This had two results for me -- the first is that my employer has forcibly uninstalled all brave installations in our company and has forbidden its use, and the second is that I have voluntarily uninstalled brave from my personal machines.
Yep, they need to immediately issue a "this was an accident, we're really sorry, and it will never happen again" or else they need to accept that this is the rational response
I use Brave and I'm not super disturbed by this. The Windows Service isn't even running, it's just installed (presumably to reduce friction in the case I were to start using their VPN I wouldn't have to go through an additional installation process). Sure, it's a little bit more intrusive than is ideal for people who like to keep a close on what gets installed into Services, but at the end of the day, is there a real problem here?
You have a service thats installed for one-click operations from Brave customers that want to use their VPN. The VPN service doesn't run in the background post-installation and no tunnels are established.
I see the customer experience reasoning here. Can someone explain the actual risks - I'm not seeing any.
Unsolicited, a company, whether I trust them or not, has said "Hey, I'm gonna install this network interface on your computer. Don't worry I won't turn it on unless you tell me to, but if I do, then all your traffic will pass through me. It's there just in case you need it. But don't worry, I won't flip the switch until you tell me to. I can, but I won't. It's not a big deal. Trust me."
I'm really not keen on this. In order to install a service, Brave's update agent must have Administrator level privileges on the system, which is how it is setup on the default system-wide install. I didn't install a VPN Provider when I installed Brave, I installed a browser. The action to, by default, add additional network interfaces to my machine, that given that the updater has the permissions to install, also has the permissions to activate, could at any point send all traffic on my machine through that Wireguard tunnel that I did not knowingly authorize the install of.
We all assume risks when we install software made by other folks, regardless of whether we can view its source or not. We have to provide some implicit trust to the makers of software to make choices that are inline with our desires and interests as a result of that. For me, this is a choice that is in violation of that trust, and that's not acceptable to me.
I'm not sure I'm going to die on this hill, but Brave has certainly reached a new level of the trust thermocline, and like others, I'm going to be evaluating whether I keep their browser on my systems going forward.
note that each of these has their own issues. From a security/privacy pov, Mull, Mullvad Browser, and Tor Browser are generally most respected. I'm not familiar with floorp or pulse.
LibreWolf is one of the better Firefox forks but it doesn't have automatic updates and you're relying on a relatively small team to keep it up-to-date.
At that point, Mullvad Browser would be a better choice.
That's not accurate. LibreWolf has an automatic updater for Windows.[1] On Linux, updates for most applications are handled by the operating system's package manager, and LibreWolf also maintains a Flatpak.[2] On macOS, LibreWolf has a Homebrew cask.[3] Flatpak and Homebrew can be configured for automatic updates.
I've been very satisifed with LibreWolf and haven't experienced any significant issues.
> Mullvad Browser would be a better choice
Mullvad Browser is a nice fork, but it doesn't include any syncing (like Firefox Sync), which makes it a non-starter as a primary browser for anyone who uses that feature.
That doesn't mean it was an accident, it could just mean that they realized it's a problem. Especially as this issue was opened after this HN submission got posted.
Issue opened 3 hours ago, thread posted 2 hours ago. I look at Brave with skepticism as one should with a company that flirts with crypto, but in giving them a fair shake, it's important to keep the facts straight. That said, in keeping the facts straight, an issue opened a week ago citing this as a problem was closed in favor of the one opened by the Brave VP.
It’s a publicly viewable GitHub issue that people can still navigate to or comment on, it’s not like it was scrubbed. It’s surely a PR move to show they’re on top of it but not anything to read into in my opinion.
Most voiced complaints are (as neutral as possible):
- past CEO personal belief on LGTB rights
- If opted in, blocking ads while showing their own ads as system notification (ads are not being replaced in page)
- hijacking typed-in domains in the address bar by adding their affiliate code on select domains related to crypto (reverted after backslash)
- Tips (using their crypto coin BAT) to Content Creators not using Brave being held indefinitely until withdrawn by Creator (behavior changed after backslash)
and now:
- VPN services being installed automatically if browser has admin rights on Windows.
Edit: I'm just listing what I have been hearing the most on HN.
First is irrelevant to whether the product is good, I don't care about purity tests.
The rest of the list, minus the end, is them trying to make money without selling data. That actually makes me more confident about their belief in their stated values. Last one is an "accidental" oversight, probably to boost install numbers. They decided to change it without backlash first. Again, good move.
To my understanding you can't match it with just js extensions.
Only firefox on the highest security mode comes close I think?
Or ungoogled chromium? (brave has most of their patches IIRC)
Are there other options that have this number of patches? I'm not saying I like the company but I think it's incorrect to say they don't do anything for privacy.
Number of patches seems like a very bad metric. Especially since many of braves patches are not about security or privacy, but rather implementing their custom stuff on top of it. I clicked around that github folder and of around 15-ish patches I looked at it seemed like at least 13 were UI-customization and not privacy-focused.
Brave has also stolen lots of patches and merged them into their codebase against the respective license(s) of the developers who found and patched the gapping security issues.
I remember quite the slap fight in the Github issues section.
On all platforms, Firefox. Firefox is a little disppointing in that it’s still bundled with stuff you probably don’t want, but it’s far far less objectionable than Chrome, Edge, Brave.
You might wanna take a look at Orion browser by Kagi. Built on WebKit like Safari, but not open-source (yet, as they say). The interesting part is that it supports addons from both Chrome and FF.
I'm fairly sure AdGuard works fine on Safari, though I have heard its performance is lacking -- shame, as Safari is a great little browser (despite my personal dislike for macOS).
That doesn't make it a non-shit ISP, though. And, honestly, there isn't a commercial VPN provider that I trust at all. Most of them are extremely questionable. I'm certain some aren't, and perhaps Mullvad is one of those, but it's impossible for me to know one way or another so I avoid them all.
For privacy I trust mullvad more than my ISP and I think they have the track record to back it up. If your ISP is shit in other ways then a VPN does not help of course.
All a VPN does is either move a bit of trust to the VPN or move your apparent IP to another ASN/location. The first of those can be helpful for dealing with some ISPs,
Honestly, though they are hyped a bit much to the general public, I have almost all my traffic on endpoints routed to ProtonVPN. Better than nothing and fuck ATT.
Honestly, Firefox with all the "privacy" addons I have (NoScript, CookieMaster, uBlock, Decentraleyes, behind a PiHole), the experience I have on the web is probably closer to Lynx than it is to stock Chrome in that it's heavily content-focused.
No, links is (was?) ab updated branch of lynx that optionally does images, media loading, and some simple JavaScript. I haven't used it for quite a while, at least a decade.
FF installs plugins without your consent. Brave installs software which can circumvent security controls without your consent.
Safari has no plugins and is Mac/iOS-only. Chrome is designed to be as privacy invasive as humanly possible. I think Edge is right behind it and has the added insult of looking like a Fischer-Price toy.
Arc, Vivaldi, Orion, and Opera are irrelevant jokes. I wouldn’t trust Pale Moon, Waterfox, Ungoogled Chromuim, etc. because I still remember Iron Browser.
I can’t use Google Meet on Lynx. Even if I could use Google Meet on Surf, I wouldn’t want to because the authors are Neo-Nazi trash.
Orion's just getting started. I trust in Kagi, for now. To cavil about "relevance" means you dismiss grassroots alternatives before they even have a chance.
Safari has plug-ins, Apple just calls them extensions.
Why wouldn't you use say, Vivaldi? Sure, they're irrelevant in the market, but their product is good and likely what I'd be using if I wasn't using Brave.
I tried it and it didn’t seem to provide any features not present in other browsers outside of the significant extension support, which isn’t really relevant for me (I rely heavily on like three FF extensions, if you have those I don’t really need Chrome extensions on top). It didn’t seem noticeably faster or more performant. It has no market share, which almost always means worse support overall. I don’t know of any security audits performed and I have no experience with Kagi so I don’t know if they are trustworthy.
Another comment pointed out since the browser is in beta, this might be premature judgement. That’s a good point.
It looks like, on Windows, Brave installs their VPN service in a state that requires them to be started manually. They aren’t disabled, but they also aren’t running. It’s not great, but also doesn’t seem like a pitchforkable offense. Maybe I’m too much of a Brave fan, though. I probably use it 50% of the time and FF the other 50%.
I use Brave on iOS because it has a list of great features like downloading videos for offline viewing (with no ads). And has great adblocking baked in. On desktop it’s kinda random, but I slightly favor FF just out of the principle of fighting the browser monoculture.
Sure other shitheads-run browsers do this, but that does not make it OK to bundle software for new services into an update without getting user consent.
"Do you want to install Brave Vpn with your update?"
The added software is their implementation detail, not your individual concern. Presumably, you've given permissions to run the application that didn't change (it was always capable of doing this and you initially agreed) or required you to consent to new changes to run it. This is as banal as including an extra npm package that takes slightly more work to execute.
I know right? I was very excited for Bat and the whole brave browser now I'm back on Firefox because I just can't be bothered keeping up with who is doing what privacy eroding "feature" this week.
Brave bundles VPN software with their privacy focused browser. Web privacy focused people tend to distrust everything by default. Web privacy focused people begin thinking of Brave someday turning on the VPN service and tunneling your traffic through VPN nodes they control with nefarious intent.
I think that's the gist. Tbh, just installing a service that's disabled is, by itself, not that scary to me. If they were to ever turn it on without my consent, that's a real problem.
> Web privacy focused people begin thinking of Brave someday turning on the VPN service and tunneling your traffic through VPN nodes they control with nefarious intent.
No, it is more that any one company that installs unwanted stuff on my computer is probably not some thing I trust as a privacy-focused software. Besides that VPN services have extremely broad permissions to look at or modify traffic, so it might be a attack target if not properly secured (which it might not be if it was "accidentally" installed). It also might signal that brave is looking to become a much broader company besides their current browser-crypto-ads thing, which is worrying for privacy.
There are many reasons for an accidentally or not-really-accidentally vpn service being installed behind the users back is alarming.
> It also might signal that brave is looking to become a much broader company besides their current browser-crypto-ads thing, which is worrying for privacy
Soft agree, while noting that from their perspective, browsers are not a profitable offering, so they likely _need_ to expand to a broader product offering, without grant funding. Google has their obvious reasons for being in the browser market, Firefox receives grants if I remember correctly, Safari I assume only exists so Apple can attempt to keep people in their walled garden of software offerings. How do the maintainers of Brave get to make a living? Either by selling you something or selling you. I'd rather them try to sell me something, personally.
That said, I'm a current Brave user that still has one foot in the door for Firefox. If they keep this up, I might be back.
Sure, but that is worrying from a privacy perspective. For any other venture their value is their current installed base so they will probably try to use that either via bundling (as might have been the case here) or via cross-marketing (which is usually not privacy-friendly).
Either way I think a privacy-focused company not making enough money to survive on their (hopefully privacy-focused) products is not a good thing. Brave has been going through this for quite some time with BAT and crypto ads, mozilla has been going through it even longer with bloating expenses and google income.
Safari and Firefox development are both pretty much funded by Google paying them to be the default search engine. (Which is obviously hilarious from a privacy perspective)
Or without nefarious intent. I find it sketchy regardless of the intent behind it.
> just installing a service that's disabled is, by itself, not that scary to me.
It's not that it's scary, it's that it's intrusive. If you want to install stuff on my machine, get my consent first -- even if it's disabled by default.
> If you want to install stuff on my machine, get my consent first
I assume from their perspective, they have your consent, as you downloaded their browser install wizard and installed their product, including its widgets. But I agree, they should itemize all their widgets, and not install them by default. Though I am a bit jaded in this area, as most desktop software seems to come with widgets that install by default.
They installed their homemade VPN as part of the general browser install, without disclosing it or giving users ability to opt-out.
It's now possible for them to start proxying traffic through their servers, also without disclosing it to you. While this is likely just a case of them aggressively bundling their paid service bloatware, the fact that it's built into the app should be concerning.
Why would they need the in-between step of installing-but-disabling it first? If they are planning to do that, and you already have Brave installed, can't they just install it at that point?
I believe the concern is that the installed VPN can act as a man in the middle, watching all your IP traffic, in the worst case, and doing god knows what with the data in it.
Windows service entries are more like systemd unit files aren't they. I don't think brave starts a vpn or downloads any separate binary onto your pc without asking you.
So I was really disappointed in Firefox as my second browser (first is Safari; yeah it's the platform lock; Apple should be forced to open it up). So few days back I decided to set up on my new (2020) MacBook Air and this time I installed Brave.
Goodness! It's a dumpster fire. Wallets, crypto, and what not - all over. I scrambled around and disabled, fixed some and all that but then things kept happening and I panicked and immediately uninstalled it clean and then installed Firefox. I will keep cursing Mozilla for actively and consistently ruining Firefox but this really is the better browser out there, even now. Unless there are others that I have not tried. Vivaldi, Opera? Are they good now?
Is Camino living in shape or form even now? I would not mind a Mozilla blessed theme/extension pack that turns Firefox into Camino of olden times. But the best would be forcing Apple to open the OS' browser gates.
That seems odd. Like, yeah, it has a bunch of stuff, but it's also very easy to toss out what you don't like. Just right click whatever elements in the browser UI you don't like and they're gone, new tab page is customizable. The rest is checking Appearance settings and that's it. You get Chrome, but better, more or less.
What lock are you talking about on macOS? What gates should Apple open and why? You can use any browser you wish, be it Firefox, Chrome, Brave, whatever. I have been using Macs since 2008 and can't remember myself using Safari for anything else then just to download Firefox or Chromium-based something...
I think I messed up my comment mixing locking of browser space on iOS and added that to macOS as well but yes that’s not the case. But then what could be the reason Firefox feels very slow and not as performnat compared to Safari - I think Appel may not be to blame?
Anyway that’s what I meant and I was wrong. My bad.
At first sniff this felt dodgy to me, but then when I thought about it: a software update pushes arbitrary code to your machine that you willingly execute. You either take the risk and live with it or don’t.
My main is Firefox but I have to occasionally use a Chromium based browser. Used to use Edge before it went to shit and have been using Brave ever since. Is there a better alternative?
Same, I'm using Firefox for everything at work but unfortunately many Google services (GCP, Meet) don't work as well on Firefox as they do on Chrome. For that reason I'm using https://choosy.app to define which urls open in which browser, works very nicely!
For Linux users, Junction is a FOSS browser picker that works just like Choosy does on macOS. These browser pickers are more flexible than selecting just one default browser, and being able to inspect URLs before opening them is a nice security feature.
