Drag & drop functionality changes soon in Chromium-based browsers

Martin Brinkmann
Jun 6, 2020
Google Chrome, Microsoft Edge

Most Internet users know that they can drop files on the browser window to have them displayed by the browser or opened provided that the file type is supported.

If you drag a file, e.g. an image or video, on a Chromium browser window, e.g. of Google Chrome or Microsoft Edge, you will notice that it opens in that tab directly.

Any interaction that you had with the site in question, e.g. form data that you entered, are lost when the file is dropped. The file is displayed or the resource is loaded, but anything that was loaded prior to the action is lost.

Soon, this will no longer be the case as the drag & drop functionality is going to change soon in stable versions of the browser. Basically, what the change does is open the dragged file or resource in a new foreground tab.

chrome edge drag drop new tab

file opened in new tab

There are two exceptions to the rule:

  1. If the site accepts file uploads, e.g. via JavaScript, and you drag & drop files on the element on the webpage. One of the main cases of unwanted drag & drop operations happens on these sites as users need to hit the area that accepts the file(s). If they miss it, the file is going to get loaded instead and any data entered on the webpage is lost.
  2. If you want to override the default behavior and want the dragged content opened in the same tab, then you may drop it on the tab strip to do so.

The change is available in some preview versions already. A test in the latest Chrome Canary version confirmed that it is active already in the browser. When you drag files on the browser window you will notice that these will get opened in a new tab in the browser and not the active tab.

Microsoft Edge engineer Eric Lawrence landed the patch recently in Chromium 85.0.4163.0. The change will land in all Chromium-based web browsers unless developers change the functionality actively.

The issue has been discussed at length in 2015 when a bug was filed on the Chromium website but nothing came out of it until now.

Now You: What is your take on the changed drag & drop behavior? (via Bleeping Computer)

Drag & drop functionality changes soon in Chromium-based browsers
Article Name
Drag & drop functionality changes soon in Chromium-based browsers
The file drag & drop functionality of Chromium-based browsers such as Google Chrome or Microsoft Edge is changing soon; find out how and why it is beneficial.
Ghacks Technology News

Previous Post: «
Next Post: «


  1. earlgrey said on June 7, 2020 at 4:13 pm

    This is not an opinion but obnoxious promotion of Brave disguised once again as general comment and you know it. You’re no different than the other person who’s quite vocal in the comments around certain Windows topic but it doesn’t dump wall of text as you do. Sadly, more commenting users means more views for ghacks and Martin and that gives ad/tracking revenue so I don’t expect that both of you will be granted with permabans.

    Market share that Chromium/Blink managed to gain never was fair if you track development history, devs and all actions that in long term affected how this browser and engine become “popular”.

    1. Iron Heart said on June 7, 2020 at 8:39 pm


      Seems like you overheard my genuine message to all:

      “To all Brave haters and Iron Heart dislikers out there, I just wanted to post an opinion here, an opinion which included a reasoning for my choice of browser. Don’t like it – don’t read it. No big deal.”

      Again: Don’t like it – don’t read it. It could be that easy.

      And of course there are reasons for why I use Brave, reasons that I consider to be positive – otherwise it wouldn’t make much sense for me to use it. You may think that these reasons are bullshit – that’s your prerogative. But merely stating those reasons, which are only important to me in this very moment, is not exactly an “ad” in my book.

      > I don’t expect that both of you will be granted with permabans.

      Why exactly should I be banned? For not partaking in the “Firefox da best browsaaa” hive mind? Is that it? I am merely making my points, just like anyone else here does. Again, you are allowed to consider my points to be bullshit, that’s your prerogative, just like it is mine, no issue there.

      By the way, I have seen posts on gHacks where people having a different opinion from the poster in question were called “fascists”, and the poster in question is still allowed to post comments here regulary (you probably know whom I mean). Based on behavior like this being tolerated here, behavior which I do not support and which I would have banned if I were in Martin’s shoes, what reason could you possibly cite to ban my humble personage then? There are worse people than me out there, and also in this very comment section. Why I (in particular) suddenly deserve a ban is a mystery.

      > Market share that Chromium/Blink managed to gain never was fair if you track development history, devs and all actions that in long term affected how this browser and engine become “popular”.

      Do you really think a genuinely bad product could have become market leader, especially if the product itself and all of its competitors are offered for free (thus no price considerations involved)? Seriously?

  2. Anonymous said on June 7, 2020 at 5:53 am

    Took them how many years to figure this out? Corporate bureaucracies.

  3. Paul(us) said on June 6, 2020 at 9:02 pm

    I think its better this because I was always wondering or the merging from the old data with the new data was on any level was/is leading to unstable conditions?
    This could be an unstable tab, an unstabel browser, and even maybe leading to crashes?

  4. michael said on June 6, 2020 at 6:44 pm

    This example shows that collaboration is actually beneficial for everyone. Of course there are implications when it comes to Google’s influence on chromium, but these are political, and shouldn’t keep everyone away from collaborating. The best technical solution is a single engine.

    Blink will be the de-facto standard engine of the future.

    Even Apple will probably migrate to chromium/Blink at one point.

    The problem is that it is not economical to keep up different engines.

    So in a free market, the obvious solution is an open-source framework that is being used by everyone as a foundation, and everyone building on top of it to create their differentiated products.

    Just like everyone today is using some variation of linux in the back-end.

    Once Apple and Mozilla join, chromium will be organized as a framework independent of Google.

    People say multiple engines are more secure when it comes to security holes. But in reality, the more parties look at bugs in chromium, the more secure it becomes.

    Windows isn’t insecure because everyone is using it, but because it was built in an insecure way by design.

    So the question is to design chromium/Blink in a way as to prevent the most obvious attack vectors. As a result of Google’s manpower and focus on security, Chromium is already the most secure browser.

    And the biggest security holes are all found in Mozilla’s Gecko engine due to the lack of manpower.

    Webkit is problematic as well, because Apple doesn’t care that much about security, even though they always advertise it.

    1. Iron Heart said on June 7, 2020 at 12:46 am


      That’s what I am always saying. An open standard (Chromium) dominating the market is not a problem, as long as a single product (Chrome) is not dominating. Blink has taken over the market because it is objectively a top notch engine, it has very good performance, is quick to implement new standards, and has mature security features.

      Apple’s WebKit lacks behind in standard implementation, and Firefox still lacks security features like a real sandbox and site isolation. The developers behind those engines (Apple and Mozilla) really only have themselves to blame, less important side projects are clearly taking precedence over the inclusion of necessary improvements over there, or so it seems. None of the major engine developers lack the financial capability to make a great engine, yet only one dominates the scene…

      I think Chromium will become a “grandfather project” of many different browsers, akin to what Debian is for various Linux distros, and yes, that wouldn’t be the worst outcome from the perspective of a web developer who is tired to optimize his / her website for a gazillion different engines, each with its own quirks and shortcomings.

      You will find that Mozilla supporters on this website make a whole lot of fuss around the fact that Google is the biggest contributor to the Chromium codebase, and that Google devs are in charge of the repo – while completely ignoring that Blink is very much a collaborative effort akin to the Linux kernel, and ignoring that other Chromium browser developers (Opera, Microsoft, Vivaldi, brave) are maintaining their own patchsets and controlling their own repos just fine, while regularly contributing back patches, of which they think that other products might profit from them as well. One example? Brave maintains its own adblocker, Google doesn’t control that adblocker at all, it’s part of the specific Brave patchset. But if a Brave developer finds a bug related to e.g. font rendering, said developer might contribute the patch back to Chromium upstream, and all other Chromium-based browsers will profit from it.

      Since Google is dependent on outside contribution (contrary to popular belief, they do NOT stem Chromium alone), I think Chromium already has a certain independence from Google. Google can’t reasonably make it closed source, because if they did, someone big like Microsoft would take the last publicly available source code and move on from there, and all other Chromium-based browsers would join the effort. Google wouldn’t do such a thing, the current situation is much better: They make a market-dominating product (Chrome) based on an open standard (Chromium), while this open standard gets lots of outside contributions. Currently, they really have their cake and eat it, too. In order to change this, we need to give their competitors more power. The logical fallacy many people here fall prey to is that we somehow need a totally different engine for that. Why not (a fork of) Blink? Why does it have to be WebKit or Gecko, which are currently much inferior in certain aspects? As I said, Chromium is an open standard that will be hard for Google to abuse without losing all outside support, support which they currently heavily rely on. But even if they no longer rely on outside support and abuse their power at some point, one can still fork from the desirable state and move on… I don’t see the problem, and I don’t see the need for different engines fighting against a standard that is open already.

      Since it is my belief that other Chromium-based browsers lower Google’s power just like Firefox or Safari do, I have personally chosen Brave for my own private use. One of the my main reasons for choosing it (aside from it having sane privacy defaults, and being an ungoogled build) was that its new system of online advertising:

      – analyzing the browsing of the user offline
      – showing the user optional offline notifications
      – letting the user earn a share of the money in the process
      – while also giving the user the option to support content creators

      …is diametrically opposed to what Google does – collecting user data and analyzing it on some remote server, leaving the user in the cold financially. Google’s business model gives users an incentive to retaliate with adblockers, which in turn leaves those in the cold who are actually undeserving of the user’s wrath – the independent content creators. Independent content creators lose income when you block their ads, but at the same time the user has a fundamental right to privacy,

      Take gHacks as an example – Brave finds and blocks 7(!) trackers here (Seriously @Martin, why?). I do not believe that gHacks has a right to spy on me, in order to better its finances. However, I also realize that a website like this one needs a financial foundation in order to exist. Brave allows me to block the prying eyes while also giving me the option to donate to gHacks, both the user and the content creator profit from this arrangement.

      I feel that this – on a bigger scale – will lead to a better Internet, one where the user finally gets a share of the profit in exchange for his / her attention, and thus an incentive to allow privacy-friendly ads, totally doing away with the associated online tracking on remote servers in the process. The Brave browser has no incentive to enable remote spying either directly (Chrome data collection, bad privacy defaults) or indirectly, by having bad privacy defaults favorable to the one who sponsors you (*cough* Mozilla-Google business relationship *cough*). Brave having a totally different concept enables it to credibly do something about the bad privacy level online. I’ll stop here, because otherwise I will be again accused of “shilling for Brave” – I just hope this suffices as an explanation of my reasoning for using the browser, it furthers a vision of what the Internet should be like, finally giving a fair consideration to all involved parties (users, content creators, advertisers). All IMHO, of course.

      Coming back to my original points, I think the core idea must be:

      – to reduce Chrome’s market share independent of the engine or specific browser one ends up using
      – to attack the business model of Google, by giving browsers some preference which protect against spying by default (Why “by default”? – Because that’s how non-techies use their browser!)

      PS: To all Brave haters and Iron Heart dislikers out there, I just wanted to post an opinion here, an opinion which included a reasoning for my choice of browser. Don’t like it – don’t read it. No big deal.

      1. thebrowser said on June 8, 2020 at 3:15 pm

        @Iron Heart,

        In the past you’ve critized Mozilla for breaching user trust and taking advantage of them with projects like Pocket and installing addons without consent. It seems Brave was caught doing something similar (i.e., breaching user trust) by including built-in referral links that were not asked for.

        What are your thoughts on the topic, and will this affect your decision to continue to use and/or recommend Brave in the future? This is not an attack to you nor to Brave, I’m just curious about your thoughts.


      2. Iron Heart said on June 9, 2020 at 12:11 am


        No problem, happy to answer.

        As a first step, we should analyze what happened here: As you may know, Brave is using Chrome’s user agent, it is identifying itself as Google Chrome whenever websites check which browser you use. Brave does that in order to avoid compatibility issues that are artificially introduced by websites (some websites refuse to work if they detect a non-mainstream browser, even if they would work perfectly fine the moment one fakes a mainstream browser user agent), and to protect their users’ privacy a tad bit more by reducing their visibility – it is generally better to hide in the huge number of Chrome users than to stick out as a Brave user, from a privacy perspective.

        Brave is partnered with various other companies, one of which is Binance. Brave shows you images from their partners as New Tab background pages, you’ll also find a partner logo in the bottom left corner, showing you which company has contributed the image. Binance did contribute such an image, and when users clicked on the Binance logo (which was clearly marked as an ad!), they were forwarded to the Binance website using the referal link in question. Of course you could also have accessed the Binance website using other ways, but clicking on that ad was presumably how most Brave users went there, as it was placed so prominently in the browser.

        The referal link was used to make it obvious to Binance that you are using Brave, if Brave had not used that referal link, it would have identified as Chrome, as usual. It was the same hard-coded referal link for any and all Brave users, i.e. it was impossible for Binance to single out a specific Brave user, the referal link’s only purpose was to make it clear that you were using Brave in the first plac. Binance was running a massive marketing campaign for their service, and they were paying Brave Software money in order to have their logo prominently placed on the New Tab page. Of course, since a lot of money was involved, Binance wanted to know how effective their campaign was, or in other words: Whether or not their money was well spent. In order to know how effective the campaign in Brave was, it became necessary to distinguish between Brave users visiting binance.com and the giant number of Chrome users visiting the website – this was the reason why Brave Software crafted the referal link.

        Now of course, a huge number of people immediately arrived with their virtual pitchforks, claiming that Brave did manipulate links. Needless to say, Brave does not generally manipulate links, they “only” manipulated that Binance link, in order to show Binance how effective their campaign was within the browser (as mentioned above), in return for their money. Could they have used another method to distinguish Brave users from the fairly high number of Chrome users? Sure, they could just have changed the user agent string for binance.com from the ordinary Chrome one to a Brave-specific one, that’s what I would have done if I had been in their shoes, by the way…

        But in the end, whether you change the user agent or use a referal link makes no difference, the only goal was to distinguish Brave users from the high number of Chrome users that frequent the website anyway. However, them using a referal link, instead of just using a different user agent, made people attack them for “link manipulation”, even though said “manipulation” only served the purpose of revealing Brave users as such and was never a privacy threat, since all Brave users used the very same referal link, as I’ve already mentioned.

        So in summary:

        – The effect here was no different from using another user agent for binance.com.
        – It was impossible for Binance to single out a specific Brave user, since all Brave users were using the same referal link, it was thus never a privacy threat.

        Could they have done the same thing differently, or in a better way?

        – Yes, by using a non-Chrome user agent string for binance.com. That being said, the effect for the user would have been no different from the referal link, but they could have avoided the “link manipulation” accusation, even though that “link manipulation” caused no harm, as no single user could have been identified. However, “link manipulation” in and by itself, even though it caused no harm to privacy here, is considered “bad conduct” – which is why they really should have opted for the user agent route.

        Could it have been worse?

        – Yes, for sure. They could have given each Brave installation its very own randomly generated referal link, thereby making specific Brave users identifiable. This would have been a threat to privacy indeed, but they didn’t do that. Instead, all Brave users used the same referal link.

        Now, as for your question whether or not that causes a trust issue for me… In short, I can say that it only created a minor irritation here. Reason being, the Binance logo was clearly marked as an ad, if you click on ads, I think you somewhat have to have referal links on your radar. The referal link was also not a privacy threat, thanks to all brave users using the same link, as explained above. I think the “cleaner” way would have been for them to go down the user agent string route, even though the end result for the user would have remained the very same. It just would have been a bit “milder” as far as the method used is concerned – no link manipulation would have taken place, and that accusation wouldn’t have come up.

        I think they did the right thing by apologizing for their method, and by stopping the usage of the referal link. On the other hand, the pitchfork crowd should really analyze whether or not any kind of private data of the user was at stake here at any point in time, and the answer would have to be a clear and resounding: “Nope.” That’s also why I am not too fond of headlines like the one of the article you posted, that’s just a journalist smelling blood. As I said, I do not defend the method used here, and would have done it differently, but it really caused no harm to any Brave user, whatsoever.

        For me to drop Brave, something worse would have to happen, i.e. they would have to compromise private data of their users in some fashion, which they didn’t do so far, as far as I can tell. However, it would also be understandable for you to distrust them now, and I think it’s safe to say that something like this wouldn’t have happened in e.g. Ungoogled Chromium. That’s my opinion.

        PS: I also don’t understand why the Firefox crowd is trying to take advantage of this, to be honest. No private data was ever compromised during this incident, I could list some Mozilla “mistakes” here where private data was actually compromised in that it was outright stolen, sent back to the mothership (Cliqz), but that somehow never got the same kind of attention or media coverage, even though the breach of trust was more severe there. But anyway, the new kid on the block always has a harder time, I guess.

      3. Pants said on June 9, 2020 at 1:14 pm

        > As a first step, we should analyze what happened here

        And away we go
        – It has nothing to do with user agents or alternative methods of identifying Brave. There’s nothing wrong with them using an actual affiliate code which is more robust and standard – no-one is claiming the method is invalid
        – It has nothing to do with the sponsored new tab binance widget – no-one claimed that
        – It has nothing to do with manipulating “links” – no-one claimed that
        – It has nothing to with PII or private data or uniquely identifying anyone – no-one claimed that
        – It has nothing to do with “potentially” being worse – no-one claimed that (btw, anything can be worse)
        – It wasn’t just binance

        The **only** thing pointed out was that they weren’t transparent about adding referals to the **typed** domains (and suggestions) – that’s very different to “links” and crossed a red line for many people as a secondary issue. That’s the issue(s) users and others are complaining about, not any of the red herring points **you** keep bringing up

        Whether anyone is “upset” and to what level is up to them: and that’s fine. And finally, after absolutely mountains of useless irrelevant commentary you finally answered the question if it is a trust issue for you: it’s not, and that’s fine

        What I take issue with, is not Brave, but your answers/logic and shitkicking/blame-shifting/aboutwhatism whatever, especially when instead of just looking at an issue constructively (and actually understanding it), you feel the need to **always** compare to something else as if that makes it less of an issue/topic: and most times that comparison is conflated and a complete red herring

      4. Iron Heart said on June 9, 2020 at 2:44 pm


        The vast majority of Brave users accessed Binance over the ad placed on the New Tab Page. Disregarding that fact, I don’t know why it’s supposedly worse to add a referal to a typed URL vs. using a referal link attached to an ad on the new tab page. Makes no difference to the user accessing the website in the end.

        And as I said, the referal just served the purpose of identifying Brave users as such, so that they do not appear as Chrome users (which is the default way Brave identifies itself). Seeing how that was the only purpose of the referal, I wonder what exactly you are on about when you mention…

        > red line

        What “red line”, exactly? There was no bad consequence for the end user, at all! Your anger is solely focused on them not being *transparent enough* about it, whether or not an actual bad consequence for the user emerged here seems to be totally unimportant to you. As for myself, as long as specific Brave users aren’t being compromised in some way, I do consider it a non-issue, or more specifically, a non-issue you just happen to deliberately blow out of proportion. Look at your whole “no-one claimed that etc. blah blah” paragraph and perhaps you will find that you are essentially talking about a non-issue here.

        Brave did nothing here, except showing Binance how successful their paid campaign was, by differentiating Brave users from the huge Chrome user crowd, whenever someone accessed Binance with Brave. Big deal, Pants, and surely a valid reason for you to waste my time again (not).
        I know that you absolutely hate it when I bring up other browsers for comparison’s sake and I know that you will wisely avoid talking about their shortcomings, as always, but Firefox identifies itself as “Firefox” as well when you google something with it, does “&client=firefox-b-d” ring any bells with you? What Brave did here was approximately of the same “severity” – Brave identified itself as Brave, instead of identifying itself as Chrome, to a website. I am shocked, I tell you.

        Something like this is such a non-issue that even somebody as critical as I am regarding Mozilla never brought this up as a negative. Surprising, right? Because I can differentiate between an actual issue, and a non-issue being blown out of proportion for the sake of bashing. Berating a browser for identifying itself as, well.. itself… is just plain asinine, I hope you realize that. And what were they supposed to announce, according to you? – “Hey Brave users, we identify ourselves as Brave now whenever you visit Binance!” – Nobody cares about stuff like that, the current situation went out of hand when stupid people thought Brave was tracking them somehow by altering the links despite it not doing so – and of course they brought their moaning before Eich and the rest of the team, not caring whether or not their privacy having been intact at all times, much like you do here.

        > looking at an issue constructively

        I did look at it constructively, and I have identified the severity of issue correctly, by calling it “bad conduct”. I am just not deliberately blowing it out of proportion, like you do.

        > (and actually understanding it)

        [Editor: removed the unsubstantiated claim]

        > you feel the need to **always** compare to something else

        Of course I do, especially when other browsers do the exact same thing in effect, yet nobody talks about it (Hint to you: Nobody talks about it because everyone knows it is a non-issue, and always was one.). That’s also not me bashing other browsers, that is me identifying a common practice of the industry.

        > it’s not, and that’s fine

        While there are better methods than using a referal, it is not an issue for me as long as user data is not being compromised, I told you that many times already, despite your refusal to remember it. As a consequence, this falls under “non-issue”.

        On a more general note: I wonder when you will stop blowing perceived “mistakes” of Brave out of proportion, in order to bash it (come on now, it’s obvious enough – as is your dislike for me). I mean, what is your goal? You should either bring up an actual privacy issue of Brave or leave it be, bashing Brave by overblowing non-issues is hurtful to the reputation you seem to enjoy among Firefox users (I have my own thoughts about that, but that’s another matter entirely). You are only cutting yourself in your own flesh that way, and as a side effect, you also happen to waste my time. So, what is your goal? It cannot be bringing up real issues of Brave, because you have never done that so far.

        We have thoroughly discussed the issue at hand by now, is there any more reason to talk? Until you find an actual, i.e. PII-leaking, issue of Brave, I suggest you return to that super-important user.js of yours, seems like it needs you attention again after Firefox 77 has dropped..

      5. Pants said on June 9, 2020 at 6:06 pm

        > user.js
        You mean this one, https://github.com/ghacksuserjs/ghacks-user.js , right? The one that you used as a resource and referred users to and linked to in ghacks.net comments until recently when you got upset with me, and Martin had to warn you and block some of your posts? Got it. Thanks for mentioning it, and thanks for your non-impartial objectivity

        > What “red line”, exactly

        Ask all the people who got upset, and why Eich apologized, and why numerous articles have been written. I don’t have any issues with Brave because I’m not interested in Brave, or in bashing other browsers: that’s something **you** do. When I mention Brave and use your same arguments, it’s to show up your hypocrisy, bias and illogical thought processes: because you just can’t help yourself, can you? OMG .. please take note that that’s a rhetorical question.

        Or, you know, just read what I said: the issue is TYPED DOMAINS (and suggestions: as distinct from links, as Eich even said: and if you can’t understand that, then you’re either not qualified or deliberately refusing to acknowledge this point of difference and why it matters) and TRUST/TRANSPARENCY – nothing else

        > I don’t know why it’s supposedly worse to add a referal to a typed URL vs. using a referal link attached to an ad on the new tab page

        Then you clearly do not understand (or refuse to acknowledge) one of the issues here. See the previous stanza.

        > [no-one claimed bullet points] you will find that you are essentially talking about a non-issue here

        That’s exactly my point, genius – that all those things **you** brought up are a non-issue: they’re not even relevant. So thanks for agreeing with me yet again (not sure why you keep writing novels about them though)

        But that still leaves the real issue(s) that clearly exist and had users upset and Eich had to apologize etc. How “big” of an issue those are is entirely debatable and personal opinion. Your opinion is no big deal, others are screaming blue murder. But no is claiming like you that it’s a non-issue.

        > [huge swathes of commentary]
        Thanks for just proving my points, yet again. Still rampaging on about things that no-one except **you** brought up, that are totally irrelevant, using the usual red herring and fallacy tricks, and now resorting to personal attacks (when you do this, it just shows you have run out of arguments: whatever the heck it is you’re actually trying to argue against)

      6. Iron Heart said on June 9, 2020 at 7:12 pm


        > The one that you used as a resource and referred users to and linked to in ghacks.net comments until recently when you got upset with me,

        It containing useful hints how Firefox users can improve their privacy and it being a fairly broken mess at the same time is not mutually exclusive.

        That being said, I made a mistake in pointing to a user.js that is maintained by someone who fails to acknowledge Mozilla’s own privacy fuckups. I guess it is necessary for someone maintaining a list like that not to look at the browser vendor with rose-colored glasses, and not to fall into fanboyism. Because I no longer get the impression that you can look at Mozilla’s own privacy issues objectively, I am no longer pointing to your user.js as a consequence, since I can no longer credibly vouch for its completeness and for a correct and unbiased evaluation of the particular privacy threats.

        That you insist on trolling me and frequently lie about me certainly didn’t help, but was not the motivating factor for me here.

        > and Martin had to warn you and block some of your posts?

        I wonder when you will drop that obvious lie for good, I have never received a textual warning from Martin in this comment section. If such a warning did exist, I am sure you would already have pointed to it with glee. Please show it to me, if it exists, since it should be somewhere in the comment section. I am waiting…

        > Ask all the people who got upset

        They got initially upset because they were under the false impression that Brave would track them, which it didn’t do, since all users did in fact use the same referal link, making an identification of specific Brave users based on the referal link impossible.

        > and why Eich apologized … Eich had to apologize

        What is he supposed to do in front of the mob? I wouldn’t have apologized if I had been in his shoes, since no PII was leaked. The method used was bad conduct, that was all, that he apologized at all for something as tiny weeny as that is, if anything, a positive notion.

        > and why numerous articles have been written.

        …which were well-researched as always, with the actual technical background being understood by the journalist. Oh wait… In most cases, they weren’t. Proves nothing, strawman argument.

        > hypocrisy, bias and illogical thought processes … totally irrelevant, using the usual red herring and fallacy tricks

        Always the same word snippets coming from you, if I had the time, I would perhaps commit them to memory. After two weeks time, I could probably write “Pants posts” myself, and nobody would be able to tell the difference. That’s how often you repeat them, but the assertions don’t get any more true by repeating them.

        > Or, you know, just read what I said: the issue is TYPED DOMAINS

        1. Most users accessed Binance via the New Tab Page, and the issue “happened” there as well.

        2. It makes no difference is referal is attached to a typed domain or is preexisting behind a widget, the result for the user is the same.

        > not qualified … you clearly do not understand

        [Editor: removed the unsubstantiated claim]

        > TRUST/TRANSPARENCY – nothing else

        More blah blah… No bad consequence (as in: PII being leaked) materialized for the user here. I am talking about results, you are talking about virtue signaling. That’s the difference between us.

        > But that still leaves the real issue(s) that clearly exist and had users

        There were no “real issues”, users at first falsely assumed that Brave facilitated tracking them, which it didn’t do, a fact that even you did admit to. Eich had to placate the mob and has apologized for bad conduct, while at the same time emphasizing that it was never a privacy threat. Basically the same thing I am doing here, I freely admitted that it was bad conduct, because it was, while correctly asserting that it was not a privacy threat. But this is not enough for you, is it? You go on and on and moan about a perceived lack of “transparency”, as if that is a big deal when no user data was ever at stake.

        “Transparency” is very important when dealing with sensible data or PII, whining about transparency here, where no user data was ever at stake, let alone leaked, is just you clinging to the immaterial transparency strawman, because no actual bad consequence for users materialized, as you had hoped. Must be disappointing.

        And I know that you will call this “whataboutism blah blah”, but Mozilla is not exactly a champion of transparency, and you are heavily supporting them. That makes you a hypocrite. Just saying.

        > they’re not even relevant.

        The issue itself lacked relevance, which is why you cling to a perceived lack of “transparency” and similar virtue signaling, it’s the only hair you could possibly find in the soup.

        > So thanks for agreeing with me yet again

        I know your little game by now:

        Pants: Blah blah…

        Iron Heart: No, I disagree, this is total BS!

        Pants: Thanks for agreeing with me here.

        It never gets old, does it? Apparently, I don’t even have the option to disagree with you to begin with, even if I disagree with you vehemently and constantly. Nice rhetoric trick you tried to pull right there, sadly it didn’t work.

        > real issue(s) that clearly exist

        Which issues would that be? I mean, apart from a lack of virtue signaling?

        > red herring

        Me: No user data was ever leaked, it was never a privacy issue. Therefore a total non-issue.
        You: But, but… Lack of transparency!

        Who is actually using the “red herrings” here, I wonder? Again: I talk about results, you talk about (a lack of) virtue signaling.

        > and now resorting to personal attacks

        [Editor: removed the unsubstantiated claim]

        > whatever the heck it is you’re actually trying to argue against

        I wonder what YOU are trying to argue against, since it was never a privacy issue, the only issue you seem to have with it is a lack of “transparency”, i.e. a lack of virtue signaling. That’s why I always asked what kind of bad consequence materialized for Brave users here, and you continuously ignore that question and talk about “transparency” and similar feed-goods. Again: Results vs. virtual signaling, that’s the difference between us.

        In addition, I think you are deliberately overblowing the issue in order to bash Brave and stick it to the man (me in this case). And while I see through this, I do not intend to let you get away with smearing that project using a lousy strategy like this (overblowing non-issues), nor will I let you get away with a lack of virtue signaling being the only argument you can possibly bring forward… I want to hear something of substance now, therefore I ask again: What kind of bad consequence really arose for Brave users here? – Was any kind of PII leaked? Did Brave facilitate the tracking of their users?

        If you are unable to answer this question, I am done here.

      7. Martin Brinkmann said on June 9, 2020 at 8:05 pm

        Here it comes then.

        I’m no fan of censoring comments, deleting them or editing them but there is a line in the sand that should not be crossed.

        I’m pretty sure that most visitors of this site simply skip your comments by now because they are very hard to read and very repetitive.

        Some of your comments are really good and knowledgeable, usually those that answer questions of users but also others.

        Often though, you seem very stuck on a certain position and defend it as if your life depended on it. At other times, your comments seem to have the sole purpose of sticking it to Mozilla/Firefox.

        Some of Mozilla’s actions are without doubt worthy of criticism, and I don’t mind if that is brought up in a news post about an action that falls into that category.

        What I don’t want, and I’m pretty sure that I speak for the majority of visitors, is that every article about Firefox is getting snarky remarks, then walls of texts if someone replies to you dissecting each sentence.

        Also, and that has gotten better but not completely stopped, I don’t want attacks against other users, regardless of how they look like. And yes, changing a user name or company name, falls into that category.

        So, please, try to helpful here and you are more than welcome. I’m pretty sure that Pants will stop what she is doing right now if you manage to do that.

        Thank you, let’s see how this goes and improve the comment section of this site together.

      8. Iron Heart said on June 9, 2020 at 9:43 pm

        @Martin Brinkmann

        Well, first off, thank you for replying to me in the open, instead of just being a somewhat hard to grasp moderator behind the scenes. I appreciate that, as I have requested exactly that in the past.

        I will try to post more matter of factly and will also try to leave assertions that could be understood as personal attacks out of my comments. And to be honest, for quite some time now, I tried to move more to a type of comment where I answer other‘s questions, and post my own opinions a bit less / move them into the background, even though this is painful at times, when I witness abuses of trust that are pretty hard to ignore and should be pointed out to those who seem to be unaware of them. I will also try to make my comments more concise by shortening them, even though I personally prefer to get detailed replies and would also prefer my own replies to be detailed, but for sure I see potential to shorten them.

        What I do not appreciate, though, is that your comment here was very one-sided, in that you feel that you should criticize me and perhaps rightly so, but totally fail to address the many abuses I myself have suffered. I don‘t want to whine about anything really, or bash any specific person, but do you really consider it acceptable when my special friend @Pants can hurl insults at me, even to the point of insinuating that I am supposedly mentally ill(!), without you intervening? And mind you, I repeatedly requested an intervention from you back then, specifically to avoid(!) getting into a personal argument with Pants, but you repeatedly ignored any such requests, and didn‘t even publish the comments that could have made these requests obvious to others.

        That, Martin, left a very sour taste in my mouth, and made me doubt the moderation being really impartial, specifically because posts of mine got blocked despite having been much more harmless in nature, while Pants seems to be allowed to violate the gHacks content rules repeatedly and with impunity. Based on that, forgive me when I cannot really take you serious when you assert:

        > I’m no fan of censoring comments, deleting them or editing them but there is a line in the sand that should not be crossed.

        Where exactly was that line when it comes to others, does it only exist for me (serious question I would like to get an answer to)? Because that is the impression I get when you publish unaltered comments of Pants laden with personal attacks and misrepresentations, then proceed to totally ignore my initial request for your intervention (which I invoked because I specifically wanted to avoid „walls of text“, mind you), and then scold me for replying something, repetitive or not. This is not minted specifically for Pants, but also all others: Rules have to apply to everyone, otherwise they are not really rules.

        I feel that you were in the wrong there, possibly favoring Pants because she is a long-standing commenter here. These are the impressions I got, impressions of a lack of impartiality at times (not always). Correct me if I am wrong.

        So yes, I am willing to work on my comments, provided that you will become more impartial, and don‘t let others troll me with painfully obvious impunity. Because that, and nothing else, is what is always forcing my hand. An impartial moderation doing its job for all involved parties could have stopped all of that in its tracks, or so I believe.

        Again, I am willing to contribute my part to a better / higher quality comment section, provided the moderation also does its job properly in the future. That is my only condition, which should in theory be self-explanatory. If the future situation will be Pants trolling and insulting me just like before, and you ignoring it, but at the same time expecting me not to reply, then I don‘t see a reason to change my behavior other than you maybe using brute force against me (you are the moderator, you can enforce anything, I am just asking you to be fair and impartial when you do so). I totally accept brute force moderators, just like accept totally backgrund ones, as long as no favoritism is going on.

        In summary, I will of course honor your requests, if the moderation restores full impartiality. This last comment of you, Martin, was sadly not a good start, despite you obviously having had good intentions, since you were once again scolding me for things that you may very well have the right to scold me for, but at the same time totally ignored the behavior of others, which was equally bad or sometimes worse. If this improves in the future, count me in. If not, do not expect me to just let these transgressions stand without reacting to them with the appropriate reply.

        That is all, once again, thanks for discussing these things openly.

      9. Martin Brinkmann said on June 10, 2020 at 7:08 am

        Good. Let’s see how it goes.

      10. thebrowser said on June 9, 2020 at 11:20 pm

        Thank you for your responses to my question.

        I fully agree with Martin, there’s no need to continue this visceral discussions. In my opinion unmoderated comments lead to uncivilized discussions, eventually; I don’t give a schnitzel what people want to call it.

      11. Iron Heart said on June 10, 2020 at 6:45 am


        No problem, hope it was helpful. Believe me when I say that I am sick and tired of these endless debates just like anyone else, yet my hand is always being forced. I just hope that the moderation takes care of it in a fair manner in the future.

      12. Pants said on June 8, 2020 at 8:54 pm


        You can read his comments here (it starts about 4 comments down): https://www.ghacks.net/2020/06/05/firefox-78-close-multiple-tabs-options-moved-to-submenu/#comments

        I’ll summarize for you (he tends to write massive screeds)
        – He said it only happened on binance and pointed to the widget: he doesn’t even know his own product
        – He said it’s all fixed. Therefore nothing to discuss, obviously: he doesn’t understand the problem (of trust and transparency)
        – He doesn’t understand the difference between search referals vs altering typed domains: even though his boss does
        – He looks to scapegoat and blame others, and brings up unrelated discussions about Firefox
        – He starts defending against accusations that were never made
        – get a load of this one: “Eich is still heavily under pressure from people” .. so cut him some slack, stop being a meanie, you just don’t understand

        tl;dr: He “won’t criticize them [Brave] for non-issues” and this is a non-issue: he’s made that very clear. He’s incapable of being unbiased, and everything (always) must be compared to Firefox in some way to find an aboutwhatism and deflect the actual question or problem. He will continue to obey and salivate under his Brave overlords with maximum hypocrisy

      13. Iron Heart said on June 9, 2020 at 8:54 am


        Pants’ post here is a gross misrepresentation of my argument. I suggest you the actual discussion between Pants and myself which Pants has linked to, and make up your own mind without a “Pants filter” applied.

        Apart from that, I have explained the issue in a matter of fact manner and without hyperbole in my comment below, in case you are interested.

      14. michael said on June 8, 2020 at 6:18 pm


        Not Iron Heart, but personally I use Brave, Chromium and sometimes Firefox. Probably Edge es well once it runs on linux.

        For me this incidence, as well as things like including a Binance Widget and other useless stuff like video calling instead of working on the core product is a sign of desparation on Brave’s part and shows they lack money.

        This means that Brave will continue to do shady stuff, at least as long as they lack enough revenue. I still use it as my primary browser due to the superior features but I closely monitor the situation and will probably switch if they continue to violate trust.

      15. Iron Heart said on June 9, 2020 at 12:26 am


        I don’t think that they are in financial trouble, to be honest. Brave is growing at a good rate in terms of user numbers, and the number of their advertisement partnerships seems to grow as well. However, in times of COVID-19, many companies are facing economic hardships, so I wouldn’t totally rule out financial troubles. However, just from what I am seeing as a non-employee, big financial troubles seem to be rather unlikely (although some kind of mismanagement in general is always a possibility, of course).

        And as for “shady stuff”, I beg to differ. Please read my reply to @thebrowser, no harm to privacy was involved here, and the referal link itself had the same effect as a different user agent string would have had – it just served to identify Brave users as a whole (not individually, as all Brave users used the same referal link), in order to show Binance how effective their campaign was. They could have used a milder method (user agent change), granted, but in order to qualify for “shady”, I think some kind of user data needs to be at risk at least, or privacy harmed in another way, which was not the case here. That being said, keeping an eye open for questionable incidents is never wrong(!) and I support everyone who does exactly that.

  5. Yuliya said on June 6, 2020 at 2:31 pm

    Good change :)

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.