[HN Gopher] Opera adds native support for blockchain domain names
___________________________________________________________________
Opera adds native support for blockchain domain names
Author : mrnobody_67
Score : 93 points
Date : 2021-04-29 19:04 UTC (3 hours ago)
(HTM) web link (blogs.opera.com)
(TXT) w3m dump (blogs.opera.com)
| crazypython wrote:
| Doesn't seem to support Handshake, .eth, or Namecoin.
| fs111 wrote:
| So we need blockchain because google controls the emails of his
| kids that he has set up. What?
|
| If you want you data to be safe, then host your data yourself and
| make backups.
|
| Yet another "we had a blockchain and did not know what to do with
| it" solution that nobody needs.
|
| I think I lost IQ points reading this nonsense.
| Spivak wrote:
| Yeah I'm kinda confused as to why he went through all the
| effort of setting up email addresses rather than throwing them
| in a folder and backing it up to as many off-site storage
| providers as needed to make him comfortable.
|
| I get that sending an email might be easy but so is uploading
| to Dropbox or Nextcloud if it must be self-hosted. And you
| don't have any storage limits.
|
| Plus having blockchain domain names does _nothing_ for the
| storage. IPFS is great but he still have to keep seeding it or
| it will go offline eventually. He still needs backups!
| otterley wrote:
| The author is female.
| roachpepe wrote:
| This.
| twobitshifter wrote:
| If you want to host your own data, it sounds like you need
| opera unite! https://news.softpedia.com/news/Download-
| Opera-10-10-Final-w...
| prepend wrote:
| Where is this money going? How are these prices set? I looked up
| a four letter .com I have and it's $2400. Why?
|
| Other domains aren't available yet.
|
| NFTs for names is a really good idea but it seems like the
| novelty is in getting acceptance and trust. Not sure why a random
| org should get really substantial fees for names. For ICANN we're
| forced to. But for a good blockchain solution the prices should
| be equitable.
|
| I understand that reselling goes to the owner, but this seems
| like a cash grab.
|
| That and many domains like common first names aren't available
| yet.
| SheinhardtWigCo wrote:
| All you need to know:
|
| > Will My Life Change?
|
| > Yes, my friend! It will because you can easily build your own
| decentralized website and simplify your cross wallet crypto
| payments, share music and photos (not just of my kids), start a
| business, secure and verify your identity "on chain", or showcase
| your brilliant NFT art gallery.
| ectopod wrote:
| Pure hucksterese. How do people still fall for this? You don't
| even need to start to parse the content to know you're being
| conned.
| tpmx wrote:
| Opera is beyond rescue. As someone who spent a decade working
| there it saddens me to say so, but please don't use it.
|
| Actual, executive day-to-day control over the browser tech has
| progressed sort of like this:
|
| 1995: Oslo, Norway
|
| 2008: Linkoping, Sweden
|
| 2014: Wroclaw, Poland
|
| 2020: Beijing, PRC (the sale happened in 2016, but they were
| hands-off for quite some time; I think they were being busy with
| shady fintech stuff in Africa enabled by the Opera Mini work we
| did mostly in Sweden a decade earlier:
| https://www.engadget.com/2020-01-19-opera-accused-of-predato...)
| cbarrick wrote:
| Any specific reasons to not use Opera?
|
| I actually just switched this week, being fed up with Firefox.
| So far so good. I very much like the UI/UX.
|
| I hope this isn't just another case of "China bad".
|
| Edit: Ah, I see the link you added. So the new owners seem
| shady.
| [deleted]
| livre wrote:
| If you miss the old Opera UI/UX then Otter may be a decent
| replacement. If you want what would have been the actual
| continuation of the old Opera then go for Vivaldi (made by
| some of the old Opera team members).
| artursapek wrote:
| Are you saying it's beyond rescue because it's controlled by
| China?
| tpmx wrote:
| Yes.
| takeda wrote:
| Opera died to me after version 12 (the moment it essentially
| became Chrome with a different skin).
|
| I was their user since version 5 or 6 (this was before
| everyone started the crazy version system, back them they
| released a major version about once a year).
|
| The biggest things that I loved about the browser you
| couldn't get by extension, they could do many things because
| they could directly update the engine.
|
| Now learning that they are owned by PRC there's even less
| reasons for me to use it.
|
| Opera could have done a lot of good if they would open
| sourced their old browser (kind of line what Netscape did).
| Someone leaked the original source code, but because it was
| leaked and not officially published, no one wants to touch
| it. Anyway now it's too late, because it's way behind the
| current browsers.
| zepearl wrote:
| I like a lot Opera on my phone & tablet. (but not on my
| notebooks & PCs - using there Firefox & Chrome)
| johtso wrote:
| Same, it's the only mobile browser I've found that has decent
| dark mode..
| imiric wrote:
| Opera in the late 90s / early 00s was such a great browser
| though. It was one of the first to adopt tabs, had a very
| responsive and slick UI compared to the competition, and the
| rendering engine was fast and fluid, though sadly not well
| supported or compatible. Even the built-in email client was
| decent, and much better than the one in Netscape Communicator
| from what I remember. Being share/adware was always a problem,
| but it was my main browser for a couple of years back then.
| Opera Mini was also excellent on pre-iPhone devices.
|
| Nowadays I wouldn't come near it, mostly because it's
| proprietary software owned by a company with shady business
| practices.
|
| Still, this is great news and should be applauded FWIW.
| nly wrote:
| It was dead to me the moment they switched to chromium
| keanebean86 wrote:
| It would be cool if Opera published presto's source code.
| Even just for historical reasons. I'm sure there's legal and
| financial reasons they don't.
|
| I was a huge fan and tried to convert my friends from
| 2004-2012. It was tough watching them slowly convert to
| firefox or stay on IE.
|
| It really didn't help that Opera handled transparency so
| poorly. That made myspace pretty much unusable.
| duskwuff wrote:
| The Presto source code was leaked around 2017, FWIW.
| There's a handful of mirrors around, including:
|
| https://git.teknik.io/Zero3K/presto
| keanebean86 wrote:
| This is awesome, thanks!
| tpmx wrote:
| I still think that was a _necessary_ decision. Jon Von
| Tetzchner (one of the two Opera founders, and the previous
| long time CEO) strongly disagreed, then from the outside, but
| later did the exact same thing with Vivaldi. (Jon is a
| fantastic _mensch_ , btw. One of the best CEOs I've ever
| had.)
|
| Google had very purposely raised the bar by putting like
| 5x-8x more competent engineers than the Opera core (non-
| platform/UI-specific stuff) team had, working on inventing
| and implementing random new web standards that they then
| promptly started using on google.com properties. Think e.g.
| 500-800 engineers compared to 100. We simply couldn't do the
| same. Then this ratio started growing until it was obvious
| that it would eventually become an existential threat.
|
| They used their financial success in one business area
| (search ads) to become dominant in another area (browsers) in
| a clever and perhaps not entirely legal way.
| sergiotapia wrote:
| I also miss Presto and Dragonfly
| xxxxxxx12 wrote:
| You realize Vivaldi is essentially the modern replacement for
| Opera.
| roachpepe wrote:
| "It's encrypted and hashed. It can't be hacked..."
|
| It says so on the internet, so it must be true.
| a-b wrote:
| Here is referral link if you want to register your domain
| https://unstoppabledomains.com/r/1ca7931f8b68487
| cobaltoxide wrote:
| I had totally forgotten about Opera.
| jsmith99 wrote:
| More fragmentation. I use Nextdns for my router's DNS, which
| theoretically allows me to access any domains on the competing
| Handshake crypto protocol, but I've never actually some across
| any so far.
| lifty wrote:
| I really think that Handshake is the superior DNS root + PKI
| alternative, so hopefully more projects adopt it.
| nine_k wrote:
| Yes, I also hoped they're going to support Nextdns. Maybe with
| a next update %)
| cookiengineer wrote:
| ...so they claim to be a consensus based registry, yet they block
| existing trademarked domains and are the only entity receiving
| money? How does that even hold up with their core argument that
| DNS is too centralized?
| Zamicol wrote:
| So there doesn't appear to be ENS support?
| nonameiguess wrote:
| Why on earth do you want to decentralize personal belongings? I
| absolutely want my possessions centralized, in storage locations
| I own. That is the much more obvious solution than putting
| personal possessions on a blockchain. If you want to store
| digital tokens for your kids that you can be reasonably assured
| will still be there when they become adults, use thumb drives.
| Keep them in a fireproof safe if you're really worried. Somehow,
| my mom has managed to keep all the videos and photos of key
| events in my childhood safe and intact for 40 years without
| having to put them on a public distributed ledger. When betamax
| went obsolete, she transferred to VHS. When that went away, to
| DVD.
|
| I really don't understand what this woman thinks she is buying. I
| guess this is a better storage medium for precious moments and
| collectibles than sending copies of everything to gmail, but so
| is almost any other way of storing something.
| throwaway_isms wrote:
| > my mom has managed to keep all the videos and photos of key
| events in my childhood safe and intact for 40 years without
| having to put them on a public distributed ledger
|
| No offense, but in all likelihood no one is attempting to
| counterfeit or pirate your Mom's videos and photos of your
| childhood, and ownership/p2p ownership transfers are not
| material.
|
| There are almost infinite real world examples were ownership
| records are benefited by blockchain technologies over
| centralized services. Take property deeds, usually kept and
| recorded at the County level, there is almost endless fraud
| with people filing forged quitclaim deeds on a daily basis.
| That would be an example of a public record, but their are
| private record keeping examples such as stock certificates.
| Usually the "Dole" case is the most famous example, where you
| have a publicly traded company with all the benefits of
| corporate record keeping, stock trusts and banks, and
| centralized stock exchanges, but when the buyer went to take it
| private low and behold the public company with all the
| centralized safe guards in the world should have had a total
| capitalization of 36M shared but somehow had about 49M share
| issued, it only ended up in $150M in damages, but this could
| not have happened using blockchain and most agree nearly every
| publicly traded company likely would have the same
| inconsistencies.
| atweiden wrote:
| > Usually the "Dole" case is the most famous example, where
| you have a publicly traded company with all the benefits of
| corporate record keeping, stock trusts and banks, and
| centralized stock exchanges, but when the buyer went to take
| it private low and behold the public company with all the
| centralized safe guards in the world should have had a total
| capitalization of 36M shared but somehow had about 49M share
| issued, it only ended up in $150M in damages, but this could
| not have happened using blockchain and most agree nearly
| every publicly traded company likely would have the same
| inconsistencies.
|
| This sounds like a technology problem for which a public
| blockchain is but one possible solution. Surely other append-
| only log data structures exist which could step in to fill
| this void.
|
| AFAICT the main issue with crypto equities -- and all other
| similar constructs -- is what happens when a court of law
| overrides them. If a court says your ex owns half of the
| shares in $WALLET, but the blockchain doesn't, and $COMPANY
| which issued the shares is also subject to the whims of the
| court, then what are we to do about this?
|
| OTOH maybe this rabbit hole really just never ends until
| courts are also somehow replaced by a public blockchain,
| likely at the behest of the very biased investors who stand
| to disproportionately profit from this game.
| retrac wrote:
| What happens when the blockchain does not reflect the actual
| legal situation of ownership? For example, assuming a classic
| blockchain model where my property deed is given to me as a
| private key, and I have to sign the transaction to transfer
| the property, what happens when I lose the key and yet the
| city has expropriated my lot to build a park? This seems to
| require the authorities to have some kind of master key or
| ability to retroactively edit the blockchain. Which negates
| much of the security advantage of a blockchain model?
| lozaning wrote:
| This is a great idea until you get hit by a bus and now your
| private keys are gone and your family can no longer recover
| your estate(house and investments).
|
| Should a mechanism exist in your system wherein-by your
| family can reclaim ownership without your keys, means that
| whoever the chain says owns something clearly doesn't
| actually matter anyways.
| mrnobody_67 wrote:
| Not sure about others, but I've paid thousands of dollars for
| ICANN renewal fees over the last decade... love the idea of
| "owning" real estate on the internet vs. merely renting it (and
| having prices go up every few years).
| bastawhiz wrote:
| Presumably you need to pay every time you want to update where
| the domain points, no?
|
| https://docs.unstoppabledomains.com/domain-registry-essentia...
|
| From the docs it seems like you can "hardcode" IPs or...a
| traditional dns cname.
|
| At $40/domain, if you update your DNS records once every two
| years, you're really only just breaking even.
|
| Also, from the FAQ:
|
| > Trademark holders with proof of ownership can apply to claim
| ownership of trademarked names. If a trademark name has already
| been sold, then it will be refunded. Note - this process ends
| once domains have been distributed. Unstoppable Domains does
| not have the ability to move a domain once distribution has
| occurred.
|
| Seems like a less-than-agreeable policy for most folks. Unless
| you're a scalper.
| baby wrote:
| You shouldn't have to pay much though, it's should simply be
| a transaction on the Ethereum network. If whoever set up that
| contract wants to take a fee, then it's up to people to use
| another contract.
| bastawhiz wrote:
| The average ethereum transaction fee right now is more
| expensive than a domain renewal fee for many common TLDs.
|
| Right now, the original purchase price of one of these
| domains is ~4 years of fees on a traditional registrar.
| Let's round the transaction fee down to $10 for the sake of
| simplicity. If you update your configuration every two
| years (which seems generous), you'll break even in...six
| years? And that's assuming whoever made the contract
| doesn't take a fee.
|
| This assumes Ethereum fees don't change. Proof of stake
| might affect transaction cost, but the trend right now is
| up and to the right: in one year the average transaction
| cost has increased two orders of magnitude.
|
| If we assume the rate of growth of the average transaction
| fee slows dramatically to one order of magnitude every two
| years for the next few years, that means the cost of your
| domain will probably never break even (over a traditional
| domain) in your lifetime. Even if it only doubles every two
| years, you'll likely never break even.
| baby wrote:
| Domain name/identity and key pinning has always been the only
| useful use of NFTs that I can think of.
|
| Today, to encrypt your communications with people, you use
| something like PGP or Signal which rely on "trust on first use
| (TOFU) but verify", in practice people don't really verify so
| it's more like TOFU. This means that if someone compromised the
| session at the moment where it was created (or re-created), then
| your communication are being snooped on.
|
| Today, to encrypt your communication to websites, you use HTTPS
| which rely on a vast network of certificate authorities. Any of
| these actors misbehaving leads to potential attacks. Because of
| that, the Certificate Transparency project was created to
| _potentially_ catch bad actors, that is if you check for your own
| domains regularly.
|
| Using a consensus-based registry, you can prevent (better than
| detect) attacks in both of these scenarios. Let people register
| their identity or domain name, and associate a public key to it
| that can be used to encrypt communications with the
| identity/domain, as long as the number of dishonest actors remain
| under a threshold no attacks are possible.
|
| The only (albeit not small) downside is that by taking middle men
| out of the picture, the naive approach prevents account recovery
| from happening. So to be practical, you need to find the right
| middle ground.
| cracker_jacks wrote:
| > no attacks are possible
|
| I think this just shifts the responsibility and point of attack
| onto the owner (which is true for all decentralized crypto). An
| attack is still possible and worse yet, it is completely
| irreversible.
|
| That said, the option of taking personal custody and
| responsibility is important and I think it should always be an
| option.
| mrnobody_67 wrote:
| Honeypot is much smaller.
|
| Any centralized source of data is very attractive and worth
| spending a lot of time & effort on and inevitable gets
| hacked: https://en.wikipedia.org/wiki/List_of_data_breaches
| baby wrote:
| > I think this just shifts the responsibility and point of
| attack onto the owner
|
| The owner is always a target, it doesn't change that, it just
| removes a bunch of single points of failure and middle men.
|
| > An attack is still possible and worse yet, it is completely
| irreversible
|
| Attacks are always possible, but depending on your threat
| model you do end up eliminating a number of them. As I said,
| with a naive implementation you make an attack irreversible,
| but it's not impossible to imagine an optional, committee
| base KYC-based account recovery mechanism.
| hadcomplained wrote:
| > Today, to encrypt your communication to websites, you use
| HTTPS which rely on a vast network of certificate authorities.
|
| This fact has been irritating me for a long time. Because no
| one should believe that every single certificate authority is
| tolerant to any attempts to steal the private keys. But that is
| exactly the underlying assumption behind HTTPS being the only
| way to use HTTP in a more secure manner than exchanging in
| plaintext.
|
| Let's think about this scenario: Suppose that I built a web
| service for my personal use and hosted it in public cloud. I
| don't trust any certificate authorities, so I created my own
| TLS certificate without using them. I installed my own
| certificates on the machine from which to connect to my web
| service. Now the server for my web service is serving in HTTPS
| using my own certificate. Am I safe? No. Because any entity
| with access to the private key of any of the certificate
| authorities trusted by my machine, is capable of intercepting
| the communication between my machine and my server, simply by
| MITM.
|
| The problem of being forced to trust certificate authorities
| can be solved by adding the feature to embed a public key in a
| url. For example, it would be wonderful to have a url like
| httpsecure://rsa:PUBLICKEY/example.com/ to make sure
| example.com always responds using the key PUBLICKEY. IIRC, the
| Tor onion services is an instance of this -- the .onion domains
| include public keys.
| judge2020 wrote:
| > Am I safe? No. Because any entity with access to the
| private key of any of the certificate authorities trusted by
| my machine, is capable of intercepting the communication
| between my machine and my server, simply by MITM.
|
| You're probably more safe than you'd think. Certificate
| Transparency is now required for Chrome, Firefox, or Safari
| or you'll get an error message during the TLS connection,
| before any private data is sent to the (potentially MITM'd)
| site.
|
| Given that all certificates are logged, site operators can
| use some of the many CT alert websites to let them know if
| and when a new certificate is issued for their domain, so if
| some random authority they haven't heard of before issues a
| cert or it's done at a time they know they didn't need to
| renew their certs, it'd be time to raise major alarms about
| the occurrence and thus would mean instant loss of all
| business for that authority; plus, shockwaves would be sent
| across the internet as this would be a huge event, especially
| if it's against a company worth burning a CT for (eg. Google
| which houses so many fortune 500 companies' secrets).
|
| > the .onion domains include public keys.
|
| The .onion domain is, in itself, a public key. The side
| effects of your proposed solution are:
|
| A) it would mean you HAVE to trust whoever sent you a link
|
| A) 1) for web-based referrals, this would mean you trust your
| (possibly state-sponsored) search engine to never MITM you
| (this is currently mitigated by CT which would expose
| Google's GTS issuing a random domain's cert)
|
| A) 2) for IRL events, this would mean you have to trust that
| the business themselves put up a certain QR code with the
| public key and not some malicious actor
|
| B) This would mean site.com could never rotate their private
| key without changing all of their backlinks to one with the
| correct public key.
|
| These are all problems Tor already faces - you have no idea
| if the onion site you're linked to is actually the site it
| says it is if it perfectly mimics it and/or reverse proxies
| the real site. You're currently always advised to get URLs
| from a trusted source once then only use bookmarks to access
| them to prevent reverse engineering. And you can't rotate
| your private key without doing this domain change.
| Zamicol wrote:
| Anyone that knows the results of heartbleed cannot believe
| that DNS's CA system is sane.
| kenniskrag wrote:
| Can't you pin the cert (http pinning)? Can we pin a CA cert
| of one CA? Can we add to dns which CA is allowed to issue
| certs for this domain like which ip is allowed to send
| emails?
| walrus01 wrote:
| People have been trying to make alternate-root DNS systems a
| thing for 20+ years, it has never caught on.
| ketralnis wrote:
| I'm not a blockchain fan but "somebody tried this once and it
| didn't work" is hardly a dismissal of an entire class of ideas.
| Beanz didn't catch on but bitcoin seems to have.
| walrus01 wrote:
| Not just 'somebody', but like a dozen different somebodies
| with many different methodologies. Getting an 'alternate
| root' DNS system trusted in any appreciable percentage of
| popular operating systems and web browsers, in a default out-
| of-the-box configuration, is a very hard problem to solve.
| doublerabbit wrote:
| What annoys me is that there is no easy way to change DNS
| servers. Try on IOS, or Android and you'll find it such a
| hassle being hidden within other scary network settings.
| Windows you need to click through five different features and
| not forgetting that DNS is an alien word to most. Try and
| explain it in the simplest of ways such as "a phone book for
| computers" you've just bored the subject to death
|
| I use OpenNIC and know how to navigate around my router.
| However for my mother, that's a whole different story.
| imiric wrote:
| Blockchain technology only became popular in the last decade
| and, as much as it has become a meme at this point, DNS is
| actually one of the best use cases for it. The current DNS is
| distributed, but highly centralized, and paying renewal fees
| for keeping a record in a file and a server running feels like
| extortion. An immutable, consistent and decentralized storage
| system solves those issues, and I can pay once and technically
| own that record for life. (Though Unstoppable Domains' prices
| seem arbitrarily high...)
|
| So I'm hopeful that some of this new tech can disrupt the
| current system, which we know is inherently flawed.[1]
|
| While I'm not going to use Opera anytime soon, we should
| celebrate this news and push for other browsers to do the same.
|
| [1]: https://www.youtube.com/watch?v=7Pp72gUYx00
| ziml77 wrote:
| How does the name get reclaimed when you lose the key or die?
| Do we just accept that it's possible for domain names to be
| forever unusable?
| imiric wrote:
| That's a fair point, and I don't have an answer. Presumably
| there would be enough TLDs to ensure a unique name is not
| as important, as it's just a short label anyway. Maybe
| there could be an expiration or some kind of override
| mechanism built into the protocol, though I'm not familiar
| with NFTs to know if this is feasible.
|
| I'm not saying there wouldn't be challenges with this
| approach, but it seems worth a try if it means replacing an
| outdated and vulnerable system.
| neals wrote:
| I like the "speed dial" feature of mobile opera. I can't find a
| comparable function for mobile FF or Chrome. How do you guys
| switch between your list visited 10ish site on those browsers?
| twobitshifter wrote:
| Bookmarks?
| [deleted]
___________________________________________________________________
(page generated 2021-04-29 23:00 UTC)