Opera 12 security and privacy guide

This page is intended to provide security and privacy recommendations to those of us who intend to keep using Opera 12 (or older) as long as we can. (For example, it is the best modern browser for computers with 512 MB of RAM or less and/or with a single-core processor. It also does not require SSE2!)

It might be a bit late to publish this now, but Opera 12.18 for Windows was released on and this encouraged me to finally do it.

Opera is not vulnerable to the Spectre attack! It does not support the APIs needed for it (performance.now and SharedArrayBuffer).

Getting the latest version

If you are using version 12.18 or 64-bit version 12.15 or later, see this note about the missing file public_domains.dat.

I think version 12.16 is still secure enough on non-Windows operating systems if you follow the recommendations on this page, though some sites have mandatorily started using encryption protocols that it does not support, which is somewhat annoying (although I think this is also due to a bug in Opera, which I have yet to investigate). If you have enough computing power, you may want to run 12.18 for Windows in a virtual machine or with Wine (see above).

Windows-specific information

Versions 12.17 and 12.18 were released only for Windows. The changes from 12.16 to 12.17 are:

The changes from 12.17 to 12.18 (for which there is no formal changelog) add support for new encryption protocols, remove support for some old ones, enable TLS 1.2 by default (which had to be done manually before), and fix a security vulnerability in M2 (the mail client) which was only present on Windows. I have also noticed it is faster at connecting to secure (HTTPS) sites.

Opera is compatible with EMET. EMET already includes a protection profile for Opera; you only need to import Popular Software.xml.

Recommended settings

Note: these instructions primarily apply to versions 12.00 and later. Older versions may not have all the settings mentioned below.

Open the Preferences window. If your menu bar is set to be shown, choose "Preferences…" from the Tools menu, otherwise choose "Settings" and then "Preferences…" from the Opera menu.

On the "General" tab

On the "Search" tab

Note: on certain older versions, these settings are on the "Advanced" tab in the "Content" section.

On the "Advanced" tab

In the "Content" section

In the "Cookies" section

Choose "Never accept cookies" and enable them only for sites that really need them (see below).

In the "Security" section

In the "Network" section

In the "Storage" section

Periodically clear persistent storage by clicking "Clear All". Checking "Delete persistent storage" in the "Delete Private Data" window does not clear it; this is a bug.

In opera:config

Site-specific preferences

Normally, you should browse with JavaScript, plug-ins, and cookies disabled. You may choose to enable them only for frequently visited sites that require them. Opera makes it easy to do so: right-click on the page's background and choose "Edit Site Preferences…" to make the changes you need.

For cookies, I recommend you choose "Accept cookies only from the site I visit" to block cookies from third-party sites (such as advertisers) whose content may be embedded in the page.

You can see the list of all the sites you have set specific preferences for (and delete them) by opening the Preferences window (see above) and clicking "Manage Site Preferences…" on the "Content" section of the "Advanced" tab.

To only temporarily enable something for a site without permanently adding it to the list of exceptions, use the "Quick Preferences" menu, which you can open from the Tools menu or by pressing F12. Make sure to revert those preferences when you're done, because they will affect all pages loaded from that point on until you do.

Mail

Make sure your communications with mail servers are encrypted. From the "Tools" menu, choose "Mail and Chat Accounts…". Inspect the properties for each mail account and make sure that on the "Servers" tab, "Secure connection (TLS)" is checked. The port numbers depend on your mail provider; refer to their documentation for information.

Note: this only ensures a secure connection between you and your mail servers. Encrypting the messages themselves is outside the scope of this page.

You may want to use Stunnel to get better encryption than what Opera can provide.

Feeds (RSS/Atom)

Make sure you get feeds through HTTPS. From the "Feeds" menu, choose "Manage Feeds…". For each feed, choose "Edit…" and make sure the address starts with "https".

Chat (IRC)

Make sure your communications with IRC servers are encrypted. From the "Tools" menu, choose "Mail and Chat Accounts…". Inspect the properties for each IRC account and make sure that on the "Servers" tab, "Secure connection (TLS)" is checked. However, this alone does not guarantee a secure connection; you have to use the correct port number, which depends on the server (look for TLS or SSL):

Note: if not all users of a channel use a secure connection, this might be pointless.

You may want to use Stunnel to get better encryption than what Opera can provide.

Opera Turbo

Opera Turbo works by using Opera's servers to compress pages. This means Opera can see what pages you visit, so keep this in mind. Secure sites (those using HTTPS), however, never go through Opera Turbo. See Opera's privacy policy for details.

Dragonfly

Dragonfly tracks usage by default. You can turn that off by clicking the Settings icon and unchecking "Track usage".

You can also compile and use it locally (by default it is downloaded from Opera's servers), though this by itself doesn't disable usage tracking.

If you don't use Dragonfly or don't know what it is, you don't need to do this.

Alternatives

If for any reason the majority of the Web becomes incompatible with Opera (highly unlikely unless HTTP, HTML, and TLS as we know them today get replaced by something completely different), we will have no choice but to switch (or maybe just use a proxy).

If your computer too old for the above browsers and you are using Windows XP, I recommend New Moon SSE.

For Windows and OS X/macOS, the mail client and feed reader components (but not chat) are available as a separate program called Opera Mail (for Windows and OS X only).


First published on .
Last updated on .

Table of contents

Contact me