Brave: Browser with its own advertising concept

I often hear the question why I don't recommend the Brave Browser and why I don't participate in the Brave Rewards program. First of all, the browser is based on Chrome - that's enough for me to avoid it as much as possible. Browsers based on Chrome are usually closely linked to Google services. As a user who is sensitive to data protection, I am happy to do without it.

I also find the "advertising concept" unconvincing. The integrated advertising blocker initially prevents advertising from being displayed. Brave then fades in its own advertising, which in the opinion of the developers is "less harmful" and does not make the user traceable on the Internet. For advertising, a fee is to be paid to the user as well as to the advertiser in the form of Basic Attention Tokens (BAT).

Currently, the browser can be operated completely free of advertising - i.e. even without advertising that displays Brave. In the future, this model may be adapted. Who decides then against the Ad Replacement, that must deactivate the integrated advertising blocker. Inevitably this means: In Brave, the user is either shown advertising from the respective website or advertising via the "Ad Replacement" concept. Unlike other browsers, the user cannot completely suppress advertising, for example via Adblocker plug-ins such as uBlock Origin. Whether this will be implemented in this way, however, is still speculation.

Final conclusion: Not recommended

Source:

https://www.kuketz-blog.de/brave-browser-mit-eigenem-werbekonzept/

📡 @NoGoolag
#brave #browser #advertising #kuketz

MetaX Worked With Hundreds of People to Visit Global Publishers’ Sites to Reverse Engineer Google’s Cookie_Push GDPR Workaround (aka ‘Push Pages’) & the OpenX Push Page Workaround

MetaX is proud to provide additional important context to the research released today from Brave and featured in the Financial Times, focusing on a GDPR workaround built by Google known as “cookie_push” (aka “Push Pages”). Our intention is not to single any one company out, but rather inform the community on these ongoing data issues.

The data released by Brave and reported in the Financial Times article showed that Google deployed a new data syncing architecture prior to GDPR – the details released by Brave include numerous written explanations of the process, and also a chart showing the cookie data flow that our team helped with. https://www.ft.com/content/e3e1697e-ce57-11e9-99a4-b5ded7a7fe3f

💡 How Google’s RTB and Push Pages allow hundreds of DSPs to tie their tracking profiles about people together (View the full chart)
https://brave.com/wp-content/uploads/sequence.pdf

https://metax.io/metax-report-google-workaround-openx-workaround/

#Google #Brave #DeleteGoogle #tracking #rtb #dsp #GDPR #advertisers #advertising #pdf #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

CNAME Cloaking, the dangerous disguise of third-party trackers

How come AdBlock, Adblock Plus, uBlock Origin, Ghostery, Brave and Firefox are letting a third-party tracker from Eulerian, a leading tracking company, execute their script freely on fortuneo.fr, one of the biggest online bank in France?

How come the same thing is happening on thousands of other popular websites worldwide?
What has started to happen in the last few months in the world of third-party tracking is having a major impact on people’s privacy, and it all stayed pretty much under the radar.

👉🏼 Read more 🇬🇧:
https://medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a

👉🏼 Read more 🇩🇪:
https://www.kuketz-blog.de/vorsicht-neue-art-des-trackings-via-cname-cloaking/

#CNAME #Cloaking #tracker #dns #AdBlock #AdblockPlus #uBlock #Ghostery #Brave #Firefox #Eulerian
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Brave denounces Google for breaching the GDPR and exposes in an extensive report that Google collects data without specifying its use

https://brave.com/google-internal-data-free-for-all


#google #brave #gpdr #complaint

The Brave web browser is hijacking links, and inserting affiliate codes
davidgerard.co.uk/blockchain/2020/06/06/the-brave-web-browser-is-hijacking-links-and-inserting-affiliate-codes

Answer by brave @BrendanEich:
We made a mistake, we're correcting
nitter.snopyta.org/BrendanEich/status/1269313200127795201


#brave #affiliate #links

WebBundles Harmful to Content Blocking, Security Tools, and the Open Web (Standards Updates #2)

This is second in a series of blog posts describing new and proposed web standards and how they support or threaten web privacy.

In a Nutshell…

Google is proposing a new standard called WebBundles. This standard allows websites to “bundle” resources together, and will make it impossible for browsers to reason about sub-resources by URL. This threatens to change the Web from a hyperlinked collection of resources (that can be audited, selectively fetched, or even replaced), to opaque all-or-nothing “blobs” (like PDFs or SWFs). Organizations, users, researchers and regulators who believe in an open, user-serving, transparent Web should oppose this standard.

While we appreciate the problems the WebBundles and related proposals aim to solve,[1] we believe there are other, better ways of achieving the same ends without compromising the open, transparent, user-first nature of the Web. One potential alternative is to use signed commitments over independently-fetched subresources. These alternatives would fill a separate post, and some have already been shared with spec authors.

The Web Is Uniquely Open, and URLs Are Why

The Web is valuable because it’s user-centric, user-controllable, user-editable. Users, with only a small amount of expertise, can see what web-resources a page includes, and decide which, if any, their browser should load; and non-expert users can take advantage of this knowledge by installing extensions or privacy protecting tools.

The user-centric nature of the Web is very different from most application and information distribution systems. Most applications are compiled collections of code and resources which are difficult-to-impossible to distinguish and reason about. This difference is important, and is part of the reason there are many privacy-protecting tools for the Web, but very few for “binary” application systems.

At root, what makes the Web different, more open, more user-centric than other application systems, is the URL. Because URLs (generally) point to one thing[2], researchers and activists can measure, analyze and reason about those URLs in advance; other users can then use this information to make decisions about whether, and in what way, they’d like to load the thing the URL points to. More important, experts can load https://tracker.com/code.js, determine that it’s privacy-violating, and share that information with other users so that they know not to load that code in the future.

👀 👉🏼 https://brave.com/webbundles-harmful-to-content-blocking-security-tools-and-the-open-web/

#brave #webbundles #contentblocking #security #tools
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Brave browser adds support for IPFS

https://brave.com/ipfs-support

Over the past several months, the Brave team has been working with Protocol Labs on adding InterPlanetary File System (IPFS) support in Brave. This is the first deep integration of its kind and we’re very proud to outline how it works in this post.

IPFS is an exciting technology that can help content creators distribute content without high bandwidth costs, while taking advantage of data deduplication and data replication. There are performance advantages for loading content over IPFS by leveraging its geographically distributed swarm network. IPFS is important for blockchain and for self described data integrity. Previously viewed content can even be accessed offline with IPFS! The IPFS network gives access to content even if it has been censored by corporations and nation-states, such as for example, parts of Wikipedia.

#brave #browser #ipfs

Brave goes after Google with privacy-first search engine

https://www.xda-developers.com/brave-search-engine-privacy-first/

https://brave.com/brave-search/

#searchengine #brave

Brave disables Chromium FLoC features

https://github.com/brave/brave-core/pull/8468

#brave #browser #floc #chromium #chrome #google #DeleteGoogle
📡 @nogoolag 📡 @blackbox_archiv

Brave Browser - Spyware Level: High

Brave Browser is a Chromium fork with many interesting features not found elsewhere, such as built-in Adblock and other extensions, fingerprinting protection, a cleaner Preferences menu compared to other Chrome forks, and the (opt-in) ability to automatically support (pay) the websites you visit. The developers describe it as "A browser with your interests at heart."[1] with the built-in privacy protections.

‼️ Spyware Level: High
Brave is self updating software, uses Google as the default search engine, has built-in telemetry, and even has an opt-out rss-like news feed similar to Firefox Pocket. These shouldn't be the things that come to mind if someone were to imagine a privacy oriented browser.

‼️ Whitelisting spyware from Facebook and Twitter
On its website, Brave claims that "Brave fights malware and prevents tracking, keeping your information safe and secure. It’s our top priority."[6]. Yet despite this claim, Brave actually disables its tracking protections for Facebook and Twitter's scripts that allow them to track people across the web.[5] Brave has been actively downplaying the role that JavaScript plays when tracking someone.

"Loading a script from an edge-cache does not track a user without third-party cookies or equivalent browser-local storage, which Brave always blocks and always will block. In other words, sending requests and receiving responses without cookies or other means of identifying users does not necessarily create a tracking threat."[7]

This couldn't be more far from the truth. Just because a website isn't able to store cookies, doesn't mean it can't uniquely identify you. Using JavaScript from Facebook and Twitter would be more than enough to track you and blocking cookies alone isn't going to stop that. Just as a quick point of reference to what information JavaScript can scrape, you might want to visit this website.

They later on added an option to the extension to disable all of the JavaScript, but this new feature seems to be nothing more than the JavaScript switch found in vanilla Chromium. They recently added an option here to block some of the scripts from Facebook, Twitter, and LinkedIn after receiving pushback as a result of the controversy.

A quick note on the whitelisting trackers: This specific point on whitelisting trackers isn't making the case of Brave being spyware as much as it's making the case of Brave's privacy features being snake oil.

💡 https://spyware.neocities.org/articles/brave.html

#brave #browser #spyware #thinkabout #snakeoil
📡 @nogoolag 📡 @blackbox_archiv

Developers, it’s time for you to choose a side - Clean up the web!

Will you help rid the web of privacy-invading tracking or be complicit in it?

🚮 Remove third-party scripts from Google, Facebook, etc.
This includes Google Analytics (one of the most prevalent trackers in the world), YouTube videos, Facebook login widgets, etc.

These scripts enable people farmers like Google and Facebook to track people across the web as they go from site to site. If you embed them in your site, you’re complicit in enabling this tracking.

And yes, that absolutely includes fucking Google AMP.

https://cleanuptheweb.org/

👉🏼 Read as well: Nobody is flying to join Google’s FLoC - #Brave, #Vivaldi, #Edge, and #Mozilla are all out

https://www.theverge.com/2021/4/16/22387492/google-floc-ad-tech-privacy-browsers-brave-vivaldi-edge-mozilla-chrome-safari

#cleanuptheweb #floc #google #DeleteGoogle #facebook #DeleteFacebook #tracking #thinkabout
📡 @nogoolag 📡 @blackbox_archiv

#Brave web browser appears to install VPN Services without user consent

If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

https://www.ghacks.net/2023/10/18/brave-is-installing-vpn-services-without-user-consent/

Comments