[HN Gopher] Opera adds native support for blockchain domain names ___________________________________________________________________ Opera adds native support for blockchain domain names Author : mrnobody_67 Score : 93 points Date : 2021-04-29 19:04 UTC (3 hours ago) (HTM) web link (blogs.opera.com) (TXT) w3m dump (blogs.opera.com) | crazypython wrote: | Doesn't seem to support Handshake, .eth, or Namecoin. | fs111 wrote: | So we need blockchain because google controls the emails of his | kids that he has set up. What? | | If you want you data to be safe, then host your data yourself and | make backups. | | Yet another "we had a blockchain and did not know what to do with | it" solution that nobody needs. | | I think I lost IQ points reading this nonsense. | Spivak wrote: | Yeah I'm kinda confused as to why he went through all the | effort of setting up email addresses rather than throwing them | in a folder and backing it up to as many off-site storage | providers as needed to make him comfortable. | | I get that sending an email might be easy but so is uploading | to Dropbox or Nextcloud if it must be self-hosted. And you | don't have any storage limits. | | Plus having blockchain domain names does _nothing_ for the | storage. IPFS is great but he still have to keep seeding it or | it will go offline eventually. He still needs backups! | otterley wrote: | The author is female. | roachpepe wrote: | This. | twobitshifter wrote: | If you want to host your own data, it sounds like you need | opera unite! https://news.softpedia.com/news/Download- | Opera-10-10-Final-w... | prepend wrote: | Where is this money going? How are these prices set? I looked up | a four letter .com I have and it's $2400. Why? | | Other domains aren't available yet. | | NFTs for names is a really good idea but it seems like the | novelty is in getting acceptance and trust. Not sure why a random | org should get really substantial fees for names. For ICANN we're | forced to. But for a good blockchain solution the prices should | be equitable. | | I understand that reselling goes to the owner, but this seems | like a cash grab. | | That and many domains like common first names aren't available | yet. | SheinhardtWigCo wrote: | All you need to know: | | > Will My Life Change? | | > Yes, my friend! It will because you can easily build your own | decentralized website and simplify your cross wallet crypto | payments, share music and photos (not just of my kids), start a | business, secure and verify your identity "on chain", or showcase | your brilliant NFT art gallery. | ectopod wrote: | Pure hucksterese. How do people still fall for this? You don't | even need to start to parse the content to know you're being | conned. | tpmx wrote: | Opera is beyond rescue. As someone who spent a decade working | there it saddens me to say so, but please don't use it. | | Actual, executive day-to-day control over the browser tech has | progressed sort of like this: | | 1995: Oslo, Norway | | 2008: Linkoping, Sweden | | 2014: Wroclaw, Poland | | 2020: Beijing, PRC (the sale happened in 2016, but they were | hands-off for quite some time; I think they were being busy with | shady fintech stuff in Africa enabled by the Opera Mini work we | did mostly in Sweden a decade earlier: | https://www.engadget.com/2020-01-19-opera-accused-of-predato...) | cbarrick wrote: | Any specific reasons to not use Opera? | | I actually just switched this week, being fed up with Firefox. | So far so good. I very much like the UI/UX. | | I hope this isn't just another case of "China bad". | | Edit: Ah, I see the link you added. So the new owners seem | shady. | [deleted] | livre wrote: | If you miss the old Opera UI/UX then Otter may be a decent | replacement. If you want what would have been the actual | continuation of the old Opera then go for Vivaldi (made by | some of the old Opera team members). | artursapek wrote: | Are you saying it's beyond rescue because it's controlled by | China? | tpmx wrote: | Yes. | takeda wrote: | Opera died to me after version 12 (the moment it essentially | became Chrome with a different skin). | | I was their user since version 5 or 6 (this was before | everyone started the crazy version system, back them they | released a major version about once a year). | | The biggest things that I loved about the browser you | couldn't get by extension, they could do many things because | they could directly update the engine. | | Now learning that they are owned by PRC there's even less | reasons for me to use it. | | Opera could have done a lot of good if they would open | sourced their old browser (kind of line what Netscape did). | Someone leaked the original source code, but because it was | leaked and not officially published, no one wants to touch | it. Anyway now it's too late, because it's way behind the | current browsers. | zepearl wrote: | I like a lot Opera on my phone & tablet. (but not on my | notebooks & PCs - using there Firefox & Chrome) | johtso wrote: | Same, it's the only mobile browser I've found that has decent | dark mode.. | imiric wrote: | Opera in the late 90s / early 00s was such a great browser | though. It was one of the first to adopt tabs, had a very | responsive and slick UI compared to the competition, and the | rendering engine was fast and fluid, though sadly not well | supported or compatible. Even the built-in email client was | decent, and much better than the one in Netscape Communicator | from what I remember. Being share/adware was always a problem, | but it was my main browser for a couple of years back then. | Opera Mini was also excellent on pre-iPhone devices. | | Nowadays I wouldn't come near it, mostly because it's | proprietary software owned by a company with shady business | practices. | | Still, this is great news and should be applauded FWIW. | nly wrote: | It was dead to me the moment they switched to chromium | keanebean86 wrote: | It would be cool if Opera published presto's source code. | Even just for historical reasons. I'm sure there's legal and | financial reasons they don't. | | I was a huge fan and tried to convert my friends from | 2004-2012. It was tough watching them slowly convert to | firefox or stay on IE. | | It really didn't help that Opera handled transparency so | poorly. That made myspace pretty much unusable. | duskwuff wrote: | The Presto source code was leaked around 2017, FWIW. | There's a handful of mirrors around, including: | | https://git.teknik.io/Zero3K/presto | keanebean86 wrote: | This is awesome, thanks! | tpmx wrote: | I still think that was a _necessary_ decision. Jon Von | Tetzchner (one of the two Opera founders, and the previous | long time CEO) strongly disagreed, then from the outside, but | later did the exact same thing with Vivaldi. (Jon is a | fantastic _mensch_ , btw. One of the best CEOs I've ever | had.) | | Google had very purposely raised the bar by putting like | 5x-8x more competent engineers than the Opera core (non- | platform/UI-specific stuff) team had, working on inventing | and implementing random new web standards that they then | promptly started using on google.com properties. Think e.g. | 500-800 engineers compared to 100. We simply couldn't do the | same. Then this ratio started growing until it was obvious | that it would eventually become an existential threat. | | They used their financial success in one business area | (search ads) to become dominant in another area (browsers) in | a clever and perhaps not entirely legal way. | sergiotapia wrote: | I also miss Presto and Dragonfly | xxxxxxx12 wrote: | You realize Vivaldi is essentially the modern replacement for | Opera. | roachpepe wrote: | "It's encrypted and hashed. It can't be hacked..." | | It says so on the internet, so it must be true. | a-b wrote: | Here is referral link if you want to register your domain | https://unstoppabledomains.com/r/1ca7931f8b68487 | cobaltoxide wrote: | I had totally forgotten about Opera. | jsmith99 wrote: | More fragmentation. I use Nextdns for my router's DNS, which | theoretically allows me to access any domains on the competing | Handshake crypto protocol, but I've never actually some across | any so far. | lifty wrote: | I really think that Handshake is the superior DNS root + PKI | alternative, so hopefully more projects adopt it. | nine_k wrote: | Yes, I also hoped they're going to support Nextdns. Maybe with | a next update %) | cookiengineer wrote: | ...so they claim to be a consensus based registry, yet they block | existing trademarked domains and are the only entity receiving | money? How does that even hold up with their core argument that | DNS is too centralized? | Zamicol wrote: | So there doesn't appear to be ENS support? | nonameiguess wrote: | Why on earth do you want to decentralize personal belongings? I | absolutely want my possessions centralized, in storage locations | I own. That is the much more obvious solution than putting | personal possessions on a blockchain. If you want to store | digital tokens for your kids that you can be reasonably assured | will still be there when they become adults, use thumb drives. | Keep them in a fireproof safe if you're really worried. Somehow, | my mom has managed to keep all the videos and photos of key | events in my childhood safe and intact for 40 years without | having to put them on a public distributed ledger. When betamax | went obsolete, she transferred to VHS. When that went away, to | DVD. | | I really don't understand what this woman thinks she is buying. I | guess this is a better storage medium for precious moments and | collectibles than sending copies of everything to gmail, but so | is almost any other way of storing something. | throwaway_isms wrote: | > my mom has managed to keep all the videos and photos of key | events in my childhood safe and intact for 40 years without | having to put them on a public distributed ledger | | No offense, but in all likelihood no one is attempting to | counterfeit or pirate your Mom's videos and photos of your | childhood, and ownership/p2p ownership transfers are not | material. | | There are almost infinite real world examples were ownership | records are benefited by blockchain technologies over | centralized services. Take property deeds, usually kept and | recorded at the County level, there is almost endless fraud | with people filing forged quitclaim deeds on a daily basis. | That would be an example of a public record, but their are | private record keeping examples such as stock certificates. | Usually the "Dole" case is the most famous example, where you | have a publicly traded company with all the benefits of | corporate record keeping, stock trusts and banks, and | centralized stock exchanges, but when the buyer went to take it | private low and behold the public company with all the | centralized safe guards in the world should have had a total | capitalization of 36M shared but somehow had about 49M share | issued, it only ended up in $150M in damages, but this could | not have happened using blockchain and most agree nearly every | publicly traded company likely would have the same | inconsistencies. | atweiden wrote: | > Usually the "Dole" case is the most famous example, where | you have a publicly traded company with all the benefits of | corporate record keeping, stock trusts and banks, and | centralized stock exchanges, but when the buyer went to take | it private low and behold the public company with all the | centralized safe guards in the world should have had a total | capitalization of 36M shared but somehow had about 49M share | issued, it only ended up in $150M in damages, but this could | not have happened using blockchain and most agree nearly | every publicly traded company likely would have the same | inconsistencies. | | This sounds like a technology problem for which a public | blockchain is but one possible solution. Surely other append- | only log data structures exist which could step in to fill | this void. | | AFAICT the main issue with crypto equities -- and all other | similar constructs -- is what happens when a court of law | overrides them. If a court says your ex owns half of the | shares in $WALLET, but the blockchain doesn't, and $COMPANY | which issued the shares is also subject to the whims of the | court, then what are we to do about this? | | OTOH maybe this rabbit hole really just never ends until | courts are also somehow replaced by a public blockchain, | likely at the behest of the very biased investors who stand | to disproportionately profit from this game. | retrac wrote: | What happens when the blockchain does not reflect the actual | legal situation of ownership? For example, assuming a classic | blockchain model where my property deed is given to me as a | private key, and I have to sign the transaction to transfer | the property, what happens when I lose the key and yet the | city has expropriated my lot to build a park? This seems to | require the authorities to have some kind of master key or | ability to retroactively edit the blockchain. Which negates | much of the security advantage of a blockchain model? | lozaning wrote: | This is a great idea until you get hit by a bus and now your | private keys are gone and your family can no longer recover | your estate(house and investments). | | Should a mechanism exist in your system wherein-by your | family can reclaim ownership without your keys, means that | whoever the chain says owns something clearly doesn't | actually matter anyways. | mrnobody_67 wrote: | Not sure about others, but I've paid thousands of dollars for | ICANN renewal fees over the last decade... love the idea of | "owning" real estate on the internet vs. merely renting it (and | having prices go up every few years). | bastawhiz wrote: | Presumably you need to pay every time you want to update where | the domain points, no? | | https://docs.unstoppabledomains.com/domain-registry-essentia... | | From the docs it seems like you can "hardcode" IPs or...a | traditional dns cname. | | At $40/domain, if you update your DNS records once every two | years, you're really only just breaking even. | | Also, from the FAQ: | | > Trademark holders with proof of ownership can apply to claim | ownership of trademarked names. If a trademark name has already | been sold, then it will be refunded. Note - this process ends | once domains have been distributed. Unstoppable Domains does | not have the ability to move a domain once distribution has | occurred. | | Seems like a less-than-agreeable policy for most folks. Unless | you're a scalper. | baby wrote: | You shouldn't have to pay much though, it's should simply be | a transaction on the Ethereum network. If whoever set up that | contract wants to take a fee, then it's up to people to use | another contract. | bastawhiz wrote: | The average ethereum transaction fee right now is more | expensive than a domain renewal fee for many common TLDs. | | Right now, the original purchase price of one of these | domains is ~4 years of fees on a traditional registrar. | Let's round the transaction fee down to $10 for the sake of | simplicity. If you update your configuration every two | years (which seems generous), you'll break even in...six | years? And that's assuming whoever made the contract | doesn't take a fee. | | This assumes Ethereum fees don't change. Proof of stake | might affect transaction cost, but the trend right now is | up and to the right: in one year the average transaction | cost has increased two orders of magnitude. | | If we assume the rate of growth of the average transaction | fee slows dramatically to one order of magnitude every two | years for the next few years, that means the cost of your | domain will probably never break even (over a traditional | domain) in your lifetime. Even if it only doubles every two | years, you'll likely never break even. | baby wrote: | Domain name/identity and key pinning has always been the only | useful use of NFTs that I can think of. | | Today, to encrypt your communications with people, you use | something like PGP or Signal which rely on "trust on first use | (TOFU) but verify", in practice people don't really verify so | it's more like TOFU. This means that if someone compromised the | session at the moment where it was created (or re-created), then | your communication are being snooped on. | | Today, to encrypt your communication to websites, you use HTTPS | which rely on a vast network of certificate authorities. Any of | these actors misbehaving leads to potential attacks. Because of | that, the Certificate Transparency project was created to | _potentially_ catch bad actors, that is if you check for your own | domains regularly. | | Using a consensus-based registry, you can prevent (better than | detect) attacks in both of these scenarios. Let people register | their identity or domain name, and associate a public key to it | that can be used to encrypt communications with the | identity/domain, as long as the number of dishonest actors remain | under a threshold no attacks are possible. | | The only (albeit not small) downside is that by taking middle men | out of the picture, the naive approach prevents account recovery | from happening. So to be practical, you need to find the right | middle ground. | cracker_jacks wrote: | > no attacks are possible | | I think this just shifts the responsibility and point of attack | onto the owner (which is true for all decentralized crypto). An | attack is still possible and worse yet, it is completely | irreversible. | | That said, the option of taking personal custody and | responsibility is important and I think it should always be an | option. | mrnobody_67 wrote: | Honeypot is much smaller. | | Any centralized source of data is very attractive and worth | spending a lot of time & effort on and inevitable gets | hacked: https://en.wikipedia.org/wiki/List_of_data_breaches | baby wrote: | > I think this just shifts the responsibility and point of | attack onto the owner | | The owner is always a target, it doesn't change that, it just | removes a bunch of single points of failure and middle men. | | > An attack is still possible and worse yet, it is completely | irreversible | | Attacks are always possible, but depending on your threat | model you do end up eliminating a number of them. As I said, | with a naive implementation you make an attack irreversible, | but it's not impossible to imagine an optional, committee | base KYC-based account recovery mechanism. | hadcomplained wrote: | > Today, to encrypt your communication to websites, you use | HTTPS which rely on a vast network of certificate authorities. | | This fact has been irritating me for a long time. Because no | one should believe that every single certificate authority is | tolerant to any attempts to steal the private keys. But that is | exactly the underlying assumption behind HTTPS being the only | way to use HTTP in a more secure manner than exchanging in | plaintext. | | Let's think about this scenario: Suppose that I built a web | service for my personal use and hosted it in public cloud. I | don't trust any certificate authorities, so I created my own | TLS certificate without using them. I installed my own | certificates on the machine from which to connect to my web | service. Now the server for my web service is serving in HTTPS | using my own certificate. Am I safe? No. Because any entity | with access to the private key of any of the certificate | authorities trusted by my machine, is capable of intercepting | the communication between my machine and my server, simply by | MITM. | | The problem of being forced to trust certificate authorities | can be solved by adding the feature to embed a public key in a | url. For example, it would be wonderful to have a url like | httpsecure://rsa:PUBLICKEY/example.com/ to make sure | example.com always responds using the key PUBLICKEY. IIRC, the | Tor onion services is an instance of this -- the .onion domains | include public keys. | judge2020 wrote: | > Am I safe? No. Because any entity with access to the | private key of any of the certificate authorities trusted by | my machine, is capable of intercepting the communication | between my machine and my server, simply by MITM. | | You're probably more safe than you'd think. Certificate | Transparency is now required for Chrome, Firefox, or Safari | or you'll get an error message during the TLS connection, | before any private data is sent to the (potentially MITM'd) | site. | | Given that all certificates are logged, site operators can | use some of the many CT alert websites to let them know if | and when a new certificate is issued for their domain, so if | some random authority they haven't heard of before issues a | cert or it's done at a time they know they didn't need to | renew their certs, it'd be time to raise major alarms about | the occurrence and thus would mean instant loss of all | business for that authority; plus, shockwaves would be sent | across the internet as this would be a huge event, especially | if it's against a company worth burning a CT for (eg. Google | which houses so many fortune 500 companies' secrets). | | > the .onion domains include public keys. | | The .onion domain is, in itself, a public key. The side | effects of your proposed solution are: | | A) it would mean you HAVE to trust whoever sent you a link | | A) 1) for web-based referrals, this would mean you trust your | (possibly state-sponsored) search engine to never MITM you | (this is currently mitigated by CT which would expose | Google's GTS issuing a random domain's cert) | | A) 2) for IRL events, this would mean you have to trust that | the business themselves put up a certain QR code with the | public key and not some malicious actor | | B) This would mean site.com could never rotate their private | key without changing all of their backlinks to one with the | correct public key. | | These are all problems Tor already faces - you have no idea | if the onion site you're linked to is actually the site it | says it is if it perfectly mimics it and/or reverse proxies | the real site. You're currently always advised to get URLs | from a trusted source once then only use bookmarks to access | them to prevent reverse engineering. And you can't rotate | your private key without doing this domain change. | Zamicol wrote: | Anyone that knows the results of heartbleed cannot believe | that DNS's CA system is sane. | kenniskrag wrote: | Can't you pin the cert (http pinning)? Can we pin a CA cert | of one CA? Can we add to dns which CA is allowed to issue | certs for this domain like which ip is allowed to send | emails? | walrus01 wrote: | People have been trying to make alternate-root DNS systems a | thing for 20+ years, it has never caught on. | ketralnis wrote: | I'm not a blockchain fan but "somebody tried this once and it | didn't work" is hardly a dismissal of an entire class of ideas. | Beanz didn't catch on but bitcoin seems to have. | walrus01 wrote: | Not just 'somebody', but like a dozen different somebodies | with many different methodologies. Getting an 'alternate | root' DNS system trusted in any appreciable percentage of | popular operating systems and web browsers, in a default out- | of-the-box configuration, is a very hard problem to solve. | doublerabbit wrote: | What annoys me is that there is no easy way to change DNS | servers. Try on IOS, or Android and you'll find it such a | hassle being hidden within other scary network settings. | Windows you need to click through five different features and | not forgetting that DNS is an alien word to most. Try and | explain it in the simplest of ways such as "a phone book for | computers" you've just bored the subject to death | | I use OpenNIC and know how to navigate around my router. | However for my mother, that's a whole different story. | imiric wrote: | Blockchain technology only became popular in the last decade | and, as much as it has become a meme at this point, DNS is | actually one of the best use cases for it. The current DNS is | distributed, but highly centralized, and paying renewal fees | for keeping a record in a file and a server running feels like | extortion. An immutable, consistent and decentralized storage | system solves those issues, and I can pay once and technically | own that record for life. (Though Unstoppable Domains' prices | seem arbitrarily high...) | | So I'm hopeful that some of this new tech can disrupt the | current system, which we know is inherently flawed.[1] | | While I'm not going to use Opera anytime soon, we should | celebrate this news and push for other browsers to do the same. | | [1]: https://www.youtube.com/watch?v=7Pp72gUYx00 | ziml77 wrote: | How does the name get reclaimed when you lose the key or die? | Do we just accept that it's possible for domain names to be | forever unusable? | imiric wrote: | That's a fair point, and I don't have an answer. Presumably | there would be enough TLDs to ensure a unique name is not | as important, as it's just a short label anyway. Maybe | there could be an expiration or some kind of override | mechanism built into the protocol, though I'm not familiar | with NFTs to know if this is feasible. | | I'm not saying there wouldn't be challenges with this | approach, but it seems worth a try if it means replacing an | outdated and vulnerable system. | neals wrote: | I like the "speed dial" feature of mobile opera. I can't find a | comparable function for mobile FF or Chrome. How do you guys | switch between your list visited 10ish site on those browsers? | twobitshifter wrote: | Bookmarks? | [deleted] ___________________________________________________________________ (page generated 2021-04-29 23:00 UTC)