Is the Opera browser safe to use on the iPhone?

All data gets routed through Opera's servers, violating the chain of trust many organizations require for private information

It came as a surprise to almost everyone when Apple approved the Opera Mini Browser app for its App Store. It is a competing browser for Apple's own Safari -- which is the default browser of the iPhone, iPod Touch, and iPad -- and it is not built on the Apple-ordained Webkit platform.

The main claim to fame for the Opera Mini Browser for iPhone is speed. It loads pages fast -- or so the story goes. However, the "how" behind that speed comes with some security concerns that users should be aware of as well.

[ Stay up on tech news and reviews from your smartphone at infoworldmobile.com. | Get the best iPhone and iPad apps for pros with our business iPhone apps finder. | See which smartphone is right for you in our mobile "deathmatch" calculator. ]

Basically, the Opera Mini Browser app is able to display Web pages quicker because the data is compressed. That means that business professionals on the go can surf the Web faster while consuming less data bandwidth -- seems like a no-brainer.

The data compression is done entirely in Norway on Opera's servers, though. Each Web page request goes through Opera where it is recompiled in Opera's proprietary markup language, then forwarded to the destination iPhone.

In fact, this server-side compression is responsible for the increased speed and is probably the reason that the Opera Mini Browser app was approved by Apple. By rendering the page on Opera's servers rather than on the iPhone itself, Opera circumvents some of Apple's coding restrictions for what can occur on the iPhone.

The trade-off is that Opera is also now a single point of failure. If the connection between your iPhone and Norway is slow or offline, your service with the Opera Mini Browser app will suffer accordingly. Of course, if push comes to shove, you will still have the Safari Web browser on the iPhone or iPad as a backup.

Now, let's examine the security implications of Opera's Web page processing. First of all, every Web page you visit -- whether it's Amazon.com, your bank, a search on Bing for a medical disorder, or a connection to a corporate Website -- goes through Opera. That means that Opera can essentially see and cache anything and everything you do while using the Opera Mini Browser app.

If you visit encrypted Web pages, Opera still sits as a proxy in the middle of those communications. Opera must decrypt, compress, and convert to Opera-proprietary markup language, then re-encrypt the data before forwarding it along to the iPhone.

For many companies, this violation of the end-to-end trust expected when using encrypted data will be reason enough to ban the Opera Mini Browser app from use. If the Opera servers are in any way breached, it could result in otherwise securely encrypted communications being compromised.

I have installed and used the Opera Mini Browser app. It is fast -- at displaying the page. However, that is after an initial lag when I assume the whole Opera proxy data compression part is going on in the background. The net result, in my unscientific opinion, is that it isn't significantly faster overall.

Given the security implications, and some of the other issues noted with the Opera Mini Browser app for iPhone, I recommend not using it for anything sensitive like online banking or corporate VPN connections.

Don't forget to be part of the InfoWorld Mobile Patrol: Send in your tips, complaints, news, and ideas to comments@infoworldmobile.com. Thanks!

Tony Bradley is co-author of "Unified Communications for Dummies." He tweets as @Tony_BradleyPCW. You can follow him on his Facebook page, or contact him by email at tony_bradley@pcworld.com.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies