Brave Search is now the default search engine for new users in 5 regions in Brave Browser
Brave announced today that it is switching the default search of the company's Brave Browser from Google Search to Brave Search in five regions for new users. The company launched a public version of Brave Search in June 2021. Brave Search is an independent search engine that does not rely on the indexes of large companies such as Google or Microsoft.
Brave acquired the search engine Tailcat and the team responsible for it in March 2021. According to Brave, the search engine is designed with the same design principles as Brave Browser: private, user-first, choice, independent, transparent, seamless and open. You can check out our review of Brave Search, linked in the first paragraph, for additional information on the principles. Ashwin's coverage of the Brave Search AMA on Reddit may provide additional details.
Brave Search replaces Google Search as the default search engine for new Brave Browser users in the United States, United Kingdom and Canada. It furthermore replaces Qwant for new users from France, and DuckDuckGo for new users from Germany. The company plans to make the switch to Brave Search for additional regions in the coming months according to the announcement.
Brave Search is available as one of several search engines in all version of the web browser. Brave Browser is available for desktop operating systems, Windows, Linux and Mac, and for the mobile operating systems Android and iOS.
Desktop users may change the search engine in the following way:
- Load brave://settings/search in the browser's address bar.
- The preference "Search engine used in the address bar" defines the search engine that is used.
- Activate the menu and select Brave if you want to make Brave Search the default search engine of the browser.
On mobile, select Brave Menu > Settings > Search Engines, and switch the search engine to Brave or another of the available search engines.
Brave Search can also be opened directly in any web browser.
Brave Search is without advertisement currently, but Brave announced plans to introduce ads to the search engine. The company is also planning on launching a premium version of Brave Search, which will be ad-free. According to Brave, Brave Search has reached "nearly 80 million queries per month" since its official launch in June 2021.
Brave Search's Web Discovery Project has been launched as well. Brave describes it as a "a privacy-preserving system for users to anonymously contribute data to improve Brave Search coverage and quality, and its independence and competitiveness against Big Tech alternatives". For users, it means that browsing data and search data is made available to Brave by users who opt-in.
Brave describes the project in the following way:
This data helps build the Brave Search independent index, and ensures Brave Search shows results relevant to search queries. For a URL to be sent, it needs to be visited independently by a large number of people; this is achieved by using the novel STAR cryptographic protocol. The WDP’s privacy-preserving methodology discards search queries that are too long or suspicious looking. It also discards odd URLs (such as capability URLs), URLs of pages that the creator defined as non-indexable, and of course pages that are not public or that require any sort of authentication. The Web Discovery Project runs automatically while a user is browsing the web, so it requires no effort on the part of contributors. Users who have opted in but no longer wish to participate can opt out at any time.
Additional information is available on the GitHub repo.
Now You: have you tried Brave Search?
I downloaded Brave for the first time and noted Brave is at Version 1.31.87 Chromium: 95.0.4638.54 (Official Build) (64-bit), This is more current than the stable versions of both Chrome and Edge (under Windows 10 21H1). I rserve comment on Brave and its default search engine until I gain more experience with it here in US.
Today Chrome has been updated to version 95.0.4638.54.
That reasonable attitude is completely out of place! Don’t you know you are reading an article about a web browser on Ghacks? Outrageous!
I have dabbled with Brave Search, common search queries /trendy stuff shows up ok. Misses on detailed fine tuned specific items tho.
But their privacy standards explanation regarding its Web Discovery Project is kinda encouraging.
Hope that’s opt-in and the same for ads displayed. IOW don’t force ads without options to filter.
> But their privacy standards explanation regarding its Web Discovery Project is kinda encouraging. Hope that’s opt-in (…)
It is opt-in. Check it out in the Brave Browser under brave://settings/search
It is disabled by default there.
> and the same for ads displayed.
I doubt that the ads on the search page will be opt-in. If that was the plan, they would not talk about “Brave Search Premium” etc. That being said, I think those ads will only be contextual in regards to the current search term, like e.g. DuckDuckGo and StartPage also handle their ads. The ads will not be related to prior search terms of yours, they (Brave Software) are not profiling you.
@Iron Heart: furthermore, ads can be blocked with uBO.
uBlock Origin works best on Firefox – https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox
@gorhill has spoken
“Look, mom, I’ve posted it again!!!”
Seriously, how often do you want to post that shite here, as if it has any meaning for Brave users? Brave is not in need of an adblocking extension, it has an adblocker included. What gorhill describes there are the general limitations of extensions on Chromium which have no bearing on native adblockers. Example? uBlock Origin can’t do CNAME uncloaking on Chromium due to an API limitation, but native adblockers like the one in Brave can:
I will post whenever I see people mentioning uBlock Origin. Klass Vaak didn’t say anything about Brave’s internal adblocking
klass vaak: ublock origin
gorhill has spoken: it works best in firefox
iron heart: but the sky is blue and hey look the goalposts moved over there and lets talk about something else, also ublock origin works best on firefox
Seriously, WTF dude. Thanks for confirming what gorhill said was true
The FACT remains, that uBlock Origin WORKS BEST IN FIREFOX. Get over it. Seek some help, you have a nasty demeanor towards your fellow commentators. Please act like a civilized adult
@gorhill has spoken
So you will spam the same comment over and over again whenever someone mentions uBO? Cool. Be happy that I am adding some context to your shite, so say “Thank you, Iron Heart” like a civilized adult, please. LOL.
uBlock Origin works worse than the internal adblocker of Brave in Brave and that is what matters in an article related to Brave, not Firefox.
> So you will spam the same comment over and over again
I am adding context to people suggesting uBO as a solution in non gecko browsers – guess what, Brave is not gecko.
Twice you have called what gorhill said as “shite”. The only shite here is you and YOUR repeated spamming at ghacks, more often than not with repeated lies. Look in the mirror.
@gorhill has spoken
> I am adding context to people suggesting uBO as a solution in non gecko browsers – guess what, Brave is not gecko.
Then do the Firefox astroturfing in articles related to Firefox and leave it there. As you said, Brave is not based on Gecko.
> Twice you have called what gorhill said as “shite”.
Yeah and not only that, I also believe that his reasoning regarding keeping the webRequest API is overall dumb and very far removed from the perspective of the browser developer. Browser developers see malware using the webRequest API all the time – including malicious forks of uBO – yet gorhill claims that it should be retained solely because of uBO, because hE uSEs iT fOr GoOd. LOL, the API most types of malware use MUST be retained because of the reasoning of one extension dev. Even Mozilla moves towards removing it, whether he likes it or not.
> Then do the Firefox astroturfing in articles related to Firefox and leave it there
Then do the Brave shilling in articles related to Brave and leave it there. LOL. Such a hypocrite
Just to reiterate, uBlock Origin not being able to handle CNAMEs in non Gecko browsers is relevant to Brave. So not offtopic, unlike your constant Brave shilling and shameless lying
@gorhill has spoken
> Just to reiterate, uBlock Origin not being able to handle CNAMEs in non Gecko browsers is relevant to Brave.
No it ain’t relevant for Brave. Brave’s native adblocker already does CNAME uncloaking, it doesn’t need uBO for that. I pointed to that above already. Again, take your Firefox astroturfing where it belongs, into the comment section of Firefox-related articles.
> No it ain’t relevant for Brave
Yes it is. People who use uBO on brave need to know that it won’t work as expected due to a lack of CNAME uncloaking. It has nothing to do with Brave’s built in man-in-the-middle advert replacer – that’s you using a strawman and moving goalposts.
The extension is clearly inferior in non-gecko browsers. Are you calling gorhill a liar?
@gorhill has spoken
> People who use uBO on brave
Not even needed on Brave.
> need to know that it won’t work as expected due to a lack of CNAME uncloaking.
Not needed on Brave either, Brave does CNAME uncloaking.
> It has nothing to do with Brave’s built in man-in-the-middle advert replacer
Brave Shields (adblocker) has nothing to do with Brave Rewards, they are separate components and can be used idependently of each other. Brave is also not replacing ads on the websites you browse on, its ads are system notifications. You clearly have no clue.
> that’s you using a strawman and moving goalposts.
That’s you having no clue.
> The extension is clearly inferior in non-gecko browsers. Are you calling gorhill a liar?
No need to use the extension in Brave, I don’t care. What you are doing here is Firefox astroturfing, there are Firefox articles already where you can do that.
Guess we are done here.
@gorhill has spoken said on October 21, 2021 at 8:21 am
“LZ4 compression requires the use of IndexedDB, which is problematic with Chromium-based browsers in incognito mode”
Is this why uMatrix doesn’t work properly on Brave when using Tor and incognito mode, uMatrix often stops working within some minute, and when clicking the icon it drops down a white empty blob, uBlock seems ok though.
“a privacy-preserving system for users to anonymously contribute data to improve Brave Search coverage and quality, and its independence and competitiveness against Big Tech alternatives”.
If all search data collected is just added to a database without tagging it as coming from an (unnamed) specific individual/entity, then it is, in fact anonymous.
If, however, the search data that is collected and kept is tagged to a single, specific yet unnamed individual, then that data collection method is illegitimate and evil.
Knowledge is power:
Knowledge collected specifically to you (named) is power over you.
Knowledge collected specifically to a group or community of unnamed individuals is power over that group or community.
Even anonymous, aggregated data based on separate individuals tells more about a group than what the “anonymous” collection of data would imply. It allows for the prediction of how a group will react in any given situation. The sociopolitical implications of this type of data collection, while technically “anonymous” individually, are dire for any long term semblance of freedom from totalitarian control.
And hence why we attempt to preserve our privacy individually and as a group.
Interestingly, Brave search seems to give different results depending whether you use Brave or Chrome. In Chrome it batters you with advertising. Why doesn’t Brave filter out advertising in the top section of their search page? Why do you manually need to set your country to get more relevant results? Ignoring the half page of advertising and the need to manually change settings, IMO Brave search gives rubbish results. I won’t be shifting from DuckDuckGo in a hurry.
For full adblocking in search engines, you need to set Brave’s adblocking mode to ‘Aggressive’ instead of ‘Standard’. As for the different search results – I think Brave Search mixes anonymised Google search results with its own results when using Brave Browser, but only shows its own results when using other browsers such as Chrome.
Not surprising. Browsing with Chrome is unique. I’ve opened Chrome and Browser X, then gone to a number of sites for an hour or so, same ones, both browsers. Chrome gets you into redirect and captcha land much faster, the number of ads make it almost unusable. If you clear cache and cookies (with an extension) it gets better for a while, then sends you wherever and puts up roadblocks again.
JMO, but those who use Chrome in its provided state likley don’t realize how truly awful it it. No surprise for something Google called, paraphrased, “Browser based user ad data collection software” in their financial reports.
As long as no notifications of any kind work, I’ll pass. It seems to me that by degoogling it, they broke some functions. I like the Brave idea, but it’s not finished yet.
Push notifications do work in Brave – with a caveat. Brave uses Google’s Push APIs, i.e. it connects to Google in order to push notifications work (Firefox connects to a Mozilla domain for the same reason) – that being said, Brave proxies the connection to Google, i.e. Google is not receiving your IP address or any other kind of personal info from you. You can enable Push notifications under brave://settings/privacy
You think I haven’t tried that numerous times already?! :)
That was the first thing to search in Brave help forums a year ago.
Notifications still don’t work, period. I can force it to show up once with a web notification test page, but that’s it. As if it goes into some suspended mode or something. It’s like a sloth: you have to constantly poke it to check if it’s alive ;P
I tried Brave a while ago and it seemed OK. Sure beats spending hours reconfiguring even stripped versions of Chromium which Google has turned in a nag notification bomb. Doesn’t take long to turn off everything you want in Brave.
Tried Brave search a few months ago, didn’t seem to have changed much in the prior 6 months. It worked; I have it bookmarked and use it occasionallly.
Thing is with a system level ad blocker and anti-tracker, I don’t need Brave’s external filtering. For an “earth person” looking for decent privacy without a bunch of slow-down extensions, I’d recommend Brave.
I’ve been following “Brave Search” since its predecessor, Tailcat (a search engine by Mozilla and Cliqz) project, and have been using Brave Search since it was first released in beta.
I currently have “Brave, Firefox (ESR, Developer Edition, and Nightly), Tor Browser, Waterfox G3, Pale Moon, Basilisk, and LibreWolf” implemented on my PC, and I use each of them in a timely, manner to maintain and test my skills, all of which have already been modified with “Brave Search” as a default.
The Brave search engine has its roots in the Open Search Engine: Tailcat project by Mozilla and Cliqz.
Unfortunately, it was the subject of a restructuring at Mozilla, and the project was terminated, as was the equity stake in Cliqz.
Seeing the potential of Tailcat, Brave bought Cliqz outright and acquired all of Cliqz’s assets.
> Cliqz | Wikipedia
> Brave buys a search engine, promises no tracking, no profiling – and may even offer a paid-for, no-ad version | The Register
As an aside.
The Tracking Protection feature implemented in Brave and Microsoft Edge is a joint product of Mozilla and Disconnect.
The Tailcat project started as an initiative by Mozilla to develop an “open search engine”, but everyone has been brainwashed by the convenience of “Google Search” and suddenly (October 6, 2017), an experimental development version of Tailcat for 1% of users in Germany (Cliqz: Germany) was implemented (opt-out function), and due to insufficient publicity, a boycott of Mozilla (Cliqz incident) occurred not only in Germany but also in Europe and the United States as a betrayal of the user-first philosophy, resulting in a drastic decrease in the market share of Mozilla products.
It was supposed to be the “golden egg” that was considered to be advanced and the real deal….
It’s a pity that it couldn’t become Mozilla’s signature product, but when I see the skillful business strategy of the Brave project, I feel that it was doomed.
Mozilla tätigt strategische Investition in Cliqz, um Innovationen bei der Websuche im Bereich Datenschutz zu ermöglichen | Mozilla Presse-Center
Abstract: Mozilla has been investing in Cliqz GMBH in Germany since 2016. This is an undertaking to enhance web search with respect to privacy, according to a German press release.
> Firefox Test Pilot website
> Human Web – Cliqz
> Cliqz Search Engine
The view of “solso”, who worked on the project at Cliqz and now continues to work on it at Brave:
> There was no tracking on Cliqz, nor it will be any in Brave. To know more about … | Hacker News
> Mozilla never did such a thing. The browsing history was never sent in any shape… | Hacker News
> Mozilla never did such a thing.
Yes, they did. The browsing history was sent, they just claimed to have “anonymized” it at the time, as if we could actually verify this cheap claim:
Stop white-washing Mozilla, my man. This was a clear breach of trust and user privacy via the Firefox Experiments backdoor and Mozilla was lucky that Microsoft did not flag their software as malware in response.
Stop lying iron heart. Mozilla never did such a thing. The browsing history was never sent in any shape or form
Here is “solso” who worked for Cliqz and now works for Brave
> There was no tracking on Cliqz, nor it will be any in Brave. To know more about the underlying tech of Cliqz there are interesting posts at https://0x65.dev, some of them covering how signals are collected, data, but no tracking. I did work at Cliqz and now I work at Brave. I can tell for a fact, that all data was, is and will be, record-unlinkable. That means that no-one, not me, not the government, not the ad department can reconstruct a session with your activity. Again, there is no tracking, full anonymity, Brave would not do it any other way.
> Mozilla never did such a thing. The browsing history was never sent in any shape or form. As the journalistic article you quote states, Mozilla put in place the HumanWeb [1,2,3], which was a privacy preserving data collection which ensured record-unlinkability, hence no session or history. Anonymity was guaranteed and the framework was extensively tested by privacy researchers from both Cliqz and Mozilla. Disclaimer: I worked at Cliqz.
>  https://0x65.dev/blog/2019-12-02/is-data-collection-evil.html  https://0x65.dev/blog/2019-12-03/human-web-collecting-data-in-a-socially-responsible-manner.html  https://0x65.dev/blog/2019-12-04/human-web-proxy-network-hpn.html
@look ma no hands again
So you are posting the denial of guilt of one of the people accused, who won’t admit it. Very impressive. There is an issue, though: They did admit that they collected the browsing history back then, they just claimed to have “anonymized” it. Even the comments you posted only talk about a supposed lack of “linkability” through anonymization which is not the same as “not collecting at all”. The damage control department of Mozilla is working overtime today, I see.
Brave adds referals to TYPED URLS which no other browser has ever done. Eich equates it to search engines and says everyone does it. Now that is SPIN. Eich the apologist and liar.
Iron Heart denies facts. More SPIN. Learn to read and logic
@look ma still no jhands
Hahahaha, what are TYPED URLS even? Is there any manifest technical difference to any other URL? I don’t think so. The Firefox astroturfing here is insane considering that Firefox adds its own referral to every single Google search.
There was no privacy impact to any of this, give me one good reason to care.
> Hahahaha, what are TYPED URLS even
Ask all the users who got upset that Brave, and only Brave, did this. Clearly there is a difference or
a) they wouldn’t have noticed
b) they wouldn’t have complained
c) articles wouldn’t have been written
d) Eich wouldn’t have had to apologize and make up stories about a coding mistake (it was clearly premeditated in the github patches)
e) Brave wouldn’t have had to have applied a patch
Just more SPIN from ghacks resident alternative facts spin doctor, iron heart. Brave gets caught with hand in cookie jar, gullible iron heart swallows eich propaganda and travels further down the rabbit hole
@look ma both hands
> Ask all the users who got upset that Brave, and only Brave, did this.
LOL, am I supposed to ask the captain obvious Firefox trolls who spammed the Brave Twitter and Eich’s Twitter at the time? Most of those trolls never even used Brave.
> a) they wouldn’t have noticed
Yeah, I know. They didn’t mask their referral as well as Firefox does, in Firefox it seems like it is coming from the user agent. Should have used “=brave” or similar instead of a number combo, much like FF does for Google to mask their referral. Shame, *ding*.
> b) they wouldn’t have complained
People complain about lots of things they don’t properly understand. Invalid.
If it really was a valid complaint, you or I could spam every browser article complaining about technically identical search engine referrals. Ridiculous.
> c) articles wouldn’t have been written
Further reactions to the faux troll outrage. Most of the articles didn’t even grasp what a referral is, claiming it was a privacy issue when it wasn’t. Invalid.
> d) Eich wouldn’t have had to apologize and make up stories about a coding mistake (it was clearly premeditated in the github patches)
Yeah, shame that he kowtowed there. I would not have apologized about something everyone else is also doing at least in relation to search engines. He was overwhelmed by trolls, but had no reason to apologize in response to faux outrage IMHO. Should have asked the Firefox trolls whether or not they have a better idea how to fund the browser, an idea that doesn’t involve becoming a Mozilla-esque search engine leech.
> e) Brave wouldn’t have had to have applied a patch
I wouldn’t have applied the patch in response to faux outrage. The browser needs funding, and referrals are superior to violating user privacy / actual violation of user trust.
> Just more SPIN from ghacks resident alternative facts spin doctor, iron heart. Brave gets caught with hand in cookie jar, gullible iron heart swallows eich propaganda and travels further down the rabbit hole
Pointing out the hypocrisy of Firefox users whining about the Brave referral when their own browser uses a referral for every Google search every single day (due to the Mozilla-Google search deal) does not require myself to be an “alternative facts spin doctor”, it requires common sense and a sense of justice. It is hypocritical and unjust to berate Brave for something every single browser does at least in relation to search engines. It is also hypocritical and unjust to talk about this standard industry practice as if it constituted a breach of trust – a breach of trust would be the violation of user data, the very alternative to what Brave did.
Again, I have no problem with them funding the browser with this referral (or any other referral), it is better than them collecting and selling user data. I have no reason to care, it literally had zero impact on me. Do you see me whining about Firefox’s search engine referral? No? Then why do you whine here, hypocrite.
still apologizing for brave’s shitty moves and making up wild hypotheses to explain everything away, still trying to change the subject to irrelevant topics like search engine deals, or funding, or being anecdotal how it didn’t affect you personally, and making wild generalizations about the nature of users and why they complained. In your head, everyone must be a troll, so therefore there is no issue. That’s not reality.
there is a difference between a typed url and a search. All browsers have search engine deals. Only Brave altered typed urls. Why is that? Because there is a difference between a typed url and a search.
@look ma no feet
The only artificial distinction here is your “typed URLs” vs. “URLs generated by searches” nonsense. There is no technical / material / actual difference here. It’s not the original URL in either case, and when you TYPE IN a search term, there is no reason for Firefox to alter the resulting URL either, aside from funding. Total nonsense “distinction” made up by you to smear the Brave project for the very thing your browser does as well. Pathetic.
Everything else I said is not a hypothesis, but clear cut and direct and truthful, diametrically opposed to the trollish smear campaign you left here. Get lost.
Wow! More than I’m brave enough to tackle.
Yeah, punny. :)
Search results are quite good. I haven’t tried it much but when I did, it worked perfectly. However search results number is a major issue and nothing has improved in that aspect.
“browsing data and search data is made available to Brave by users who opt-in”
That’s the Firefox Cliqz spyware again, with the difference that instead of being opt-out it’s claimed to be opt-in this time.
But considering that Brave lied before about its anti-features being opt-in, and considering that even if they don’t lie with such companies opt-in are quick to turn into opt-out or worse as soon as they feel strong enough to enforce it after baiting in enough victims, and considering that such data siphoning oriented companies have generally speaking a fundamental problem with telling the full and honest truth, I wouldn’t trust that.
And even as opt-in, that’s way too sensitive data to send to them with the sole purpose of benefiting them, uneducated users will probably be manipulated into opting in through some manipulative description text full of “very private don’t worry” as usual with such companies.
“private, user-first, choice, independent, transparent, seamless and open”
Needless to say that a company with the purpose of popularizing, before the surveillance giants embrace it fully themselves, the practice of monetizing your unfiltered browsing behavior spied on directly at the source for the ad industry, and constantly manipulating the truth on how that would be “privacy respecting”, even not hiding that it is bribing reviewers, needless to say that such a company is everything but that. That’s the plan for the search engine too, they are not hiding it.
Their dependence on the ad and surveillance industry is also not only through their own personalized ads system, they have the usual search deals that tie them more directly to the surveillance giants and the traditional personalized ads and this is reflected in their ad whitelistings for example.
“This data helps build the Brave Search independent index”
Beyond the obvious privacy problem with them like with Brave, there is indeed a well known problem with the traditional tech giants of manipulating result rankings/censoring them to benefit their business interests, or to voluntarily comply with suggestions from organizations like the CIA, the FBI, the White House or the US army of content to take down/downrank as deemed too “unamerican” when it’s not from their own initiative, something that curiously they do not even hide but that the press prides itself to congratulate when that happens.
Considering the criminal fascist thug organizations that warmly recommend Brave Search for its political inclinations they assume as going to be even more to their taste, one can only expect this trend to worsen in their own engine. Of course one can also expect that lots of the regular and less regular commenters here are going to take that as a recommendation.
>Considering the criminal fascist thug organizations that warmly recommend Brave Search for its political inclinations
> But considering that Brave lied before about its anti-features being opt-in
Where exactly? Source?
> such data siphoning oriented companies
Sorry, my dude, this is just incorrect. Brave Software took great pains to ensure that the ad matching is a 100% local process on your PC. No data ever leaves your PC towards Brave Software or any third party as part of the ad matching. As for the rest of the browser, it’s just one privacy-improving feature after another. Stop lying maliciously here.
> Their dependence on the ad and surveillance industry is also not only through their own personalized ads system, they have the usual search deals that tie them more directly to the surveillance giants and the traditional personalized ads and this is reflected in their ad whitelistings for example.
False. Old FAKE NEWS never dies, I guess. Brave does not whitelist any Facebook or Twitter trackers. If you want to read a factual account of how and why their whitelist came to pass, you can find one here:
They blocked certain scripts before and as a result, parts of the Facebook and Twitter websites broke and went non-functional. That this is not optimal for Joe Average should be obvious, right? So they took those essential scripts off their blocklist in response to complaints. It is noteworthy that other adblockers like e.g. uBlock Origin do not block these scripts either, and you can hardly accuse Raymond Hill of colluding with the ad industry seeing how he has declined offers for monetizing his extension time and time again. So Brave’s overzealous blocking was reversed, and they now block just like uBO does, and this makes them bad? OK, hahahahaha. If you want to break Facebook and Twitter, they still allow you do that under brave://settings/socialBlocking – but don’t pretend that this would be optimal for a general use browser to behave like by default.
> Beyond the obvious privacy problem with them like with Brave
Source for the “obvious” privacy problems of Brave?
> criminal fascist thug organizations
LOL, OK. I won’t even comment on the rest of your post since it is just blah blah, with this being the crown jewel.
Crown Jewel! WWE fan?
> Source for the “obvious” privacy problems of Brave?
I can smell what’s cooking
go read github, go learn about web technology
– limiting cookies to seven days – FAIL – see multiple methods to set cookies and prolongation attacks
– fingerprinting – FAIL – didn’t even cover all workers, initially failed to cover all iframe methods (took almost two years), failed to randomize enough (still doesn’t), some randomizing can be reversed (plugins, audio, user agent)
– ephemeral storage – FAIL – doesn’t address the underlying issue of isolation per eTLD+1
– whitelisting some of the biggest trackers on the internet – FAIL
– the list is practically endless
Brave is an advertising company funded by venture capitalists, which makes half-baked incomplete unstable and useless patches on chromium. because they are not a browser company, and then blogs about it as if they had saved the world, because it’s all about marketing and not real solutions
Brave can’t even engineer their wonky shit patches properly – did you enjoy your bloated slow brave the last few years – https://www.ctrl.blog/entry/brave-ab-performance.html
@dwayne the rock johnson
There is something all your weak examples have in common: None of these issues were introduced by Brave Software, none concern them supposedly slurping user data. You only cite website-related privacy. Your weak examples are the result of Brave Software having to work with third party code in Chromium. Chromium does not have any viable protection by default. As a consequence, Brave Software has to “engineer their way up”, so to speak, i.e. they have to introduce defenses one by one. This takes time and effort, and is not exactly made easier by frequent rebases. Still, Brave at least has these protections on by default, whereas most browsers do none of the above.
And the browser is not any more or less bloated than any other Chromium-based browser. Don’t know what you are even talking about, seems like you have never used Brave.
I can still smell what’s cooking, and it’s getting smellier
iron heart, why are you such an apologist for brave’s shortcomings. They chose to rebase on chromium, that was their choice, because they are not a browser company and can’t engineer themselves out of a paper bag. Of course brave added these privacy protections – it’s right there in their marketing privacy blogs which you like to link, not to mention their github repo, if you could read code, which I doubt. Sounds like you don’t even know brave
@dwayne the rock johnson
Can you show me any privacy violation that was deliberately introduced by Brave Software? Where do they spy on their own users, show me the code then. That they didn’t tackle all issues of Chromium (to which there is no alternative, Firefox is rotting away with 3% market share) yet is not demonstrating that they themselves are not trustworthy. It just means that there is still work ahead.
> iron heart, why are you such an apologist for brave’s shortcomings.
Why are you such a Firefox troll, using misleading arguments about referrals and third party Chromium code that are in no way proving what you want us to think they prove?
> Why are you such a Firefox troll, using misleading arguments about referrals and third party Chromium code
where did I mention firefox?
where did I mention referrals?
where did I mention any third party chromium code?
oh, I did none of those things. please learn to read. the privacy issues are failures of brave to do what they say they do
I gave examples
– code implemented by brave, to block known trackers, and yet they allow the major trackers through – if that doesn’t insult your intelligence then I don’t know what will
– code implemented by brave (https://github.com/brave/brave-browser/issues/3443), to limit JS cookies lifetime to seven days – but this is easily bypassed by setting the cookie via HTTP headers, AND by using prolongation methods – what an utter waste of time
it’s all gimmicks with brave
Now I’ll mention firefox, since you’re convinced I already have – Firefox has actual real solutions, such as dFPI and Smart Blocking with heuristics and transient user gestures
@dwayne the rock johnson
> code implemented by brave, to block known trackers, and yet they allow the major trackers through – if that doesn’t insult your intelligence then I don’t know what will
Your fake news is insulting to the collective intelligence of readers here: https://nakedsecurity.sophos.com/2019/02/12/privacy-browser-braves-user-concern-over-facebook-whitelist/
Look, that’s a factual account of what happened and none of your accusations match it. Brave is somehow bad for not blocking scripts uBlock Origin doesn’t block either to avoid the site breakage… Is Raymond Hill also colluding with Facebook and Twitter here? Hm, I don’t know, you tell me.
> code implemented by brave (https://github.com/brave/brave-browser/issues/3443), to limit JS cookies lifetime to seven days – but this is easily bypassed by setting the cookie via HTTP headers, AND by using prolongation methods – what an utter waste of time
And? Not every website uses prolongation attacks or sets cookies via HTTP, there is no a reason to for most browsers. Chrome and other major browsers do not limit cookie lifetime in the way Brave does, do you think they will react to a minor browser like Brave on every website? LOL. We are still talking about a net privacy improvement here in almost every single case. And even if your random examples of circumventions hold true in rare cases, what is the alternative here? Not setting the cookie at all? That’s bad for web compat reasons, you know. Get lost.
> Now I’ll mention firefox, since you’re convinced I already have – Firefox has actual real solutions, such as dFPI and Smart Blocking with heuristics and transient user gestures
Firefox is an engineering debacle and is years behind Chromium in most areas, including security, web compatibility, and performance. I won’t use that crap, ever. Neither should anyone else, all things considered.
The FF codebase is years behind Chromium in terms of engineering, some gimmicky privacy features that tackle tracking techniques even Google wants to get rid of (your examples above) don’t change it. It will also disappear in a few years if the current trend continues. It’s a waste of time to even discuss it, let alone take it seriously.
why are deflecting?
why are you mentioning uBlock Origin?
why are you linking to madaidan?
why are you mentioning web compatability?
When you can’t stick to the discussion, it means you have nothing to add – you lost the argument
Brave offers expectations that they block trackers. They don’t, they allow the BIGGEST ones through, DELIBERATELY. See, not a solution. Still not fixed. FAIL
> Not every website uses prolongation attacks or sets cookies via HTTP, there is no a reason to for most browsers.
Browsers don’t set cookies, websites do, please educate yourself.
Websites can use either HTTP or JS. Your claim that most sites use JS is pulled out of thin air. A large majority of sites use HTTP (the last paper I looked at that had this information, JS was only around 40%, but that was a while ago and for a specific data set). Additionally, most third parties are involved in cookie syncing, so this does nothing to mitigate tracking
So you admit that Brave only implements a half-baked useless measure, that doesn’t fully cover all use cases and does not provide any meaningless privacy gains – because HTTP cookies are a thing and prolongation attacks are a thing. Pretty sure the biggest trackers out there just looked at Brave’s implementation and laughed, added a few lines of code, and called it a day.
Thanks for confirming that Brave is all about privacy theater and half-baked incomplete solutions for marketing purposes to suck in gullible users
Daniel Micay again. Its good for him that Edward Snowden mentioned his project – GrapheneOS. But Apple shipping privacy – stop right there. Now next time you will say Google Play Services is better because it can be/will be in near future installed in GrapheneOS. Stop it right here. Safari good for privacy – chuckle many times. That’s funny.
Any real opinions about Brave ? Not only fanboys or antifans ? It’s not a religion, it’s a browser with people behind it who want to make a profit. Since Brave is free the money must come from somewhere else. Now they have their own search engine. Only because they care so much about the user ? I don’t think so. If one likes Brave, feel free to use it. If one likes Chrome so be it. The same for Firefox. It’s a personal preference the rest is just talk. If you use any browser you should realize some of your information will be collected. Some collect less some more. And every one of them deeply cares about your privacy. So they state. And the earth is flat.
For me, the “Chromia” are a bitter disappointment.
I was running Kiwi Browser on Android, but have since suspended all ops with it as the Kiwi crew have failed to update the Google Play version to stay ahead of the recent spate of “zero day” exploit CVEs (which Martin highlighted in recent posts). Okay, so just the other day, I tried Brave for Android from Google Play – based on Brave’s claims about privacy… well FM(!), Brave Shields would not hold my stricter custom settings no matter what I tried, so I removed it in disgust. As I find it really hard to trust Chrome, and with Kiwi and Brave now in disgrace in my land, I remain browserless on Android.
To add to the above, I will not install Brave on a Debian based *nix PC either – and that’s based on Brave’s own installation instructions! Their process is untrustworthy. I find it difficult to trust them any more than I could barely hope to trust Firefox. Frankly, I do not accept the bad situation where all of the browser camps, other than GNU Guix’s Icecat, Lynx, GNU Emac’s EWW; feel that they have the right to effectively abuse the widespread masses of us here in userland by constantly violating our privacy one way or another. In their typical contemptuous fashion, they do it because “they can”, because they’re “bigger than us”, just like any other institution like our governments or churches. It’s the ever more cynical mindless consumerist zeitgeist that our collective “illuminated” leaders continually tell us “… is really good for us and that there is no better paradigm out there”. Propaganda effectively that the majority of us fail to adequately question or challenge.
Oh well, some polemic from me … but will it make me feel any better is the question!
Interesting. You’re right, Chrome base is getting flaky but salvation might be at hand with Ungoogled Chrome, Manifest 3 on horizon tho. What magic can devs perform as a workaround esp with content filtering/privacy etc?
Unfortunately alt browsers don’t have functionality or web standard compatibility similar to Chromium. Just shocked & saddened how badly Firefox has gone into the toilet, Waiting for that final flush.
Yes, unfortunately I find it a rather depressing situation.
That said however, there have been promising “stirrings in the breeze” over at GNU, and GNU Guix System & GNU Guix (the package manager) regarding further development of Icecat – which is built from Firefox (MPL 2.0 – free software licenced) source code. Apparently one of the maintainers has been looking at modifying the source before it is built into Icecat binaries, so that improvements can be made in the browser’s privacy. I’d like to see their maintainer/developer base grow … I think they’re still somewhat “stretched” currently – so there’s some hope perhaps.
There is also Bromite, you could try this one.
Thanks again for the heads up – much appreciated, I shall investigate.
Grumble & sigh … I think I’ll also have to give Brave for Android cry-phone another shot, and perhaps go and have another look at the “Issues” section over at Kiwi’s GitHub repo. Perhaps I missed something, but my reading of the CVEs over at the Chromium site did not appear to rule out applying to the Android platform, hence my concerns. Anyone please enlighten me if you know more and/or otherwise.
Martin Which would you recommend, Tor or Brave?
Depends. Brave is a good browser, Tor is the way to go if you really need to be anonymous.