Wow...
Quote:
In an interview in New York recently, Opera CEO Jon von Tetzchner said that the decentralized nature of Unite, a feature that turns each person's PC into a Web server by putting that capability in the browser, makes it more difficult for hackers to break into computer systems, not easier.
"When you're hacking a single system, if you have everything that belongs to everyone in one location, you only need to break in once," he said. "If you have it in different computers it's a little more complicated. If you get into one Web server and everyone's data is in there, that's easier than getting into a million computers."
|
Does he even know what the security concerns are here? Its not that "hey, a new place to steal data from" - its that thousands of computers will now be accepting unsolicited incoming connections that could potentially allow attackers to hijack those workstations and add them to botnets.
With Unite, when vulnerabilities are found, attackers will only have to start scanning the residential/home user address space looking for computers using Unite, then launch automated attacks to exploit those vulnerabilities and take control of the computers. A distributed system IS EXACTLY WHAT ATTACKERS WANT.
Now, there is a possibility that Unite may be very secure. However, this system, and Opera overall, has not come under a serious attack yet. By avoiding even commenting on this possible attack scenario, brushing it off by saying that some other attack, which isn't a concern in this scenario, is not possible, does not fill me with confidence that Opera is really taking the potential security implications of this type of setup seriously.