If you are keen on personal privacy, you might have come across Brave Browser. Brave is a Chromium-based browser that promises to deliver privacy with built-in ad-blocking and content-blocking protection. It also offers several quality-of-life features and services, like a VPN and Tor access. I mean, it’s even listed on the reputable PrivacyTools website. Why am I telling you to steer clear of this browser, then?
Thank goodness that we can post things in here without Braves astroturfed PR community galavanting to save face like what happened when any story against brave posted on the other site
I’m almost certain they mean Reddit, but there are a lot of sites that aren’t lemmy.dbzer0.com … like lemm.ee and infosec.pub … even some sites that aren’t Lemmy instances like infosec.exchance or hachyderm.io.
anyone believing brave is good for privacy is quite naive
It’s good for playing youtube without ads and Netflix which doesnt work with my firefox setup for some reason. That’s all I use it for.
Weird, youtube with ublock origin is all I need to enjoy no ads. Are you using some additional scripts that modify youtube in some way?
Why is everyone downvoting this? I haven’t used Brave as a daily driver for 3 years since I’ve been with LibreWolf, but my impression has always been the same, that it’s far better than stock Firefox, purely based on privacy (completely ignoring any ethical reasoning for not wanting to support Brave). Chrome and Edge being worse is obvious.
the crypto and the asshole ceo aside, nobody should trust a browser that claims to respect privacy that’s based on chromium.
ultimately they’re still chromium and they still contribute to chrome’s dominance.
Eh, I think that’s a stretch. Right now, Lemmy is going nuclear on Firefox. Should I also stop using Librewolf, too, because ultimately, it contributes to Firefox? Chromium is solid and I think it’s better to show what type of chromium we want instead of outright boycotting the entire open source project.
I’m using brave lol. As a web developer I really need to test the work I do on a chromium based browser. Brave seems to be the best chromium based browser that still supposed ad blocking after the whole manifest v3 thing.
So let me pose this question to you. As someone that needs to use Chromium for work, what’s the best Chromium based browser that still supports ad blocking?
I get that Firefox is better. Heck Tor is even better. But realistically what is something I can actually use to get real work done?
Edit: ok I read the article. That is kinda bad. So please find me a chromium based alternative that I can use for work
This week I’m going to try out ungoogled Chromium and Vivaldi. I know Vivaldi is partially closed source, but I’m not actually in the camp that thinks all closed source is bad.
Chromium is much more secure than Firefox, so your privacy depends on your threat model here: https://madaidans-insecurities.github.io/firefox-chromium.html
tldr:
- CEO was forcefully ousted from Firefox for anti-LGBTQ views and donations.
- Replaced existing ads on sites with Brave’s own “private” ads.
- Collected crypto on behalf of others without their knowledge or consent
- Injected referral links into crypto websites to steal crypto revenue
- Put ads in the new page tab
- Shipped a TOR feature that leaked DNS
- Doesn’t disclose the ID of their search engine crawler via useragent
- Removed “strict” fingerprinting protection
- CEO is generally a right-wing dick.
You should also add secretly whitelisted Facebook trackers in their adblocker, something they did a while back.
- Shipped a TOR feature that leaked DNS
Yikes I didn’t know they did that but I’m not surprised. There’s a reason the people behind Tor say it should only be used via the official Tor browser, because only the Tor browser can provide that level of protection against those kind s of leaks, as well as much better fingerprinting resistance than chromium-based brave is going to give you.
Thanks for the TLDR. Enough said, deleted Brave app. Firefox Focus is a good alternate.
Those are good reasons to ditch a product. Yet, at the same time, inside the Apple ecosystem this is the only browser that allows cross platform watching of yt without any ads, therefore suffocating Google and the fat cat MKBHD influencers from income.
So it’s like an evil to tame another evil to me atm.
Of course the best path forward would be to ditch both Brave and yt and then just get Nebula/patreon or something for serious content browsing.
I’m curious though: if I just use Brace only with a few yt tabs open and never open the new empty tab or visit another site, does Brave get any revenue from me?
This is like saying “I see he was murderer until he got caught”. No shit Sherlock some of those are past tense, because he got caught. If you want to go ahead and get exploited by a dickhead and his future pending scams go ahead.
“Fool me once, shame on you, fool me twice, and apparently I end up supporting the right wing all the time because I’m a dunce” is apparently how it works these days.
well no you’re accusing all the contributors of brave of being a murderer
they stopped murdering a long time ago
CEO was forcefully ousted from Firefox for anti-LGBTQ views and donations.
I think this is making mountains out of molehills. My understanding is that he had a very good working relationship w/ LGBTQ people in the org, and he had been working for many years at Mozilla before this point. The issue was his private donations to an anti-same sex marriage initiative. He didn’t push for any company policy change, didn’t advertise the donation, and didn’t use company funds (used personal funds), so it really shouldn’t be anyone’s business.
I personally disagree with his political views, but I think he was a fantastic candidate for CEO of Mozilla. How he votes or spends his personal money shouldn’t be relevant at all.
Replaced existing ads on sites with Brave’s own “private” ads.
I like this idea in principle, but not in implementation. Brave should have worked with major websites to share revenue, but what Brave actually did was remove website ads and insert its own, forcing websites to go claim BAT to get any of that revenue back.
My preference here is to not use a cryptocurrency and instead have users pay in their local currency into a bucket to not see ads (and that’s shared w/ the website), and that should be in collaboration w/ website owners.
Collected crypto on behalf of others without their knowledge or consent
This is a big nothing-burger.
Basically, Brave had a way to donate to a creator that wasn’t affiliated with the creator. The way it works is you could donate (using BAT), and once it got to $100 worth, Brave would reach out to the creator to give them the money. They adjusted the wording to make it clear they weren’t affiliated with the creator in any way.
Injected referral links into crypto websites to steal crypto revenue
Yeah, this is totally wrong, and they reversed course immediately.
Put ads in the new page tab
Not a fan, but at least you can opt-out.
Shipped a TOR feature that leaked DNS
Mistakes happen. If you truly need the anonymity, you would have multiple layers of defense (i.e. change your default DNS server) and probably not use something like Brave anyway (Tor Browser is the gold standard here).
Doesn’t disclose the ID of their search engine crawler via useragent
Also a bad move, though I am sympathetic to their reasoning here: they just don’t have the resources to get permission from everyone. Search has a huge barrier to entry, and I’m in favor of more competition to Google and Microsoft here.
Removed “strict” fingerprinting protection
This was for better UX, since it broke sites. Not a fan of removing this, they should have instead had a big warning when enabling this (e.g. many sites will break if you enable this).
CEO is generally a right-wing dick.
Fair, but that should be a separate consideration from whether to use a given product. Using Brave doesn’t make you a right-wing dick.
You probably wouldn’t like the CEO of any company whose products you like, so basing a decision of what product to use based on that is… dumb.
I personally use Brave as a backup browser, for two reasons:
- it’s a chrome-based browser
- it has ad-blocking
My primary browser is something based on Firefox because I value rendering-engine competition. But if I need a chromium-based browser, Brave is my go-to. I disable the crypto nonsense and keep ad-blocking on, and it’s generally pretty usable.
He didn’t push for any company policy change, didn’t advertise the donation, and didn’t use company funds (used personal funds), so it really shouldn’t be anyone’s business.
It’s everyone’s business that cares about those people.
How he votes or spends his personal money shouldn’t be relevant at all.
Using products from a company that benefits him is empowering him to do those things.
Brave should have worked with major websites to share revenue
That’s a monumental task. They would have had to create their own ad network similar to Google and then somehow out-compete them to get their business without any of the information that Google has about users.
they weren’t affiliated with the creator in any way.
Yes, that’s the problem.
Yeah, this is totally wrong, and they reversed course immediately.
Only because they got caught, and they didn’t refund any of the crypto they earned in the interim.
Mistakes happen.
When it comes to TOR, mistakes can be a matter of life and death. People only use TOR when they need complete anonymity.
they should have instead had a big warning when enabling this (e.g. many sites will break if you enable this).
They did indeed have exactly that. It said in the actual setting itself “Strict, may break sites”.
You probably wouldn’t like the CEO of any company whose products you like, so basing a decision of what product to use based on that is… dumb.
Not true. I like Our Lord Gaben. I like Meredith Whitaker. I like lots of CEOs.
It’s everyone’s business that cares about those people.
But is it though?
Believing that same-sex marriage shouldn’t be a government-supported institution isn’t the same as believing LGBT people are “invalid” or “wrong” or whatever.
For example, I personally oppose government-supported marriage entirely (despite being married myself) because I think marriage should be a religious/personal thing instead of an official government institution, and that we should replace it with a series of contracts that grant certain legal privileges (e.g. joint tax filing, power of attorney, etc) in an a la carte type setup (i.e. you may want to join finances w/ someone, but not give them hospital visitation rights). I think we should also allow more than two parties to enter into these agreements to cover a wide variety of unique living situations (e.g. you may want to joint file with a parent that you care for).
I don’t know Eich’s personal political views, and I honestly don’t care, as long as they don’t interfere with his role.
That’s a monumental task. They would have had to create their own ad network similar to Google and then solicit every site on the web to participate.
Not necessarily. For example, they could partner w/ someone like Axate, which basically does just this.
Only because they got caught, and they didn’t refund any of the crypto they earned in the interim.
My understanding is that they can’t really do that, because the payments are anonymous. I could be mistaken though.
When it comes to TOR, mistakes can be a matter of life and death. People only use TOR when they need complete anonymity.
And if that applies to you, you should be very careful about the tools you use. Brave is a new thing and is relatively unproven. Use established, proven tools like Tor Browser.
Not true. I like Our Lord Gaben. I like Meredith Whitaker. I like lots of CEOs.
Eh, I don’t really like Gabe Newell, but I certainly appreciate the investment into Linux. It just so happens our interests align more than they don’t. I wouldn’t be surprised if GabeN’s personal politics were quite conservative, because conservative policies generally benefit rich people like him (the closest I can see is maybe libertarian).
Meredith Whitaker is an absolute treasure, we don’t deserve her.
My understanding is that he had a very good working relationship w/ LGBTQ people in the org
Then why betray them? He has nothing to gain from funding such a campaign. There is no logical explanation and sure as hell no justification for it.
[…] so it really shouldn’t be anyone’s business.
How he votes or spends his personal money shouldn’t be relevant at all.
Oh, shut up. When this asshole funds a campaign that’s actively fighting against the rights of millions of people, it absolutely is our damn fucking business.
Yeah, this is totally wrong, and they reversed course immediately.
It’s bad enough that they even got the idea, let alone implement and actually ship it. Negative reactions shouldn’t be the first deciding factor for reversing such decisions.
Brave should have worked with major websites to share revenue
Not just share, completely give up that revenue. Blocking ads is one thing, but to then also monetise other people’s content should not allow Brave to earn even a single cent.
Your proposed solution sounds fine, though.
CEO is generally a right-wing dick.
Fair, but that should be a separate consideration from whether to use a given product.
Again, no. Maybe if there weren’t any alternatives, but there are plenty.
You probably wouldn’t like the CEO of any company whose products you like,
That’s probably true, however, Eich is a different story. Despite not gaining anything from it, neither for his companies nor for himself, he was willing to go out of his way to support a campaign in favour of discriminating millions of people, proactively. This doesn’t just make me not like him, it makes me despise him.
Other CEO’s typically at least keep quiet about politics, and make me dislike them mainly because of self-interest and their resulting business decisions, which can at least still be somewhat understandable.
And let me be clear that I’m not going to jump on people who use Brave for whatever reason. But under no circumstances will I defend those who downplay or justify Brave’s, and especially Eich’s, actions.
He has nothing to gain from funding such a campaign.
He obviously believes that same sex marriage shouldn’t be performed by the government. If you want to know why, ask him, not me.
That said, I don’t see this as “betrayal,” it was a private donation. The only reason we’re talking about it is because someone dug through his donation history (donations to such orgs are public record) and made a big deal about it. AFAIK, there were no accusations of him treating LGBT people unfairly, only opposition to his donation.
It’s bad enough that they even got the idea,
I’d like to see an explanation beyond, “yeah, we screwed up.” Who signed off on it, and what was their justification?
Your proposed solution sounds fine, though.
Thanks. The idea is that the browser has a vested interest in protecting the privacy of it’s users, so finding a workable solution for both the user and the website should provide some funding for the browser.
But yes, either the browser should block ads so nobody gets revenue or work something out where everyone wins. Profiting off someone else’s content without permission will always be wrong.
Maybe if there weren’t any alternatives, but there are plenty.
Do you have a better suggestion for a chromium-based browser that’s FOSS and has effective ad blocking and tracking protection?
I use Firefox (or fork) most of the time, but I need to test on a chromium browser and need a backup for the odd website that fails on Firefox.
Brave sticks out as the obvious solution here.
Other CEO’s typically at least keep quiet about politics
He tried to. He never advertised his political beliefs, donations, etc. Someone just found out and blasted him for it. For an org that supposedly cares about privacy, that’s pretty alarming!
But under no circumstances will I defend those who downplay or justify Brave’s, and especially Eich’s, actions.
Nor will I. But I will separate my criticism of them.
I’m 100% happy to jump on board an Eich’s political positions hate train, and I probably share the resentment. But I will not jump on a Brave hate train just because Eich is associated with it. I’m happy to blast Brave over technical mistakes it makes (I avoided it for a long time until BAT was deemphasized), but I won’t transfer that frustration into a personal attack on Eich. They can and should be treated separately.
Holy copium batman, imagine excusing malware and checks notes literally aiding in denying rights to LGBTQ+ people.
Let me guess, you pretend to be centrist by day, and you wear
By night?
You got me, I guess? But don’t tell my POC SO that I’ve been happily married to for >10 years.
Seriously though, this is the kind of extreme take I’m pushing back on. I strongly disagree with the Lemmy devs’ politics, yet here I am on their platform. I’ve even contributed bug fixes. I strongly disagree with Eich’s politics, yet I use Brave as my backup browser. Why? It meets my technical requirements. Firefox is my main browser though.
I’m not a centrist either, whatever that means, but I guess of you average out my extreme takes it could look that way. Conservatives call me socialist, Progressives call me far right, so I guess the middle of that is centrist?
It’s tempting to see his donations to prop 8 as just his personal business, but like so many others you’re missing the fact that when your political beliefs are that other humans are actually subhuman and not equals, that goes beyond “personal politics.” Like outright naziism, there should be no safe place for a single ounce of this thinking. If you think it’s akin to liking shrimp more than chicken, you should deeply rethink your own “personal politics” because you’re casually glancing over the dehumanization of other people with a shrug.
you’re missing the fact that when your political beliefs are that other humans are actually subhuman and not equals
Wait, so believing same sex marriage shouldn’t be allowed means you think gay people are sub-human? That’s quite the leap. It may be true, but you’ll need a bit more evidence than a private donation to a group pushing a bill to ban same sex marriage.
Even if he is literal Nazi trash (big doubt), his company produces FOSS, which can and should be evaluated on its own merits.
Look, I’m married to an immigrant POC. If he supported banning immigration interracial marriage, that would piss me off, but it wouldn’t have any impact on the quality of the browser. I bet CEOs of companies that make a number of products I use have terrible political takes or like Eich, but that doesn’t change the quality of the product.
If he brought his politics into his company, that would be different. But how he spends his money and free time doesn’t really matter to me.
Fair, but that should be a separate consideration from whether to use a given product. Using Brave doesn’t make you a right-wing dick. You probably wouldn’t like the CEO of any company whose products you like, so basing a decision of what product to use based on that is… dumb.
So it’s ok to buy a Tesla nowadays in your opinion? Genuinely curious.
So it’s ok to buy a Tesla nowadays in your opinion? Genuinely curious.
Yes, if it’s the vehicle that fits your needs the best. Elon doesn’t need your money, and with Tesla getting roasted in the media, you can probably pick up a good deal.
That said, I wouldn’t buy a Tesla for other reasons, such as:
- poor manufacturing quality
- poor reliability (the Model 3 is the “best” and it’s just average)
- poor repairability
I do boycott certain products though, first among them is Wal-Mart, but that’s because I find Wal-Mart to be anti-competitive (drives smaller stores out of business) and they contribute to poor working conditions either directly (i.e. their own products) or indirectly (i.e. forcing suppliers to cut costs). I’ve been boycotting them for ~20 years, and honestly haven’t bothered checking if they’ve improved. I also try to avoid buying from Amazon for similar reasons.
Maybe Tesla is similar to those, idk. I personally don’t buy Musk’s products because I find them lacking, and I haven’t needed any more reasons to avoid his products than that.
I literally don’t care about the political views of the CEO/owner of a company. I dislike Chik-Fil-A’s founder, for example, but I like the food there and the workers seem to be treated well, so I shop there. I especially like that they’re closed on Sundays, which guarantees workers get at least one day off. Whether some idiot gets rich from a fraction of the money I spend on a certain product doesn’t bother me, I mostly care that the business is run well and the product is good.
Using software made by people who are politically aligned to sell out your country to russia is stupid stupid stupid and makes you an idiot, idiot, idiot.
Its not just politics when the politics are treason and electing a kgb asset. In a normal country and time it wouldn’t be a big thing wether your browser maintainer wants feee public transit or not but in current time right wing means you literally voted to destroy the entire us in order to weaken nato for the russian invasion.
It sounds like you need to step away from social media and touch some grass.
But let’s say you’re right, pretty much every big company is sucking up to Trump, and you’d be hard pressed to find something in your shopping cart that doesn’t benefit someone that supports him. That’s an untenable position.
The better approach, IMO, is to avoid products from companies that mistreat their employees. That’s why I avoid Walmart, Amazon, and a few others, because that sends a clearer message and funnels my money to a better cause.
Avoiding Brave is just virtue signaling, it doesn’t actually accomplish anything. If Brave goes under, Eich will still be conservative and probably still donate to causes you don’t like, but we’ll have one less competitor to Google’s absolute hegemony over the web browser market.
Use Brave if it solves your problems, don’t if it doesn’t. Don’t base that decision on the personal views of the person who happens to be in charge.
My take: No other browser is sustainable without advertising. Orion looks to be that guy, but we will see. We’ve already seen many other browsers stop development, like Mull and LibreWolf, due to lack of resources. Firefox itself is on the chopping block with Google potentially being forced to sell Chrome. We’ll see what Kagi is able to manage with Orion, though releasing it with pretty much all the features one could want for free doesn’t appear promising. I think taking a “private advertising” approach is the best we’re going to get. This makes Brave sustainable.
The CEO is a dick, no doubt, but they pretty much all are, and every browser has it’s drawbacks.
As far as the useragent, I kinda agree with Brave on that one. Sites want to be crawled by Google but they will block anyone else, which obviously creates an anticompetitive environment in an industry that severely needs competition.
As for the fingerprinting, I kinda get it. I’m sure some users were turning on strict protection and then complaining about the browser not working properly and ultimately ditching it while complaining to others. That being said, even with “standard” fingerprint blocking, Brave is the only browser I’ve used on CoverYourTracks and it returned “you have a randomized fingerprint”. I’m not any sort of tech genius but I think the folks at EFF are and I trust them.
We’ve already seen many other browsers stop development, like (…) LibreWolf, due to lack of resources.
Wait, what?
Two things:
-
When did Librewolf stop development?
-
On funding, they say in their FAQ:
If we don’t need funding, we won’t risk becoming dependent on it. And also: no donations means no expectations. This means that people working on LibreWolf are free to move on to other projects whenever they want.
Librewolf seems to very consciously not looking for “resources” from advertising or donations, or etc. The only resource they seem to want is motivation.
Which I think is one of the big issues with OSS projects - many are based around a very small number of people being motivated to work on something for free. And it dies if that stops.
I think that having expectations and funding to continue is important, like you say.
But I’m still confused about what you mean by the “resources” comment re: Librewolf.
When did Librewolf stop development?
https://github.com/arkenfox/user.js/issues/1906
“Hey all, I’m on the LibreWolf team, and it’s true that since the departure of @fxbrit the project has taken a total nosedive when it comes to keeping up to date with Arkenfox and settings in general. We’re still making releases, but settings did not get updated.”
“As @threadpanic said, since fxbrit left we have been in a kind of “maintenance” mode in terms of settings. Mainly because we are really only three people left”
“LW since fxbrit left/died/who-knows has gone to shit - I worked with him behind the scenes to make the right choices and while he would do his own analysis, we always agreed, and his voice influenced them. Now they don’t know what they are doing, and in fact have compromised security and make really stupid decisions. Same goes for all the other forks - really dubious shit going”
Which I think is one of the big issues with OSS projects - many are based around a very small number of people being motivated to work on something for free. And it dies if that stops.
Exactly.
But I’m still confused about what you mean by the “resources” comment re: Librewolf.
“Resources” can refer to many different things, in this case it is motivation/prioritization.
I can somewhat understand the overall criticism, because Librewolf - as far as my understanding goes - would be in trouble without the work being done on the code upstream.
Personally, I know that this does not exist (yet), and to some people that put privacy above everything else with a more libertarian slant, this might sound like the worst option imaginable, but my “dream” way to handle it within the current economic system would be:
Have an open source, FOSS base, web-engine and all, developed with public funds similar to public broadcasting in many countries (Bonus if carried by international organisations instead of just national. Think a UN institution like UNESCO or WHO, but focused on making the internet accessible neutrally and to all). On top of that code, projects that want to put privacy above all else could still feasibly built projects like LibreWolf (an even Brave), relying somewhat comfortably on secure fundamentals.
I know, sounds like a dream, which it is at this point. But every other solution within the current economic status quo I personally thin of, I see no chance of enshittification not always encroaching and creating crises, if not outright taking over.
No browser is sustainable without money because
- The infrastructure and labor costs money
- Google charges out the ass for Widevine which is a must for Netflix, Apple TV+, etc
- H.264 Licensing
My take: We can have an open source browser. No resources are required. We don’t need ads to view content we make. There is no need for a megacorp or any entity taking money and controlling us.
We can have an open source browser.
Most browsers are already open source. They’re all funded by advertising (except Safari which is a whole other problem).
No resources are required.
Are you planning to imagine it into existence?
When you find one that has some sort of sustainable model that isn’t advertising, please let me know. I’ll be all over it.
Since when did LibreWolf stop development? First I heard of it, and concerning if accurate.
I was just reading about it in another thread that I don’t remember. Not really “stopped” per se but one of the major devs left and the remaining have admitted they’re not able to keep up. I’ll go and see if I can find it again and I’ll edit this comment if I do.
Don’t forget about the fact that a while back they secretly whitelisted Facebook trackers in their adblocker to “make pages run more smoothly” they got a lot of shit for it when people found out looking through the source code. When I heard that they did that it basically cemented in my mind that they were shady and untrustworthy, that’s in addition to the Crypto and rewards stuff.
