undefined | Better HN

0 pointsmatthewrobertso5y ago0 comments

That you had to google these and didn't know them offhand made me skeptical, but I'll attempt to summarize the articles to see what the criticisms are:

1. https://securityboulevard.com/2019/02/brave-browser-sacrific... Brave has a whitelist for some facebook urls for loading scripts from third party domains. Found the brave community thread imaged in the post: https://community.brave.com/t/how-to-disable-facebook-twitte... My read of this thread is not having the whitelist breaks authentication using facebook and they offer an extension to remove the whitelist.

2. https://www.computerworld.com/article/3284076/brave-browser-... This is about the opt-in basic attention token system, where users can replace ads served by websites with ones that reward them with cryptocurrency. I have used brave for a while and don't use this system (using the built in ad block instead). I don't see this as a negative.

3. https://community.brave.com/t/does-brave-inject-buttons-onto... This is about some piece of the basic attention token system that apparently injects tip buttons into websites. I don't use the basic attention token system so this does not impact me.

4. https://twitter.com/vj_chidambaram/status/107647481470831001... This is apparently about the basic attention token system donation feature not sending out donations that do not meet a threshold. Again, I do not use this system. But I saw this mentioned by someone else in one of the comments on this post and the response mentioned Brave has changed their policies to refund people within 90 days if the donation is not claimed.

0 comments

3 comments · 2 top-level

nobunaga5y ago· 1 in thread

Umm I knew of them, I was being sarcastic as I had to do your job of researching something rather than you actually spending some effort to do your own job.

I think everyone's threshold for what constitutes breach of trust is different. If you accept content injection, unreported whitelists and other similar behaviour from a browser which touts privacy as its selling point ok, then thats your call. But this kind of behaviour is unacceptable from my and many other people's perspective. Which other major browser injects any content in to a website without the users request? Do you see people being ok with being impersonated by Brave without their knowledge? Especially when these mistakes just seem to keep happening, at some point you have to question the intention. Again maybe you are ok with it, but people should be informed about these practices and make their own call. To most people, this is not ok. What other browser has had this level of controversy (outside of chrome possibly) and they have been in business longer than brave.

matthewrobertsoOP5y ago

You are not responding to my investigation of your issues and just asserting your initial argument again. You have not demonstrated content injection beyond some BAT related tipping feature. All of the controversies you have pointed to are extremely minor and justifiable. I become more convinced as I read your posts you started with your conclusion and are working backwards to evidence.

jonathansampson5y ago

A few notes (you'll see that I also had a response below):

1. We whitelist scripts to load, so as to enable Facebook and Twitter posts to be embedded into other sites. But, we don't whitelist/enable the tracking aspect of these scripts. We block them from accessing cookies and other local storage. You can modify this behavior in brave://settings/socialBlocking

2. Brave has never replaced ads on pages. We block harmful, third-party ads and trackers. And, separately, we offer a privacy-respecting digital advertising model. As you point out, our model of showing ad notifications is opt-in.

3. These are harmless tip-triggers shown near Tweets, GitHub comments, and more. Similar to what you would see with an extension like Pocket, where buttons are added near items so you can add them to a reading list, etc.

4. Tips made to unverified creators remain in the user's wallet. There's no threshold requirement here; if you tip 1 BAT to a verified creator, that tip will go out immediately. If you tip 1 BAT to an unverified creator, it will remain in your wallet for up to 90 days.

j / k navigate · click thread line to collapse