Brave improves bounce tracking protection with new Debouncing feature

Martin Brinkmann
Oct 15, 2021
Brave
|
21

The Nightly version of the Brave desktop browser supports a new privacy feature that Brave calls Debouncing.

Debouncing is designed to disarm a tracking method called Bounce Tracking, or Redirect Tracking. Bounce tracking refers to methods of tracking Internet users through the use of intermediary domains that get loaded when users click on links. It relies on tracking domains that get injected between a website and the destination of a link.

Site A and Site B may link to Destination Y and Destination Z. These sites act independently from each other. Add bounce tracking, and the opening of Destination Y and Destination Z takes a detour by loading Bounce Q first, before redirecting the user to the destination site.

With Q involved in the process, operators of the bounce tracker can identify the user and create a tracking profile. Clearly, the bigger the operator, the better the tracking.

ADVERTISEMENT

Internet users may sometimes notice that links that they clicked on get redirected through other sites before the actual destination is opened.

Debouncing in Brave Browser

brave browser bounce tracking debouncing

Brave Browser protects users against bounce tracking with its new Debouncing feature. Brave maintains a list of known bounce tracking URLs, which it sources from various places, including extensions such as Clear URLs, URL Tracking Stripper, and Link Clearer. The list is available on GitHub; it includes widely used bounce trackers such as linksynergy, out.reddit.com, instagram, facebook.com/1.php, youtube.com/redirect, and others.

The browser blocks access to tracking sites found on its block list and loads the destination immediately. Brave Browser applies the list to all links that users encounter while using the web browser.

The feature is integrated and enabled in the Nightly version of Brave on the desktop already. The company plans to push it to the desktop release channel "shortly", according to the announcement.

Closing Words

Brave's Debouncing feature improves the privacy of users of the desktop version. The next stable release version of Brave for the desktop includes the protective feature, which is enabled automatically in the browser.

The company is not the only browser maker with support for such a feature. Mozilla integrated Redirect Tracking protection in Firefox 79 Stable, which it released in mid-2020.

Now You: how do you deal with tracking on the Internet?

Summary
Brave improves bounce tracking protection with new Debouncing feature
Article Name
Brave improves bounce tracking protection with new Debouncing feature
Description
Brave Browser supports a new anti-tracking feature called Debouncing, which protects users against bounce tracking, also known as redirect tracking.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Klaas Vaak said on October 15, 2021 at 10:22 am
    Reply

    A couple of observations from a layperson:

    1. Would this feature be necessary if anti-tracking measures were fully implemented?

    2. So far, Brave seems to rule the roost in terms of privacy and security. It is a Chrome fork. The Firefox fork equivalent of Brave may be Librewolf.

    While an avid Brave user, I recently discovered Lw and decided to give it a try, despite having dropped Firefox many years ago over its incessant re-imposition of telemetry. I was pleasantly surprised in that I found, after getting to know the app a bit better through understanding and tuning some of its settings, to give a smoother experience than Brave. Perhaps this is a subjective remark, but that is how I experience Lw.

    1. Iron Heart said on October 15, 2021 at 5:33 pm
      Reply

      @Klaas Vaak

      LibreWolf is better than FF at least in that it gets rid of Mozilla’s shenanigans and comes preconfigured by default. It doesn’t suffer from the issue of * [Editor: removed] trying to do their own setup, fingerprinting themselves in the process, like Firefox does.

      Privacy aside, though, playing around with about:config settings does not fix deep architectural security issues of Firefox:

      https://madaidans-insecurities.github.io/firefox-chromium.html

      Further, Firefox is behind Chromium in terms of web compatibility, as hardly anyone can be bothered anymore to test for it due to Firefox’s minuscule market share.

      Brave is the best compromise between performance, privacy, security, and web compatibility. It has no real competition because every other browser falls short in at least one of these areas.

      1. Klaas Vaak said on October 16, 2021 at 8:27 am
        Reply

        @Iron Heart: thanks for your comment. Yes, privacy is important, but security is even more important because if you catch a particularly malignant piece of malware that compromises your browser or even your computer then good privacy will not fix it.

        The link you provided is useful, even if I do understand all the technical details, I do get the overall message.

      2. walker said on October 16, 2021 at 12:27 pm
        Reply

        @IH
        >It doesn’t suffer from the issue of * [Editor: removed in original comment as well, word is not appropriate] trying to do their own setup
        people (you too) probably do not know the meaning of that word, I find it very, very offensive. please make an effort once and for all to use a polite and *professional* tone without the need to offend to keep your point of view!

  2. Anonymous said on October 15, 2021 at 1:40 pm
    Reply

    The Firefox solution is not a real solution, it does not even eliminate the redirections, it only attempts to remove some (not all, not the most obvious one) of the tracking identifiers, based on Mozilla’s very limited definition of tracking, and the mechanism involves keeping track locally of lots of visited sites to know if the user “gave permission” to be tracked for some on them.

    One may think that at least it could work more generally than the Brave one by not needing a manually maintained site blacklist but it’s not even the case, it uses the (very lacunary and probably not even having a dedicated bouncers section used for that purpose) Disconnect list like for its other very lacunary built-in fake anti-tracking.

    The Brave mechanism is what Mozilla should have done if Mozilla was sincerely interested in fighting bounce tracking. Much simpler to implement and much more efficient. But less forgiving to trackers.

    But no amount of built-in anti-tracking in Brave will be enough to compensate that it’s just another filthy corporate spyware playing dirty against the users for the ad industry, like Firefox. Use ethical forks of Firefox instead.

    Semi-ethical forks like Waterfox can be recognized in that they only remove malicious features from the upstream and do not add any of their own that were not already here before, but keep some of them for bad reasons, like for example search deals, and consequently not having an adblocker built-in in order to be allowed to keep that search deal. Semi ethical forks are considerably more trustworthy than full-on malware like Brave, Firefox and the other big ones. They will not invent their own new ways to backstab you on a regular basis unlike those, in fact never.

    Fully ethical forks of Firefox like LibreWolf are only designed with user interests in mind, keeping sometimes problematic features only for external reasons (not being able to write a full new browser from scratch, not having the market share of the big browsers to be able not to implement bad standards that if not implemented will break too many sites, …).

    You will recognize such ethical and semi-ethical forks by them not being mentioned (Mozilla prefers to advertise for Brave than for LibreWolf for example !), and slandered when they are mentioned, when they are not censored, in surveillance capitalism collaborationist “communities”, sites, organizations, companies that pretend to fight tracking. That’s a good way to spot such collaborationists in fact.

    1. ULBoom said on October 15, 2021 at 5:01 pm
      Reply

      Look in about:config and see what remains after Waterfox (owned by an adware/data broker company) “ethicalizes” it.

      Not familiar with LibreWolf but if arkenfox is involved, it’s probably excellent. I’ll take a look.

      OOB, Firefox is awful but it can be modded to a high degree of privacy (see arkenfox) in about:config. Chromia cannot be, Brave uses some exterior methods for their changes.

      1. Iron Heart said on October 15, 2021 at 5:26 pm
        Reply

        @ULBoom

        > Not familiar with LibreWolf but if arkenfox is involved, it’s probably excellent. I’ll take a look.

        You probably meant “If Tor’s default config is involved”, because that is where arkenfox was (and still is) inspired from.

        > OOB, Firefox is awful but it can be modded to a high degree of privacy (see arkenfox) in about:config.

        Sounds like a fingerprinting festival. People still do not realize that the browser has to be preconfigured to fight fingerprinting by default. If it is not, you don’t have a real shot at crowd building. Doing your own setup from a settings list is not achieving what you think it does.

        > Chromia cannot be, Brave uses some exterior methods for their changes.

        ???

        Chromium can be modified to be privacy-respecting, look into Ungoogled Chromium, Bromite, Brave etc. There is also nothing “exterior” about it, Brave is a direct fork of Chromium and patches the codebase directly.

      2. Anonymous said on October 15, 2021 at 8:18 pm
        Reply

        > People still do not realize that the browser has to be preconfigured to fight fingerprinting by default

        BULLSHIT yet again. Fooling naive scripts does not require a crowd or preconfiguring

      3. Iron Heart said on October 15, 2021 at 10:10 pm
        Reply

        @Anonymous

        Dude, my privacy isn’t resting on a user.js file whose settings are 1:1 copies of Tor. I don’t have to defend such crap here.

    2. Bill F said on October 15, 2021 at 8:41 pm
      Reply

      @Anonymous

      Imagine talking so much BS in so many paragraphs because you are butthurt that companies and people want to make money, just like you do… or does your money grow from trees?
      What’s wrong with search deals? you can easily change your search engine and remove the ‘deal’ if you wanted to… but nah, you just want to complain about it.
      Same as Brave ad business… first, it is OPT-IN do you even know what that means? it means if you ignore and hide stuff about it, you will not even remember it exist, I mean… at least on desktop you are not even reminded to join it like happened sometimes on android.
      If nobody uses BAT system, then it dies, but people do, because it is a CHOICE and what’s wrong about it?
      You complain about companies getting search deals but you also complain about companies trying to stay independent? lol… people like you are actually laughable, because you are just a leech, a parasite that wants everyone and everything for free, but you won’t work for free I am sure, you want your paycheck every month, earlier if you can get it… but others have to work for free.

      You don’t even know what “ethic” means, search for the word and then you are going to realize how clownish you sound only because some people want some money for their work.
      Why don’t you create a fork like Brave and Waterfox and remove all the privacy issues and never accept money but work on it everyday (like Brave does) and update it everyday non-stop, do R&D like Brave does for privacy and bring new features and stuff, not just remove… you have to bring new features and do your R&D to bring new ways to fix the internet… go and do it and then come back and keep the “oh I will do it forever for free everyday 24/7”.

      You sound like those butthurt people who find excuses to complain about others making money when in reality search deals or BAT system have NOTHING to do with ethics and don’t violate any privacy if the user is too worry about it.

      Bring real proof of your BS post and maybe you will not sound like a clown.

      Look at your ignorance “spyware spyware it’s spyware” do you even know what SPYWARE means and is? apparently you don’t but you want to use those words to sound smart and like you have a point.

      But sounds like you just want to promote Librewolf lol…. maybe you even got paid to do it, or maybe you are one of those developers that trash others trying to convince people to join your little ‘ethical’ cult…. yeah okay… Librewolf is the best and everyone should use it.
      Do you even offer builds for iOS or Android? sync that doesn’t require to give an email and a password? Do you do R&D or just remove stuff and pretend you are helping the internet to become better?… Librewolf doesn’t even offer an builin adblocker with your own implementations and fixes and technology, nah… better to leech the work from others because that is easier.
      Oh wait… I have to pretend you are not the dev or a fanboy but a nice person trashing others only because you supposedly aren’t getting money for it and you do it because you are the good Samaritan…. okayyy.

      I mean, let’s hope Firefox doesn’t die soon (you can thank google for that) becuase if not Librewolf fork will just never be developed anymore because you won’t keep developing gecko, you are just grabbing whatever Firefox does and removing whatever you want, you depends on others, that means you depend on others and their search deals and dirty business (because mozilla is garbage) to stay alive so don’t be hypocrite… maybe you can start building your own browser and engine and give it for free and never ever get a cent from anyone, and maybe I will believe your “ethical” BS talk.

  3. ddk said on October 15, 2021 at 4:59 pm
    Reply

    Sadly Librewolf doesn’t pass the Ventusky.com stress test (broken site on LW) so it’s a no-go.
    I won’t disable any extensions and it works flawless on Chromium.
    But aside from that, the web is eventually going to be unusable with all the backdoor spying being implemented.

    I’ve resigned myself to expect unavoidable tracking, as long as I don’t see the results of such efforts (advertising), sort of cool with it. Using that to snitch on users to government/marketers without end users knowing or seeing whats going on behind the scenes is troubling.

    But big tech has unlimited resources to behave this way, with a nod from government.

    1. ShintoPlasm said on October 17, 2021 at 12:05 pm
      Reply

      Isn’t this because LibreWolf disables WebGL by default? You can easily re-enable it through the specific LibreWolf settings page.

  4. Dennis said on October 16, 2021 at 1:07 pm
    Reply

    Firefox with the arkenfox user.js and Temporary Containers, uBlock Origin, ClearURLs add-ons. I use Brave in the rare instances that FF does not work…

    1. Bob said on October 17, 2021 at 8:00 am
      Reply

      Or if you try default Firefox vs default Brave, would be more of valid comparison. Anyone can install extensions on either browser, to show Browser X is better than Browser Y.

      1. Yash said on October 17, 2021 at 9:40 am
        Reply

        Okay Bob I will try to install user.js file or something similar on Brave. Also I will add Temporary Containers in Brave Browser as well. Then I will compare those two.

        Funny some users here including you can’t quite grasp the privacy aspect. I mean GrapheneOS is not default on smartphones, so it should be not be compared according to your logic, right. Joke of a logic

      2. Iron Heart said on October 17, 2021 at 1:47 pm
        Reply

        @Yash

        user.js is not needed on Brave because most of its settings are already applied by default in Brave. Where they are not, it is because of web compatibility concerns.

        Firefox “needs” a user.js script because its default privacy settings are crap, and even with user.js it still remains a fingerprinting festival.

      3. Yash said on October 17, 2021 at 9:32 pm
        Reply

        Can you elaborate Brave’s protections and how they hold their own against user.js and Temporary Containers? Answer only if they’re effective, if not then don’t bother to reply.

      4. look ma no hands said on October 19, 2021 at 6:12 pm
        Reply

        to get parity with containers or first party isolation or dynamic first party isolation, iron heart has said in comments here at ghacks that he uses a new profile for each and every domain – hundreds and hundreds of profiles, he is smart. Be smart, be like iron heart

      5. Iron Heart said on October 19, 2021 at 6:42 pm
        Reply

        @look ma no hands

        Where did I say that I do this for EVERY. SINGLE. DOMAIN. If I wanted to isolate e.g. Facebook usage, then yeah, I’d probably have a separate profile for that. But for literally every single domain? Really? Are you stupid?

  5. Anonymous said on October 17, 2021 at 12:49 am
    Reply

    I don’t understand all those * [Editor: removed] caring about privacy, if you need privacy then go live in a cave and forget about tech LMAO.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.