-01-08 04:42:54 UTC
Permalink
Post by VanguardLH
As for Epic, you would have to see what options it has for clearing its
local data.
I don't see anything special except the same clearing of history and
cookies and other stuff that is also in any chromebased browser.
chrome://settings/clearBrowserData
Post by VanguardLH
Didn't see any listed at https://epicbrowser.com/webstore/. Maybe the
only addons that Epic supports have already been pre-installed into the
product.
It doesn't seem that there are any addons in Epic, by default.

There is a link on the extensions page to go here, which has a half dozen
extensions that they seem to be pushing (like LastPass).
https://epicbrowser.com/webstore/?hl=en-US
Post by VanguardLH
The Epic author's site has a dearth of information about his product.
Although some pages have a top banner advertising the availability of
the VPN fetaure, there is no further information: nothing about when it
gets used, how to enable/disable it, if it is a true VPN or just an
anonymizing proxy to hide your IP address, if it is implemented solely
at the client (which means it isn't a VPN) or connects to their server
and what is that server, etc. Guess the author equates hiding
information as a security measure.
I agree with you. There isn't even a description that tells you how they
track you, since all vpn & proxies have to track you at least a little bit
to prevent abuse and illegal stuff.
Post by VanguardLH
There is the Epic forums where you could ask other Epic users how that
product works, if they know.
http://forum.epicbrowser.com/
That's a good idea as it seems like the place to ask questions.
Post by VanguardLH
By searching there on "vpn", I saw a user saying they were queried as to
which country to use a proxy. So it looks like Epic uses scattered
servers to achieve its claimed VPN feature.
If you look at my original screenshot you can see a bunch of country
choices. https://s17.postimg.org/j1s83fnun/Clipboard01.jpg

The web site says the default is New Jersey.
Post by VanguardLH
However, there is still no
informtion if Epic is running those proxy servers or if they're from
some public list of public proxies.
I'm guessing - but they seem to be Epic specific proxy servers in New
Jersey, West Coast, Canada, UK, Germany, France, Netherlands, India, &
Singapore.
Post by VanguardLH
If they are public proxies (because
the Epic author cannot afford the cost of all those resources for a free
product that has no advertising or tracking) then all Epic's "VPN" does
is anonymizing. You don't need Epic, Opera, or any particular web
browser to configure them to use a public proxy to hide your IP address.
I didn't know Epic had a proxy until I looked at the web site for where to
find the offline full installer. So all this is new to me for Epic.
Post by VanguardLH
So a banner at their site claims Epic has a VPN feature (which works
only if provided as a service at some server) and yet the admin in their
forum says it is just a proxy, not a VPN server.
It seems to be called by Epic an "encrypted proxy" from what I read.
I don't think they call it a "VPN" on their web site.
But it's new to me so that's why I mentioned it.
VanguardLH
2018-01-08 05:19:15 UTC
Permalink
Post by Dan Jenkins
Post by VanguardLH
As for Epic, you would have to see what options it has for clearing
its local data.
I don't see anything special except the same clearing of history and
cookies and other stuff that is also in any chromebased browser.
chrome://settings/clearBrowserData
https://www.popsci.com/erase-browsing-history

In the 3rd photo showing Clear Browsing Data, there's an entry titled
"Third party services" at the bottom of the list. That article was
published 26-Aug-2017. The forum posts that I found mentioning to erase
the device ID in Opera also noted that was the menu nav path. Here is a
related forum post where Opera support says how to erase the device ID
(which is not sent anywhere other than to their VPN server and only gets
regenerated after erasure when you next visit their VPN server):

https://forums.opera.com/topic/19788/solved-still-being-tracked-when-using-opera-vpn/7

That article is 10 months old. It mentions the same menu nav to select
clearing 3rd party service data. Tis possible Opera has since changed
their menu content.
Post by Dan Jenkins
Post by VanguardLH
Didn't see any listed at https://epicbrowser.com/webstore/. Maybe
the only addons that Epic supports have already been pre-installed
into the product.
It doesn't seem that there are any addons in Epic, by default.
There is a link on the extensions page to go here, which has a half
dozen extensions that they seem to be pushing (like LastPass).
https://epicbrowser.com/webstore/?hl=en-US
That's the same URL that I mentioned (with the site likely detecting the
language charset of your web client and serving an English web page).
When I visit there using Google Chrome or Firefox, all I see is a
colorful title line but the rest of the page is blank. Maybe you must
use Epic (or lie using an extension to fake the User Agent header) to
connect to that web page.
Post by Dan Jenkins
Post by VanguardLH
So a banner at their site claims Epic has a VPN feature (which works
only if provided as a service at some server) and yet the admin in
their forum says it is just a proxy, not a VPN server.
It seems to be called by Epic an "encrypted proxy" from what I read.
I don't think they call it a "VPN" on their web site.
Below is a screenshot (with my annotation) when using Google Chrome
(same with Firefox) of their home page emblazoned with a banner
announcing that they have a VPN (likely similar to Opera's which is just
an encrypting and anonmyizing proxy):

https://imgur.com/a/5dMmU

Like Opera, they claim to provide a VPN but then duplicate the
description with "encrypting proxy" and "VPN". They cannot figure out
what to call it.

Guess they chose marketspeak: throw a bunch of high falutin' sounding
terms to make something sound more important. I've seen that a lot,
like Microsoft expending an entire article describing their anti-spam
feature in their e-mail clients rather than simply note that it is a
Bayesian filter with monthly pre-loads (to populate the spam/ham keyword
database) in addition to users voting on spam or ham for an e-mail
(marking as spam for an Inbox e-mail or marking as not spam aka ham for
a Junk e-mail). They didn't want to reveal that they caught up with
other e-mail clients and anti-spam tools that had been using a Bayes
filter for well over a decade earlier.
Dan Jenkins
2018-01-08 05:42:03 UTC
Permalink
Post by VanguardLH
Post by Dan Jenkins
There is a link on the extensions page to go here, which has a half
dozen extensions that they seem to be pushing (like LastPass).
https://epicbrowser.com/webstore/?hl=en-US
That's the same URL that I mentioned (with the site likely detecting the
language charset of your web client and serving an English web page).
When I visit there using Google Chrome or Firefox, all I see is a
colorful title line but the rest of the page is blank. Maybe you must
use Epic (or lie using an extension to fake the User Agent header) to
connect to that web page.
I just noticed that you are right by testing in another browser.
https://epicbrowser.com/webstore/?hl=en-US

Here's what it looks like from inside of Epic.
Loading Image...
Post by VanguardLH
Below is a screenshot (with my annotation) when using Google Chrome
(same with Firefox) of their home page emblazoned with a banner
announcing that they have a VPN (likely similar to Opera's which is just
https://imgur.com/a/5dMmU
Yeah. I see. It says "Epic's Encrypted Proxy is a free built-in VPN".
I agree with you. They can't figure out what to call it.
But it's just a proxy to me.
Post by VanguardLH
Like Opera, they claim to provide a VPN but then duplicate the
description with "encrypting proxy" and "VPN". They cannot figure out
what to call it.
I don't consider it a VPN because it's just an encrypted proxy.
Post by VanguardLH
Guess they chose marketspeak: throw a bunch of high falutin' sounding
terms to make something sound more important.
I agree. It's a proxy. If that.
It's certainly not a VPN.

I think the only advantage it has over a proxy is that it's encrypted,
presumably from you to their proxy server in New Jersey (NJ by default).
o***@gmail.com
2018-10-18 18:54:07 UTC
Permalink
The Opera browser brags that they don't track you.
They even offer you a free VPN to mask your browsing.
I have discovered some things that make me believe
that the exact opposite is the truth:

When I first started Opera mini on my new phone,
I got this message:

---------------------------------------
You are almost there
While we provide ad-free web browsing, our
partners can display ads within the browser's
home screen. Our partners will collect data
for ad personalization. If you don't agree,
you may see ads that are less relevant to you.

You can always manage your ad preferences
in the settings menu.

By pressing Accept & Continue, you agree to
the End User License Agreement and the
Privacy Statement.
---------------------------------------

Suddenly, I understood something about what I
had seen a few days earlier on my laptop computer.
I was trying to find some other information, and
had stumbled into the Opera configuration
subdirectory:
~/.config/opera
That's where it is on Linux. Someone who runs
Windows will have to find the hidden configuration
and preferences files on Windows, please.

When I looked at the Preferences file,
~/.config/opera/Preferences
here is what I saw: (These are fragments of a huge one-liner.
That is, the file is in ASCII but has no carriage-return,
or line-feed characters so it's all one huge long line.)


"https://sm.myhealth.va.gov/",13.219999999999995,"https://www.google-analytics.com/"
"https://gateway.answerscloud.com/",4.719999999999999,"https://www.google-analytics.com/"
"https://referrer.disqus.com/",1.60964464,"https://ssl.google-analytics.com/"
"https://twitter.com/",["https://abs.twimg.com/",0.5356967808436992,"https://analytics.twitter.com/"
"https://video.twimg.com/",0.14619830678830084,"https://www.google-analytics.com/"
"http://rum-static.pingdom.net/",1.5444,"http://www.google-analytics.com/"
"https://twitter.com":{"supports_spdy":true}},{"https://ssl.google-analytics.com"
"https://www.paypalobjects.com":{"supports_spdy":true}},{"https://www.paypal.com":{"supports_spdy":true}},{"https://www.google-analytics.com"
"https://cm.g.doubleclick.net":{"supports_spdy":true}},{"https://cms.analytics.yahoo.com"

We see places that I have visited, or seem to have
visited, and then a floating-point number, and then
9 of them are followed by trackers, mostly Google analytics:


The first one is outrageous. myhealth.va.gov is my health care.
I am an old Veteran, and I get health care from the Veterans'
Administration, and I go to their web site to send messages
to my doctor, and refill prescriptions. And it appears that
when I do, Opera sends the information to Google analytics.

The next-to-last item is disturbing too. Paypal. Google analytics hears
about my Paypal activities, how I spend my money. This is beyond disturbing,
this sounds like felony fraud and illegal invasion of privacy (as is
divulging my confidential medical information).

There are two other data collectors: analytics.twitter.com hears about my
twitter posts. (Why bother? Twitter knows what I post on twitter.)
And then Google also hears about my Twitter posts.

And it looks like when I click on a Doubleclick ad, Yahoo hears about it.

That's how Opera "partners" collect information on us.

And let me tell you, those most assuredly are not MY "preferences".

I uninstalled Opera from my phone and laptop, but couldn't uninstall
Opera-mini because Google hardwires it into Android, and I can't get
rid of it until I root my phone, which I have not succeeded in
doing yet. (BLU Studio G with Android 6. Anybody know of a way
that works for that?)

Any comments? Has anyone else noticed this? Is there an innocent explanation
for so many links to trackers and data collectors in the Opera "Preferences"
file?
a***@gmail.com
2019-12-12 12:01:56 UTC
Permalink
Post by Dan Jenkins
There may be two freeware web browsers with full-time encrypted proxy.
* Epic
* Opera
This is only a PSA as I was rooting around the Epic web site to figure out
how to find the full offline installer link, when I just now noticed the
Epic browser says it is a "proxy" just like Opera (I think).
https://www.epicbrowser.com/encrypted_proxy/
I can't tell if, like Opera, it keeps a special unique ID for each user.
https://www.epicbrowser.com/privacy/intro.html
https://s17.postimg.org/j1s83fnun/Clipboard01.jpg
I also noticed something new in the latest Opera, which is that Opera has a
new'ish switch that allows you to bypass the proxy-vpn for
default-search-engine searches (for speed).
https://s17.postimg.org/4vch862ov/Clipboard02.jpg
I don't know anything more than this, so this is just a public service
announcement - but what that seems to tell us is that there are at least
two free Windows-based free "proxy" browsers.
I tried to use Epic but then change it for gologinapp.com, i think its much better!
Loading...