Brave 1.42 released: security fixes and Edge import support

Martin Brinkmann
Aug 3, 2022
Brave
|
33

Brave Software released a new stable version of the company's Brave web browser today. The new version of Brave includes several security fixes, the ability to import data from the Chromium-based Microsoft Edge web browser, and several usability improvements.

Brave 1.42.86 is already available for all supported desktop operating systems. Brave installations should upgrade automatically, but users may speed up the installation of the 1.42 update by loading brave://settings/help in the browser's address bar. Brave displays the current version and runs a check for update, when the page opens. Any new version that is found is downloaded and installed automatically. A restart is required to complete the process.

Brave 1.42

Brave 1.42 is a security and functionality update. The browser's core is upgraded to Chromium 104.0.5112.81. The official release notes make no mentions of the specific changes of the upgrade, but it appears that all Chromium-based security issues are fixed in the new version.

The new Brave Stable version includes several Brave-specific security  and privacy changes:

  • Unlinkable bouncing is enabled by default now. The feature is Brave's attempt to disable a tracking feature called Bounce Tracking. Ability to debounce based on a regex is now supported.
  • Improved fingerprint farbling in aggressive tracking protection mode.
  • A warning is displayed to indicate that local IFPS nodes bypass the browser's proxy settings.
  • An IFPS crash issue has been fixed.
  • Fixed a wallet API freezing issue.
  • New Tab Page design has been updated for private windows and private windows with Tor.
  • The configuration page brave://settings/cookies has been updated to better align with brave://shields.
  • Removed known Marketo email tracking parameters from URLs.

Brave 1.42 includes a number of usability improvements and changes:

  • Brave supports the import of data from Microsoft Edge now.
  • Settings to refine autocomplete suggestions added to brave://settings/appearance. Users get options to enable/disable the following items individually:
    • Top sites
    • Suggested sites
    • Browsing history
    • Bookmarks.
  • Setting for Search engines used in the address bar in private windows added to brave://settings/search.

The new  Brave release includes several crypto-currency and wallet related changes next to that, as well as some fixes for non-security issues.

Check out the changelog for a full list of those changes.

Now You: do you use Brave?

Summary
Article Name
Brave 1.42 released: security fixes and Edge import support
Description
Brave Software released a new stable version of the company's Brave web browser today. The new version of Brave includes several security fixes and improvements.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Anonymous123 said on August 10, 2022 at 10:12 pm
    Reply

    @Iron Heart

    > LOL, nope. How can that be when it uses the same lists as uBlock Origin by default?

    UBO is better programmed to work in tune with Firefox. Brave and its crypto garbage and native ad blocker is bloatware in my opinion. I know it makes you mad, but Note: this is just an opinion, your asinine wall of text won’t change my opinion. lol.

    > It uses the same filters by default

    It is not UBO with Firefox though, now is it?

    > I don’t think so. Ever heard of GrapheneOS or other Custom ROMs?

    Smartphones? it seems like you have never heard of all the stuff that was done with smartphones being linked to vaccination status in order to enter public places in many countries in europe for example. That is very privacy invasive and just WEIRD to combine medical history data with an internet enabled device like smartphones!

    You sound like one of those vaccinated guys with smartphone in hand staring into your phone on the street dazed and in confusion about what is going on in the world. lol.

    Did you also know how harmful smartphones are to health? They have been known to cause various health problems.

    Anyways, Graphene OS and custom roms whilst at least being an alternative to android are not really an alternative at all, as they require google pixel phones along with other such phones that get out of date very quickly and recieve no hardware updates after a few years, which in the long run makes graphene OS useless as a secure OS for devices that go out of date very fast. So graphene OS requires the latest and greatest in order to be fully secure . Anyway smartphones are just shit in my opinion, and Linux phones are the future of privacy smartphones as phones built for android are very locked down. Linux friendly phones are better, but i still think smartphones are shit hardware, they are inferior compared to powerful desktop cpus and graphics cards.

    smart phones by their very nature are also not very private because they are in contact with towers and other peoples devices (bluetooth, wifi) when used casually with internet on. They are also a dream come true for tyrannical type governments to implement ID pass requirements and social credit scores.

    Again, read what stallman says about smartphones, he knows his stuff, you do not anything about technology in general.

    > Google Analytics should not be present in mobile Firefox in the first place. I thought it’s the privacy browser(TM), what happened? Brave doesn’t have Google Analytics built in.

    Lol, tell someone that actually uses smartphones, i avoid smartphones like a plague.

    The good old cord phone is a nice piece of technology you know lol. But you would see that as irrelevant because you want the LaTeSt and GrEaTeSt, lol.

    > Firefox has closed source, non-free components built in too

    The base code of Firefox is open source and free software. The DRM part of Firefox relates to a plugin. Firefox downloads and enables the Google Widevine CDM when DRM is enabled in the settings and the CDM runs in a separate container sandbox. Anyway all that stuff can be opted out of easily and Google widevine plugin removed. DRM is useless in FF without that widevine plugin.

    > I am not the shill here.

    Oh dear brother Iron Heart to question google, chromium and Brave is to question god itself lol.

    > linux

    > Need I care? As irrelevant as Firefox, if not more so. No disresepect meant.

    Again, you are a noob who only uses mainstream software. Typical windows user. Linux communityies with a privacy focus would definetly view you as someone who loves M$.

    Btw, for all your talk about smartphones, you fail to realise that android is built on a modified linux kernel, without linux, there would be no android you ignorant and foolish person. lol.

    Again, like i say your knowledge around software and hardware is noob level stuff. Your arguments get exposed time and time again as really stupid when anyone with even a slight grasp of technical knowledge sees through your utter BS about browsers, fingerprinting and your irrational hatred of firefox.You also say javascript is annoying to turn off, well guess what? most fingerprinting is done with JS.

    > The article of the uBlock Origin dev describes widely known extension API limitations in Chromium, which makes the Chromium version of uBO work (very slightly) worse than the Firefox version.

    Yes chromium is very limited and UBO works worst in Brave, because chromium has not as good programming as Gecko, not as customizable.

    I don’t trust native ad blockers built into the Browser especially chromium based ones (bloatware), i trust stand alone extenstions like UBO that work with the browser to enhance it. What part of that english do you not understand?

    Good luck with manifest V3 chromium bloatware, the windows OS (greedy corporation bloatware) (you sound like a windows user) and your javascript turned on in the browser because you said it turned off is annoying.

    You”re a real privacy expert Iron Heart. Your knowledge is awesome. I have learned absolutely nothing from you.

    What i have learned though is how you are still replying to my comments on a week old brave article which makes you look like a Brave browser supporting fanatic.

    LMAO.

  2. Anonymous123 said on August 10, 2022 at 2:15 pm
    Reply

    Typo

    Ublock origin has a better list of filters than chromium based browsers, they do not operate better than Firefox + Ublock origin, because native ad blockers are not as good as stand alone blockers like UBO that have larger and more fine tuned blocking lists and chromium browsers can not be customized like firefox can on desktop.

    1. Iron Heart said on August 10, 2022 at 3:28 pm
      Reply

      > they do not operate better than Firefox + Ublock origin,

      You speak English, right? What did I just tell you? The article of the uBlock Origin dev describes widely known extension API limitations in Chromium, which makes the Chromium version of uBO work (very slightly) worse than the Firefox version.
      Natively implemented adblockers like Brave’s built-in adblocker don’t use extension APIs at all though and are thus NOT under their limitations. That’s why Brave can do e.g. CNAME uncloaking. The article you brought up is invalid for the comparison uBlock Origin vs. native adblockers, it just compares different uBlock Origin versions (which is irrelevant for me, I don’t need uBO).

  3. Anonymous123 said on August 10, 2022 at 2:09 pm
    Reply

    @ Iron Heart

    > For example, Brave’s native adblocker

    Is absolute shit when compared to Ublock origin with Firefox.

    > uBlock Origin is unneeded in Brave and also does not work better than Brave’s native adblocker.

    Ublock origin has a better list of filters and does not work better with Firefox + Ublock origin.

    > Firefox also includes non-free components like DRM or (on Android) hard-coded trackers like Google Analytics

    People who actually are into privacy topics reject using smartphones and don’t give a shit about them except to say that they are dystopian level tracking devices, read about guys like richard stallman. Google analytic domains can be blocked with a simple Firewall, and DRM easily turned off in desktop Firefox.

    Keep trying, keep pruning, you will not convince many tech people to move away from Firefox you noob. Anyway chromium based browsers are shit on linux. Firefox is more fine tuned. I would never use such a shit browser like Brave.

    1. Iron Heart said on August 10, 2022 at 3:21 pm
      Reply

      @Anonymous

      > Is absolute shit when compared to Ublock origin with Firefox.

      LOL, nope. How can that be when it uses the same lists as uBlock Origin by default?

      > Ublock origin has a better list of filters and does not work better with Firefox + Ublock origin.

      It uses the same filters by default and you can add your own lists to both, so nope.

      > People who actually are into privacy topics reject using smartphones

      > dystopian level tracking devices

      I don’t think so. Ever heard of GrapheneOS or other Custom ROMs?

      > Google analytic domains can be blocked with a simple Firewall

      Google Analytics should not be present in mobile Firefox in the first place. I thought it’s the privacy browser(TM), what happened? Brave doesn’t have Google Analytics built in.

      > DRM easily turned off in desktop Firefox

      DRM isn’t malicious. I was just bringing it up because you raged on and on about closed sourced components, in Stallmanesque style. Firefox has closed source, non-free components built in too and I can make the very same argument for Brave: Just disable it, mate.

      > convince many tech people to move away from Firefox you noob

      I am not the shill here. And the noob is clearly he who does not know what he’s talking about, or in other words: You.

      > linux

      Need I care? As irrelevant as Firefox, if not more so. No disresepect meant.

      > I would never use such a shit browser like Brave.

      Again: Need I care?

      Glad you dropped the BrAvE wHIteLISteD FaCEbOOk tRAckErS fake news though.

      1. Iron Heart said on August 10, 2022 at 3:22 pm
        Reply

        *disrespect

  4. Anonymous123 said on August 7, 2022 at 5:57 am
    Reply

    @Bravehurt

    > Last night Brave got kicked out of my machine after a year long test, it’s simply too trashy under Ubuntu especially when delivered as a Snap package, which takes nearly 2 f* minutes to start up, in addition many extensions are buggy

    Brave is a poor substitute for Firefox or its forks on linux. I don’t think Brave have even an official appimage for Linux, you have to rely on third party compiled appimages lol. It is a bloated chromium mess with their own ad mechanism built in lol. Just LOL too at Eich criticizing DuckDuckgo for whitelisting M$ trackers in duckduckgo browser. Brave actually had been known to have whitelisted facebook trackers a few years ago in their browser. So they can’t say much. UBO also works way better on Firefox.

    I wouldn’t use Brave. Firefox and forks like Librewolf and GNU Ice Cat are better. Firefox being probably the best though, because forks do not have such a large team to be able to keep up with security updates and generally leaving the fork bug free. Librewolf can be very buggy, it does not run as well as standard Firefox. I do not trust any chromium based browser, too much google blobs, too much monopoly.

    1. Iron Heart said on August 8, 2022 at 10:19 am
      Reply

      @Anonymous123

      > Brave actually had been known to have whitelisted facebook trackers a few years ago in their browser.

      Old fake news never dies, I suppose: https://nakedsecurity.sophos.com/2019/02/12/privacy-browser-braves-user-concern-over-facebook-whitelist/

      You can’t block each and every script, making the website unusable. The blocking was overzealous and broke multiple mainstream websites, it’s the same reason why uBlock Origin is not blocking these scripts by default either(!), you uninformed, wonderful human being.

      > UBO also works way better on Firefox.

      Yeah dude because I need an adblocker in a browser that already has an adblocker built in, like Brave. Makes sense. Btw, the uBlock Origin dev compared uBlock Origin (Chrome) vs. uBlock Origin (Firefox). Extensions like uBlock Origin are under API limitations, which the native adblocker of Brave does not operate under. For example, Brave’s native adblocker supports CNAME uncloaking which uBlock Orgin (Chrome) doesn’t support etc.
      Summary: uBlock Origin is unneeded in Brave and also does not work better than Brave’s native adblocker.

      > I do not trust any chromium based browser, too much google blobs, too much monopoly.

      More FUD, LOL. Google’s lapdog Mozilla does not fix any problem and has never taken the high road on any issue whatsoever. Firefox also includes non-free components like DRM or (on Android) hard-coded trackers like Google Analytics (hahahahahahaha). Nice propaganda of yours, though.

  5. bavehurt said on August 6, 2022 at 8:41 am
    Reply

    Last night Brave got kicked out of my machine after a year long test, it’s simply too trashy under Ubuntu especially when delivered as a Snap package, which takes nearly 2 f* minutes to start up, in addition many extensions are buggy or restricted while working flawlessly on FF + a few other issues.., I could be more nuanced in my criticism but I’m burned and done with Brave.

  6. Daniel said on August 5, 2022 at 2:14 am
    Reply

    Brave regression…

    “…starting from the 1 Aug 2022 sync codes v1, which were not time-limited, are deprecated.

    Now it is impossible to generate sync code words once and use it for a long time. The time limited sync code needs to be generated each time you are connecting a new device.”

    –https://community.brave.com/t/recovery-key-not-accepted-on-fresh-install-had-to-start-from-scratch/418838/8

    1. Starlight Brock said on August 5, 2022 at 3:37 pm
      Reply

      And how is it bad exactly? lol I love how people complain about Brave decisions like that. seriously, how needing different sync codes is a regression? how sync code being time limited now is a bad thing for security? Now it is almost impossible for others to have access to figure out and “hack” and brute force people’s sync information.
      Why do you want to generated once? it is just stupid, the point of using these type of sync systems not attached to password or email or phone number is to be able to do these kind of thing.

      You are just complaining about nothing, about why the clouds have a shape and people see a dog, and you see a cat so you want to complain. Like “Old Man Yells at Cloud” meme.

      People should be more careful how their devices are done, there is no point of anyone using one computer and having sync on just because “my computer can crash and I want to back up my key so I can recover it someday”, sync is for multiple devices, if your computer crash, you should be able to have your phone to get sync going on, if your phone gets reset, you can have your computer to sync it back.

      Users like you are terrible, you want the worst security because “I want it to be like others”, maybe you should go back to Vivaldi, Edge, Chrome or Firefox, and even Opera (they say they will brink back QR sync again but they removed it after last update) where you can have a nice password anyone can hack and you have to provide your email and your phone number and whatever they say you should provide, but at least you will have the same password and the same email and the same phone number for a long time.

    2. Ram Pathak said on August 5, 2022 at 8:37 am
      Reply

      So that’s really great in fact! It keeps your sync line safe as the sync code changes everytime. Don’t know why people moan about it.

  7. Anonymous123 said on August 4, 2022 at 11:27 pm
    Reply

    @Iron Heart

    > Chromium: 80% market share
    Firefox: 3% market share

    Great, at least Gecko will not be as big a target for attackers trying to exploit it. Chromium like windows being so popular is already in the news constantly about massive security issues and constantly being patched. Chromium is the most used engine codebase on desktop and mobile. Popular software which is literally a monopoly can be really crap! In a way i like that Firefox is not as popular.

    > So obviously, Firefox lost users to Chromium (mainly Chrome, but now also Edge), and obviously has not enough of a pull factor to draw anyone back either. How does that work if the product is supposedly superior?

    Judging how good an engine codebase is, due to its popularity, makes you sound oh so very ignorant.

    Do you think tech experts use software based on how popular it is? No! they use it on how good it is, and Firefox properly configured is known for excellent security and privacy in a whole list of privacy communities.

    But you in your wisdom know better than them right?

    > Mozilla is a Google project too in all but name, look at their finances for more info.

    A search engine deal with Google makes Gecko the most popular engine codebase on desktop and mobile? actively developed and maintained by Google employees and installed by default as the base browser engine in almost all devices?

    Gecko is not used for google chrome. Gecko is a different project under the control of Mozilla that has a search deal with Google. Something you do not understand fully.

    > in both cases this crowd here claims that “less used” means “more secure”, which is a complete non-sequitur and a massive lie.

    Security through obscurity is a thing you know and does work from a security perspective. It is not a lie.

    > Firefox lacks real site isolation and has a laughable sandbox.

    Firefox has good sandboxing and does have adequate site isolation, and improving considerably, that and the fact it is not so popular compared to chrome and edge, makes it a good choice for the idea of “security through obscurity philosophy” and Firefox is known for good security anyways as it has been independently audited many times. Firefox is known for having good security from the many audits that were independent.

    > However, due to its low market share, it is naturally less attacked, and less attacked means better engineered, right?

    Naturally less attacked is a good thing for those who do not use popular software that is constantly attacked by cyber criminals.

    Security through obscurity makes a browser safer in the real world. Many people would agree.

    > fork of the Chromium codebase,

    At what cost for browser developers forking chromium, when they are constantly trying to roll back Googles privacy invasive techniques in the codebase year after year? Not to mention the massive security issues and patching due to the popularity of using the chromium codebase?

    > not everyone has the time or the inclination to mess with the settings. Offering good defaults therefore has value and should probably be Mozilla’s goal too.

    Mozilla does offer good defaults. It is called about:config, a settings page that can be customized. Wanting others to do that all for you is fine, but as i said earlier relying on things just for convenience sake, teaches you nothing. It is more fun to actually learn about privacy. There are numerous guides to harden any specific browser and make it at least more private. Why should people just rely on Braves words on what is a good default or not? They have javascript on by default. lol at letting that on by default on a browser codebase developed by google.

    People should be more interested in obtaining privacy and not just taking some companies word for it, they should actively be more interested in privacy, especially in the era of IOT internet of things devices.

    > The defaults are important for fingerprinting defense.

    Lol. Javscript turned off in a browser is arguably far more important than any default config being used in a browser for fingerprinting defense. I don’t think javascript is off by default in Brave. People say oh, but their browser does not work with it off? well yeah lol, conveniencve or privacy? They usually do not work together. On another level, not using your real IP address is a fingerprinting defense as IP addrsses are commonly fingerprinted. Most browsers do not have built in VPN that comes as standard. So all that talk about defaults and fingerprinting in marketing terms as relates to browsers is just that, just marketing to an audience. Some will say Brave uses TOR to hide real IP as an option? But Brave has been known for broken TOR windows.

    If Brave users think they can not be fingerprinted by big-tech companies without changing their real IP address, they are in denial. Defaults mean nothing if other fingerprinting options are available to big tech, especially the IP address.

    > The hardening meme. Eww. See above, doesn’t work against scripts checking even for a fairly modest amount of values. You are still running a highly unique setup.

    Scripts? Ever hear of Javascript toggled off? It seems not.

    You are just hilarious, you probably use windows, judging by that portable apps link you posted, and you worry about fingerprinting in browsers the most? You should be more worried about M$ and their privacy options in their OS, or lack of.

    Expecting great privacy in windows OS in its default configuration with javascript on using the Brave browser idoes not sound very private, you posted a link earlier for Brave portable option for windows, yet you constantly berate Mozilla for their defaults in Firefox. Just look at the defaults in M$ windows 10 and 11, you are ignorant. M$ even pushes Edge as default browser in windows and are constantly pushing updates after updates and tightening their OS to be non customizable lol.

    > who disables WebGL, IPv6, WebRTC etc.

    WebGL turned off makes your hardware more private. IPV6 is not as good as IPV4. WebRTC turned on leaks real IP address if using VPN.

    As i said, you do not understand why some people would choose to run customized defaults for any given purpose. People use what works for them. Not everyone has paranoia about browser fingerprinting like you do, which is very ironic, since you probably use windows judging by that earlier portable apps link you posted lol. Defaults matter? Typical windows user.

    > Nobody needs to disable JavaScript. Disabling JavaScript is just annoying

    Yeah you tell them IronHeart. Our privacy expert Lol.

  8. Fred said on August 4, 2022 at 8:31 pm
    Reply

    I can’t believe Brave has changed my choice of search engine, DDG, to Brave search in private browser mode without my permission.

    They shouldn’t be allowed to do that. Imagine if Google or MS did that with Chrome or Edge.

    1. Rye Bram Dom said on August 5, 2022 at 3:50 pm
      Reply

      Dude, it is obvious they will start switching any-default-engine to Brave, especially if we talk about one of the worst search engines, DDG not just bad overall but also irrelevant because just like most search engines is Bing but with more censorship.

      Do you find it surprising they switched search engines for people who NEVER CHOSE a default? also, we are talking about DDG, not some great search engine they are changing your default (because you never set as default), and now you are crying about it, like if you can’t switch it back or like if it killed your cat? laughable.

      Do you even understand basic computer, * [Editor: removed, stay polite please]. If you never set a default for private windows yourself, then, there will never be written in Preferences (or Secured Preferences) file, so, if brave changes the defaults, and you never set yours so your preferences is not written in a file, then Brave can’t know you are one of the clueless who liked DuckDuckGo, they will just change the default and move on. They are not like “oh, I will annoy this person by changing the default”. Do you think ‘defaults’ are written in files? some are but not all, something like private window search engine wasn’t because before, there was no an individual search engine for private windows.

      Did you understand or is it still too complicated to understand? This was for private windows anyway, not your normal ones. Did you also cry when they changed Tor windows from DDG to Brave??? it is the same issue, the difference is Brave let’s you choose whatever you want for Private windows now, unlike couple months ago.

      * [Editor: removed]

      1. Fred said on August 5, 2022 at 11:42 pm
        Reply

        @Rye Bram Dom

        Do you feel better after that rant full of insults directed at me and your seemingly pathological hatred of DuckDuckGo.

        Good grief, you’re so triggered.

    2. Iron Heart said on August 4, 2022 at 8:52 pm
      Reply

      @Fred

      DuckDuckGo used to be the default in some locations, Brave Search is the new default. If you never changed the default, then Brave switched from DuckDuckGo to Brave Search. I, for example, had StartPage set (so not the default!) for a time and nothing got changed for me. I agree that they should have left DuckDuckGo in place where it was already preset and should just have notified you about the availability of Brave Search, without changing anything. It is what it is, change it back to DuckDuckGo, it should stick just like StartPage stuck for me here.

      1. Fred said on August 5, 2022 at 2:35 am
        Reply

        @Iron Heart

        Thanks for that explanation. It explains why it happened.

        However, I am quite peeved that Brave didn’t notify users of this major impending change. They could have easily had a little pop up leading up to the change.

        I state again, all hell would break loose if Microsoft or Google behaved this way and on this issue I am disappointed with Brave.

  9. Anonymous123 said on August 4, 2022 at 4:22 pm
    Reply

    I would never use Brave as a main browser, for the simple reason that it is based on Chromium and there is something about it that just seems inferior to Firefox. The chromium project is heavily developed and maintained by Google. Chromium has been a Google project since its inception. The Chromium codebase is also used by browsers like M$ Edge, both chrome and edge are not known for privacy. Since the chromium browser is the most popular engine used for browsers, it seems to be attacked more often than other browser engines, due to its popularity and literally being installed by default on most devices.

    Just look at the news around all the security flaws found in chrome recently and the constant patching. Chromium is like windows, it is popular therefore attacked more often and there are numerous news stories around security flaws relating to windows and chromium based browsers like edge getting very severe bugs.

    Google maintains the chromium codebase, they obviously want to take the code in their own direction, their direction being web dominance from a browser engine perspective. To fork something like Chromium is just literally relying on google itself for your browser codebase.

    One can also see past the marketing behind Brave, they constantly compare their browser to default configurations of other browsers, as if appealing to noobs only. But if one were to really want privacy in a browser, they would be looking to take extra steps to harden it and not relying on defaults for convenience sake. Turning off Javascript is one form of hardening not on by default in most browsers due to its inconvenience. But hey, privacy comes at the cost of convenience.

    1. Iron Heart said on August 4, 2022 at 8:49 pm
      Reply

      @Anonymous123

      > inferior to Firefox

      Sure thing, friend.

      Chromium: 80% market share
      Firefox: 3% market share

      Firefox is not a luxury article, anyone can download it for free. There isn’t exactly a lack of awareness either as Firefox used to have 30% market share in 2010. Most of the people from back then are still alive and know of Firefox, you see.

      So obviously, Firefox lost users to Chromium (mainly Chrome, but now also Edge), and obviously has not enough of a pull factor to draw anyone back either. How does that work if the product is supposedly superior?

      Maybe Firefox works better for you, I don’t know and can’t know. But it’s not the case for the majority of people, obviously.

      > Chromium has been a Google project since its inception

      Mozilla is a Google project too in all but name, look at their finances for more info.

      > Since the chromium browser is the most popular engine used for browsers, it seems to be attacked more often than other browser engines, due to its popularity and literally being installed by default on most devices.

      Yes, this is correct. If you have 80% market share or so, you have “main target” written all over you. That’s just the burden of the leader. As you correctly state, Windows is in a similar situation. However, a large part of the gHacks crowd is oftentimes worrisomely stupid, but there are also some propagandists, in both cases this crowd here claims that “less used” means “more secure”, which is a complete non-sequitur and a massive lie. Firefox lacks real site isolation and has a laughable sandbox. For example, they are putting multiple webpages in the same content process since their content processes are hard-limited to 8 (eight), which is just amateurish design. People claim it uses Rust, but the most-attacked components of Firefox aren’t actually written in Rust as of now. However, due to its low market share, it is naturally less attacked, and less attacked means better engineered, right? Except when it doesn’t, but that’s the gHacks crowd for you.

      > Google maintains the chromium codebase, they obviously want to take the code in their own direction, their direction being web dominance from a browser engine perspective. To fork something like Chromium is just literally relying on google itself for your browser codebase.

      Yeah, you miss an important point though. You can do whatever you like with your fork of the Chromium codebase, including disabling support for web standards or features you don’t like / support. I don’t see how that’s any better or worse than Firefox disabling or not implementing these features, Chromium forks not having them (enabled) are in pretty much the same position if Google really started use malicious web standards somewhere. Not sure why we need Firefox to flip a switch, or patch it out.

      > they constantly compare their browser to default configurations of other browsers, as if appealing to noobs only

      No my dude, there are two good reasons for that:

      1) Most people, you call them noobs, I prefer to just call them people, are using the browser with the default settings. There is nothing wrong with that – not everyone has the time or the inclination to mess with the settings. Offering good defaults therefore has value and should probably be Mozilla’s goal too.

      2) The defaults are important for fingerprinting defense. In order to fend off advanced fingerprinting scripts, you need to “hide” in a big enough crowd. A large crowd whose browser installations behave the same, and that’s only possible with the defaults. Tor Browser Bundle and Brave follow this approach. Firefox is unique by default but creating your own still highly unique setup, with an abysmally small crowd using it, is not really fixing that.

      > harden it

      The hardening meme. Eww. See above, doesn’t work against scripts checking even for a fairly modest amount of values. You are still running a highly unique setup.

      Tell me, how does being the 1 out of 10.000 people who disables WebGL, IPv6, WebRTC etc. fix your problems? It doesn’t, you are sticking out like a sore thumb, mate. Good defaults matter.

      > But hey, privacy comes at the cost of convenience

      Nobody needs to disable JavaScript. Brave filters most tracking scripts by default and if a (fingerprinting) script manages to get through, there is a second line of defense. Disabling JavaScript is just annoying and also complete theater, in my opinion.

  10. Andy Prough said on August 4, 2022 at 6:52 am
    Reply

    >”Now You: do you use Brave?”

    Sometimes I do, but not in its default configuration. I use aggressive anti-fingerprinting, aggressive anti-tracking, disable js by default, delete cookies immediately by default, disable all of Brave’s built-in hooks for google and social media, un-default the awful brave search. Among other things.

    Even with all those changes, I probably don’t use it once a week.

    1. ShintoPlasm said on August 4, 2022 at 10:42 am
      Reply

      Why do you call Brave Search awful?

  11. anonymous said on August 4, 2022 at 1:36 am
    Reply

    I would like to see in brave the ability to cache to ram instead of disk in the settings.

    1. Anonymous said on August 4, 2022 at 1:29 pm
      Reply

      Which browsers (and on what OS/platform) allow you to cache to ram?

      1. Shiva said on August 4, 2022 at 9:01 pm
        Reply

        I don’t know exactly.

        On Firefox and Thunderbird is available this parameter in about:config:
        browser.cache.disk.parent_directory

        On Edge you can add a registry entry (it should include %LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache and Code Cache folders:
        HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge -> DiskCacheDir

        On Internet Explorer you can change the temporary files folder from the preferences.

        For the rest I guess you can use symbolic links and I don’t know for other browsers or OS besides Windows. From the site above there is ‘SoftPerfect Cache Relocator’.

    2. Shiva said on August 4, 2022 at 12:29 pm
      Reply
  12. hSahS said on August 4, 2022 at 12:10 am
    Reply

    While the developer stubbornly refuses to offer a portable version of Brave, I refuse any version! (I don’t know why you are deleting comments, a portable version is imperative!)

    1. Allwynd said on August 4, 2022 at 4:29 pm
      Reply

      They are not deleting comments, the website is just garbage like that.

  13. hSaSh said on August 4, 2022 at 12:09 am
    Reply

    While the developer stubbornly refuses to offer a portable version of Brave, I refuse any version! (I don’t know why you are deleting comments, a portable version is imperative!)

    1. Thomas Lee said on August 5, 2022 at 3:31 am
      Reply

      LOL… what an ignorant comment.
      Seriously, the only few relevant Chromium forks that offer a standalone version are Vivaldi and Opera, and I said Standalone because they are not portable. There is a difference between Portable vs STANDALONE, well, Chromium browsers have a decent way to encrypting files by the OS, so you can’t run those Opera or Vivaldi standalone versions and then have cookies and passwords and some important Secured Preferences stuff from one computer to the other, no decent browser that thinks about security would allow that, that’s why Sync exists, so no, no real relevant decent Chromium browser has a portable, why would Brave does?

      Standalone is just User data files exist in the same folder where you unzip/install the standalone version, that’s it.

      Guess what? you can do that with Brave! Brave has a zipped version in Github releases, it will obviously use Local Appdata for the storing of the profiles, but you can create a shortcut or run it through CMD and change the profile location with a simple –user-data-dir=”.\User Data” or whatever you want to do with it, which is exactly what those standalone versions do. Also Brave apparently has disable-machine-id and disable-encryption-win switches you can start the browser with, but I doubt they work.

      Anyway, the point is you can get a standalone version easily, any respectable Chromium browser will not let you disable encryption easy and be able to have your passwords and cookies go from one computer to the other, so that’s why they are “standalone”, even if you want to pretend a portable version is anything smart to have. I mean, users like you shouldn’t exist on the internet, you get hacked or your passwords stolen or anything and then you cry and blame Brave for being insecure.

    2. Steve99 said on August 4, 2022 at 4:41 pm
      Reply

      I agree about portable, it is just one of the many reasons why I love Brave; which always offers portable versions in more flavors to satisfy even the staunchest of critics… See direct link below for the current versions…

      https://github.com/brave/brave-browser/releases/tag/v1.42.86

      or for future releases…
      https://github.com/brave/brave-browser/releases/t

    3. Iron Heart said on August 4, 2022 at 8:17 am
      Reply
  14. Anonymous said on August 3, 2022 at 11:19 pm
    Reply

    Yes, I use Brave but as a secondary browser to LibreWolf.
    The latter has problems rendering some sites but otherwise seems a reasonable browser. TOR was too slow and I don’t really need its privacy, nor its false sense of security.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.