Brave browser discussion

Tealing

@annerod said in Vivaldi introduces a Reading List Panel, shows statistics on blocked trackers and ads.:

As far as privacy goes it is only challenged by Brave browser

I wouldn't trust Brave, it has done many shady things: https://en.wikipedia.org/wiki/Brave_(web_browser)#Controversies

Annerod

@tealing I have read the lengthy Wikipedia article you linked in its entirety and cannot find anything "shadey" about their dealings other than a few issues in their earlier versions eg 2018, 2020. Given their complex BAT system and cryptocurrency features there were bound to be a few early mistakes all of which seem to have been corrected now.
The overwhelming opinion voiced in quoted in the reviews and comments still say Brave is the fastest, safest, most economical browser out there with a focus on privacy right across the board. It rates well above the Big Three and even more so with Edge and Yandex.
Lastly you do not need to opt into the Brave BAT scheme, it's entirely optional. There is no sign up or subscription required to use this browser.
And just to finish, I was an early adopter of Vivaldi, I still use it for particular process' and I have been requesting an iOS version since day one. About four years ago. I can no longer accept Vivald's excuse that Apple make it too difficult. I can only assume it is a deliberate policy decision on the part of the developer's.

bravesampson

@annerod Indeed, we've done nothing shady. The "controversies" listed on Wikipedia aren't all that exciting when you take a closer look at the details.

The confusion from 2018 around contributions was due to naïve UI/UX on our part. We gave BAT our own tokens to users, and asked them to direct them to popular creators. We marked verified creators with a check-mark (similar to Twitter), but made no marking for unverified creators. This resulted in confusion for some of our users; we moved quickly to implemented changes in December of 2018, which yielded a substantially better system. More about that on our blog.

The referral codes issue was also quite minimal, and far more boring than commonly portrayed Brave is free, so we explore ways to support the project and its development which don't require users digging into their own pockets, or handing over their data (as is common with other browsers). We thought it would be okay to suggest referral-links among search query results. So if a user typed "binance" or "bitcoin" into their address bar, the browser could offer relevant referral links, if any existed. Our mistake was matching fully qualified URLs as well--that was caught pretty quickly, and fixed. This issue didn't involve any user data or impact to privacy. It didn't involve any redirects, rewrites, or any other type of modification to visited pages. More about that on our blog.

The private window with Tor leak was a real issue, and a mistake on our part. Brave blocks trackers by default, which is pretty easy when they use third-party domains. But some trackers are clever, and use CNAME-cloaking to hide among first-party URLs. Brave introduced CNAME-decloaking (the first, and possibly only, major browser to do so) to uncover these trackers and block them. This feature requires resolving first-party domains, which exposes your traffic to your ISP. Generally speaking, that's normal behavior. But Brave also supports Tor Windows, to deliver true anonymity on the Web. This is another feature that you don't get in any other popular-level browser. CNAME-decloaking is great, but needs to be handled with care in a Tor context (that's where our testing failed). These two features, separately, make Brave one of the most trusted browsers for privacy. But when the two features were used together, one (CNAME decloaking) would weaken the other (Tor). This was fixed quickly after discovery. You can read more about CNAME Trickery on our site.

The last "controversy" (as of the time of this writing) is Restrictions on BAT Tokens. I'm not even sure why this is listed; Brave decided not to permit our tokens (that is, tokens belonging to Brave) to be gifted to a particular domain/host. Users are still free to gift their own tokens to any verified domain/host.

If you're interested in privacy, you might enjoy reading this review of Brave and other popular browsers.

I hope this helps!

Annerod

@bravesampson Thank you for expanding on my statements in defence of your excellent product. This is no slur on Vivaldi which I also strongly support and promote it simply falls short of my broader needs for a cross platform web browser.

Tealing

Brave/BrendanEich

Who owns your attention? Who owns your web browsing experience? Who gets paid? If not you, then you're "product".

Time to get paid.

Then injecting affil to URLs. It's the mindset of these Brave creators, that didn't see initially anything wrong what they did when the lid was blown off of their shady and secretive practice, until a backlash, that breaks any trust.

But yeah, trust everyone you want. BTW. I have these emails from a nigerian prince that you might be interested.

Catweazle

@bravesampson , I have no doubt that Brave is one of the browsers that protects the user's privacy the most, even in some points more than Vivaldi, although not much. In other words, in any case, online privacy is quite relative and depends 90% on the user himself.

It's a good browser, but personally I prefer Vivaldi because, apart from good privacy, it offers me all the functions I need and apart from being able to customize it to my liking.

Some time ago I have also used Brave and the French UR browser, but only as seconds and rarely used. I have replaced it with FF, not because I like it very much, but for test reasons, in case of a problem, to see if it is due to Chromium or in general for other different engines.

bravesampson

@tealing Affiliate links were never injected into anything; I would strongly encourage you to see the blog post which described the feature (or download Brave and enable the feature yourself to see how it works). There was nothing shady here; if Brave had an affiliate link for a site we thought you might be interested in visiting (based on search-input), then we would offer it among other organic results. This was done as a means of offering users a way to support Brave development without paying out of pocket, or compromising their data/privacy.

Tealing

You can try to whitewash all you want, I don't, and a lot of others, don't trust you. Everyone can read twitter posts/answers about this, for example https://twitter.com/brendaneich/status/1269289242905042944 and make up their own minds. You got busted. It was not a mistake, you did it intentionally. You tried to make money using brave users. "Who gets paid? If not you, then you're 'product'". Hypocrites.

Pathduck

@tealing Please try to moderate your language even if you obviously feel strongly about this issue. Do not attack or insult other users no matter who they are.
https://vivaldi.com/privacy/code-of-conduct/

If you have issues with it take the discussion elsewhere - Twitter, Brave Community, or the appropriate category on this forum.

EDIT: Forked discussion on Brave.

bravesampson

@tealing I'm not sure what your objection is, sorry. Yes, we did ship the feature (i.e. inclusion of affiliate options in search suggestions) intentionally. That said, our mistake was matching against fully-qualified URLs rather than search-input alone. Thankfully our community caught the mistaken behavior, and we were able to correct it quickly. But again, the affiliate code was merely offered in light of relevant input from the user (e.g. we'd offer, among other suggestions, our affiliate link for binance if the user typed binance into their address bar).

As stated in the Tweet you linked, the affiliate code identifies Brave (necessary, since we don't have a distinct user-agent string). This didn't involve any user data, or any impact on user privacy. Happy to discuss any specific concerns you have with the implementation, but I believe we covered that sufficiently in our blog post.

Kind regards.

Streptococcus

I do not like software that lies to me, and that is what Brave began to do. It disabled most of my extensions the last time I updated it, and the reason it gave was that they were no longer in the Chrome Web Store. I checked three of them, and they were still there. In addition to disabling extensions that I was using, Brave lied to me, and as a result, I got rid of it.

bravesampson

@streptococcus My apologies for the poor experience. Brave doesn't have any reason to say certain extensions are no longer in the Chrome Web Store when in fact they are. I believe we rely exclusively on the extension's Update URL, and service endpoints from Google to confirm whether or not an extension is still present and active. I suppose it's possible that an extension could temporarily become unavailable, or that there could exist alternative extensions with similar names. If you're comfortable sharing the actual extension IDs, I'd be more than happy to look into this further for you. All the best!

Streptococcus

@bravesampson
Why did Brave disable all but 2 extensions? I had something like 16 of them installed. One of the ones not disabled was uBlock Origin. I forget what the other one was.
Some that were disabled:
Custom Stylesheet & Script 2.1.0 hojkciooaohipljgobfikbkjcehockld

Trace - Online Tracking Protection 3.0.6 njkmjblmcfiobddjgebnoeldkjcplfjb

Violentmonkey 2.13.0 jinjaccalgkegednnccohejagnlnfdag

Disable HTML5 Autoplay (Reloaded) 0.9.2 cafckninonjkogajnihihlnnimmkndgf

Eggcorn

@Streptococcus said in Brave browser discussion:

Why did Brave disable all but 2 extensions? I had something like 16 of them installed. One of the ones not disabled was uBlock Origin. I forget what the other one was.

The reason is obvious: It's a bug. Why would you think that Brave is "lying" to you?

Streptococcus

@Eggcorn
Brave was lying because it claimed that those extensions were not in the Chrome Web Store.

Eggcorn

@Streptococcus "Lying" means intentionally telling a falsehood, not a mere computer bug. So, again, what makes you think Brave is lying? What makes you think that the Brave programmers intentionally programmed Brave to give false information about what extensions are in the store?

paul1149

@Streptococcus said in Brave browser discussion:

@Eggcorn
Brave was lying because it claimed that those extensions were not in the Chrome Web Store.

Did you report the problem? When a new update came out did you retry the extensions? Did you then ever have a repeat of the problem? Or did you just assume they were lying and go public about it?

Streptococcus

@paul1149
My response was to get rid of Brave. I still use Brave with iOS, since it cannot install extensions and therefore cannot give false information about them.

paul1149

@Streptococcus said in Brave browser discussion:

@paul1149
My response was to get rid of Brave. I still use Brave with iOS, since it cannot install extensions and therefore cannot give false information about them.

Then it seems you made a rash judgment. Things go wrong with software. Doesn't mean it's intentional.

treego

Brave crashes every time for me after being open about 20-30 seconds ... no way to fix it ... oh, well ... I like Vivaldi quite a bit better, anyway.