That is a image from:
https://brave.com/brave-ads-waitlist/
Notice the page is about the Grammys and the ad is about the Grammys. This is important.
So Brave strips the ads from my site and inserts their own as (even more annoying system notifications). And they are relevant to the page so now my visitors might think I was the dick that triggered a notification that must be dismissed.
And If I want a cut I have to sign up for some rando cryptocurrency company, the bastions of ethics and security.
Please Brave. Use a unique user agent string so I can just block people using your browser. And I don't care if people block ads, I do too. But when you get desperate and start showing ads for dildos on my site discussing cross-cut table-saw blades I'm not going to be a happy camper.
For example, "Auto-updates are not directly anti-privacy" is obvious, but some people want to disable auto-updates since they might not want new, potentially privacy-violating updates added to the browser. You can't look through the changelog (or better: the GitHub diff) before downloading an update if you can't disable auto-update. Same for "But Brave has a backdoor!", auto-update is by definition a backdoor for running code the user hasn't ran before. The only reason most people are fine with Google's auto-updates and weary of Brave's auto-updates is because Brave isn't as trustworthy or well-established in terms of "does this company have incentive to push malicious code to my machine or will they potentially be compromised or bought out".
I like this fake alternate strawnan universe where actual dildos head Brave, where last ditch efforts to save a silicon valley VC funded startup is to push wherever it is you dream they'll push. Because burning everything to the ground is par-for-the-course, for both VCs and entrepreneurs in the valley?
Or - this is classic FUD-ing, backed by exactly zero evidence
If you don't like it, FUD..
I guess you trust Facebook to never change the TOS and toggles.
Is that really the best option: blocking based on UA header
What do users think about websites that try to tell them what browser to run. There are sites like this one giving "advice" on which browser to use (https://theprivacyguide1.github.io/browsers.html), sites that display messages that tell the user to switch browsers and sites that try to block the user's choice of browser by reading User-Agent headers. Headers are trivial to add/delete/modify
All in the name of online advertising. It is a shame this is what the www (and now the "browser") has become. A medium for delivering ads.
Additionally, as they show ads as system notifications, I've never equated them whatsoever with what I'm browsing, and I'd assume that's by design.
I use Brave because (for me) Firefox is slow, and Chrome is Google. As someone who's quite fond of you for example on HN, I'd love to not be blocked, but I'm not switching browsers for the privilege...
I made a comment a while ago about how when IE6 was destroying computers (~2003) I charged a lot of money to fix people computers unless they switched to Firefox. But if they used FF I would help for free. That was the beauty of my plan. I didn't care about money I just hated fixing my families computers. And using FF solved nearly all my problems.
And then a guy said he would go as far as putting the IE icon on FF so people wouldn't have to really do anything different. Ideally they just wouldn't notice.
So now that there is a stupid token I wonder how many installs of brave are actually legit. Seems trivial to just install it on families computers and fake it as Chrome and use your account to collect the tokens.
> Chromium is open source and all Google tracking can easily be disabled. Brave strips out all of this by default. Remember that Chromium is not the same as Chrome.
Sorry, but this is not a satisfactory explanation to me. Brave is marketed as the pro-decentralization/good web citizen browser. Yet, it uses Chromium, which contributes to Google’s dominance over the web — pushing developers to further neglect Firefox and other browsers as a target.
Also, where is Brave’s innovation? I see none. Instead, I support Mozilla.
Firefox is slow (especially on Linux) when compared with Chromium. The Firefox UI is more complex and not any more powerful; the excuse used to be that they supported more deeply-integrated extensions, but that's mostly dead now. With regard to "dominance over the web", Firefox is riddled with compliance bugs and misbehaviours, many of which go unaddressed for years, these bugs and incompatibilities have forced me to disable features for Firefox users, or find workarounds, over the years.
> Also, where is Brave’s innovation? I see none. Instead, I support Mozilla.
Where is Mozilla's innovation today? They maintain a broken, slightly-differentiated Netscape clone, and have an unmistakable chip on their shoulder; but there is no substantial benefit to using Mozilla, and there are some serious drawbacks that Mozilla could avoid if they cared. Brave is at least doing something interesting, with an innovative compensation model which has some hope to reduce reliance on surveillance-driven advertising, and they put a Tor client in the default distribution (even if the browser does not implement some of the anti-fingerprinting measures that Tor Browser does).
On top of this all, Brave is differentiating on what matters, rather than taking up the pointless task of maintaining similarly-licensed, lower quality implementations of various web standards. If Google gains power over the web with Chromium, in some vague way, then Mozilla's power move would be to base Firefox on Chromium (or at least fork Chromium). Rust is a spectacular thing they've done, but at the end of the day, any argument for using Mozilla should begin with a long list of positive characteristics of the product, and not with vague platitudes about implementation diversity.
No. Just, no.
I want to share something that I experienced very recently.
I use Firefox and Chrome (just for using Taskboard) at work. I also use Firefox at home. Both systems are Debian. The perceived browser speed was Chrome (Work) > Firefox (Work) > Firefox (Home). I always thought it was about DNS resolution, so I started running DNSMasq at home on an OrangePi Zero but, it didn't make much difference.
Two days ago, my home ADSL modem suddenly died. I replaced it with a more modern version and everything about speed has changed. Now The speed of Firefox at home is equal with the speed of Chrome at Work, Firefox at work is slightly behind.
It can be said that Firefox is much more sensitive to network parameters like DNS response times, but its rendering engine and other capabilities are not behind Chrome.
However, as I said in my above post, my objection to Brave largely stems from how it is marketed and promoted. I’ll re-iterate: People try to sell it as the “pro-decentralization” and “good web citizen” browser. Brave isn’t doing anything compelling enough to earn that status in my eyes.
I am not going to argue about how much Mozilla innovates. Rust is pretty cool — I agree they could do more. The people pushing me to use Brave seem to want me to do so as an act of charity. I will re-evaluate my choice to charitably direct my web traffic through Firefox, but, to be honest, my first choice otherwise still would not be Brave.
Something that Mozilla is also doing[0], albeit with significantly more attention paid to the privacy-minded patches to Firefox made by the Tor Project. The end goal is to mainline these patches, such that Firefox gains the same privacy properties as the former-- they're working with the Tor team on this. If I wanted to use Firefox to access the Tor network, I'd just start a client locally and have the browser proxy traffic through it. Tor Browser's anti-fingerprinting measures are half the reason it's useful.
It's half-baked "features" like this that turn me away from Brave; there's this feeling that it's marketed towards the sort of well-meaning crowd that won't know the difference between "Tor tabs" and Tor Browser. This isn't a bad thing; rather, it's the misleading material surrounding such features published by the developers. Just look at the relevant page[1]; there's just a vague mention near the end of the article about using Tor Browser if you need "leakproof privacy", and the rest of the page carefully tiptoes around the fact that this really only prevents websites from knowing your IP address (and likely not even that, considering the similar fingerprinting properties of normal tabs and Tor tabs).
Excerpt:
"Also, web destinations can no longer easily identify or track a user arriving via Brave’s Private Tabs with Tor by means of their IP address."
To non-technical users, this reads more like "Brave (with Tor tabs) prevents websites from knowing who you are". It's lawyer-y, if that makes sense-- the whole thing just rubs me the wrong way. This is, of course, assuming said users even read the linked post; most will probably see 'Tor' and draw the relevant conclusions.
> even if the browser does not implement some of the anti-fingerprinting measures that Tor browser does
It's laughably easy to fingerprint Brave browser users, even compared to Firefox and its rather basic fingerprinting protections (at the moment). Though this is likely because Brave has a far smaller userbase.
People tell me this, but I genuinely can't tell the difference between Chrome and FF's speed on linux. Both feel equally fast to me. My only real complaint about FF on linux is a lack of hardware video decoding.
> Mozilla's power move would be to base Firefox on Chromium (or at least fork Chromium)
You can't be serious.
The only solution is to create a new web standards organization, since Google controls W3C. For instance, WebAssembly has a lot of privacy issues.
This is the first time I've heard about this. How so?
Brave exposes controls for all of its privacy and crypto features and you can easily opt in or out of anything that concerns you, making it a great choice for privacy.
It really smacks of hypocrisy that everyone is all for multitude of open source solutions, except when it comes to browsers. Mozilla has made many misteps regarding privacy and I've never seen attacks like this. To say that browser wars are political is an understatement.
Even assuming the worst, that being that Brave is trying to track you and build an ad network rivaling Google, that still seems in sum total a good thing. Google has gone down a dark path completely unchecked with their unimaginable omniscience and ad revenue, and I welcome an attack on their monopoly.
The second reason I dismiss Brave is that it doesn't really provide anything innovative. It's not just about ad-tracking. We need also decentralization and new ideas on how we consume and organize information. Brave is just another for-profit organization which also makes a poor root of trust. (while Mozilla isn't any better here and also depends on questionable sources for funding the point is Brave doesn't disrupt here).
I'm not saying Brave is bad because any contender that can reduce the share of requests from Chrome vs the "Rest" is welcome. Maybe one day we have a world where 50% or less is Chrome and the rest is a mix of many different implementations. For this to happen the whole web would have to be re-envisoned because right now companies can't even bother to support the testing of more than one browser. So practically with how things are right now we will probably not have more than 2-3 contenders at any one time. And for this reason my personal vote is for FF.
The only solution is to create a new web standards organization, since Google controls W3C. For example, WebAssembly has a lot of privacy issues.
Google has always been an ad company whose utility is to maximize ad dollars per user. What changed?
Chrome is just a rebranded KDE Konqueror if your logic holds.
Chrome does a lot of calling home. Like, a LOT [1][2]. For example, it checks sites are "safe" (as according to Google's standards) running every website you visit through their servers.
Brave tries to disable most of this.
1. https://github.com/Eloston/ungoogled-chromium
2. https://brave.com/brave-tops-browser-first-run-network-traff...
It only sends a partial hash of the url/domain. It's not feasible to deduce browsing history from the hash.
> running every website you visit through their servers.
That's not how it works.
Facts:
1. Brave's tracking degree is little to none, compared to Google/Microsoft(edge).
2. Brave is the only browser that splits ad revenue with the user, and pays creators a higher percentage, compared to the AdSenses of the world. On top of that, brave ads aren't distracting, are generally of high quality and non intrusive to the browsing experience.
I've personally earned more than $50 in aggregate this year using brave, and tipped a 100% of that to sites and content I consume often. Both the creators and I are happy costumers of brave.
Native notifications are incredibly distracting and intrusive.
https://practicaltypography.com/the-cowardice-of-brave.html
TL;DR: Creators have to sign-up to brave's BAT system in order to get revenue for ads that Brave embeds on the creator's website. And even then there is a competition upon creators for users to spend money on them which is not correclating with the time users spend on creator's content.
I currently use DuckDuckGo as my primary search engine because Brave's Private mode uses it by default. I had heard of DDG before, but I assumed that Google was better. When I saw that it really works just as well, I decided to switch.
We don't consider as part of our threat model preventing sites from knowing you're using Brave. I'm not aware of any browser or tool that considers this as part of their privacy threat model either (including the terrific Tor Browser Bundle). Our goal is to prevent sites from distinguishing between Brave users.
My claim is that our fingerprinting protections are strictly stronger than Firefox and Chrome. A partial list of fingerprinting protections that are enabled by default in Brave are at [1].
Fingerprinting is tricky, and we're tacking the problem in on multiple dimensions. We need to go further, and expect to have v2 of our defenses in nightly in the next month or two [2], but we're also leading efforts in W3C to address fingerprinting in standards (I'm snyderp, those are my / Brave issues identifying privacy harm in standards) [3], and we're pushing hard to prevent web standards and privacy efforts from being eaten up by vaporware [4].
So, all that is to say, Brave has the most aggressive fingerprinting protections of any general purpose browser, and is getting better. The naysayers are welcome to backup their claims ;)
1: https://github.com/brave/browser-laptop/wiki/Fingerprinting-...
2: https://github.com/brave/brave-browser/issues/5614
3: https://github.com/w3cping/tracking-issues/issues
4: https://brave.com/brave-fingerprinting-and-privacy-budgets/
I’m pretty sure the only reason they don’t expose it in the UA is because you can then calculate just how much of a scam it is. Their payouts are laughably low.
Get real. Ads are disgusting.
> This is only partly true. Brave whitelists some Facebook and Twitter trackers because blocking them outright would break buttons on some websites (e.g. the Facebook like buttons). Brave is meant to be easy to use, breaking a lot of websites is not easy to use. Brave was never meant to be a max privacy solution.
> The whitelist is now optional and can easily be disabled in the settings.
Opt out features like this don't respect your privacy.
If you're going to click it, it needs to work. If you're not going to click it, it doesn't matter.
Opt out is the best option here
Firefox has an obscure option that can be used to turn off this obnoxious behaviour. So I must use Firefox.
On macOS maybe this: https://stackoverflow.com/questions/41309910/how-to-regain-s...
That breaks the site guidelines. Please read and follow them, no matter how wrong you feel other commenters are.
I like the built in privacy features, but still use ublock, umatrix and privacy badger in conjunction with built in features. It's extremely snappy.
I have some qualms about their BAT model, but I am opted into ads and have set wikipedia and several favorite sites to auto donate. I've also cashed out about half of it myself (about $30 of $60 this year).
The ads themselves are crudely targeted. They claim the browser profiles your visits locally. Basically, visit opted in programming sites, get programming ads. It doesn't feel spooky and the ads are not intrusive.
I would use this without the BAT model or crypto wallets, but use both of those features all the time but it's just a bonus.
The most important thing to me is that it's chrome dev tools without Google. Chrome is straight up scary.
* Also, native tor windows are handy for testing ;)
> No it doesn't. Brave is open source and there has been no backdoor ever found. Many people claim that Brave being able to use custom HTTP headers are a backdoor but this isn't true. HTTP headers are allowed as per RFC 7231. See Brendan Eich's response to this.
This has got to be a joke, right? Nobody's claiming that Brave 'using custom HTTP headers' is not allowed in the HTTP spec, the problem is that Brave downloads a list of headers to inject into requests for specific websites.
I'm not sure I'd call this a "backdoor", but considering it cannot (to my knowledge) be disabled it at least deserves a conversation. Trying to minimize the complaint with "it's allowed in the HTTP spec" is insane.
Then why have it? Just because “everyone is doing it, so we should too, even though it’s antithetical to our goals”?
