To be fair looking at the commit where it got merged, it was for a pre-release beta build for Android and release notes specifically say
> That is a very first beta version of Brave Rewards on Android. It is pointed on test network. DO NOT TRANSFER REAL MONEY!!! We use SafetyNet API for device attestation.There are grants available on first run. There are no grants on devices where attestation is failed(rooted devices, emulators). Auto-contribution time is set to 10 minutes, just for test purposes. Couple of verified pub on staging:
duckduckgo.com
3zsistemi.si
A lot of people on the internet seem to be advocating it but reading the Wikipedia article they seem to have a business model of replacing website adverts with their own. Which doesn't seem all that ethical.
The benefit would be to early investors, and they get to be in the dirty world of adtech while engaging in some ethical duck and cover. It’s nice that the default blocks ads, but we all know how easy it is to flip that switch down the line. At its core, it presents itself as a kind of profit-sharing alt-ads cum adblocker, which is supposed to be a compromise between supporing the ad model of the internet and personal privacy. In practice it seems like an ethical black hole, but one with some big names invested in it, and loads of hype.
Personally I think compromises with the ad industry only end one way, and the addition of cryptocurrency into the mix should set of alarm bells.
Maybe, but that’s not even orthogonal to my point, and unrelated to my post or this topic. I’m not going to engage in a trite debate over well-worn ideological ground in which you scream “freeloaders” and I talk about the right to fast forward through ads, or turn down the volume on the radio during ads. Instead I’ll just say that a majority of users believe that their computers are their property, and have the right to control what runs on them. This is especially true when advertisers have shown contempt for user privacy and even whether or not they deliver malware.
Beyond that, I hope that you can start responding to things I’ve actually said, instead of just responding with “pithy” and tangential one-liners. I’m not interested in an intellectually bankrupt form of posturing in place of real debate.
Sorry for nitpicking, but I just couldn't get this to leave my mind. I understand that you were going for a wordplay with "not even wrong", but I'm still trying to imagine whether there's a geometric interpretation to make sense of this.
Would this imply that the angle between the two things cannot be defined? If so, what would be a possible situation here?
I have to admit that it was just a play on words, and except for dragonwriter’s formulation I have nothing to offer on this one. On the other hand I enjoyed your comment, and didn’t find it nitpicky at all.
> but I'm still trying to imagine whether there's a geometric interpretation to make sense of this.
Well, I suppose there's a framework in which orthogonal could imply coplanar and so skew lines would.be “not even orthogonal”; particularly they'd have no contact at all irrespective of relative alignment.
Whether people who block ads on advertiser-supported websites are "freeloaders" is a worthwhile question, but "we live in a consumer-driven society buying products from companies that use part of their revenue to advertise more products to us, ergo you should not object to me blocking ads on your website" strikes me as a bit of a shaky argument.
> I’m not going to engage in a trite debate over well-worn ideological ground in which you scream “freeloaders”
You must have me mistaken for another commenter. I never said the word "freeloaders." Perhaps are you projecting?
Turning down the volume on the radio doesn't involve hijacking any DRM or ad tech. It's built into the hardware. To wit: The analogy is bogus.
Do you have the right to control what runs on your computer when you don't own the copyright? The answer to that is no. The copyright owner decides that. You can opt out by not visiting your favorite sites in the future. Please take a stand and do not visit them.
> Beyond that, I hope that you can start responding to things I’ve actually said, instead of just responding with “pithy” and tangential one-liners. I’m not interested in an intellectually bankrupt form of posturing in place of real debate.
Do you have the right to control what runs on your computer when you don't own the copyright? The answer to that is no.
This is factually incorrect, as has been pointed out elsewhere in this thread. You can do whatever you like with what’s runs on your computer, assuming that you legally acquired it. Feel free to levy a moral objection if you like, but don’t pretend that your personal hangups are reflected in law. Your right to play with something on your computer is the same as your right to remix music you own; it only ends if you try to distribute it.
I think this may be a little dismissive. I use adblockers, but it has nothing to do with revenue streams or philosophical reasons. Ad companies have time and again shown they cannot be trusted with my machine. Whether it's sticking me in a redirect loops, telling me I have a virus, redirecting and disabling the back button, vibrating my phone, making loud noises, etc etc. I'm done giving them chances until I know these problems have been solved. I understand this may harm the good actors, which is why I'm surprised these issues still exist.
You perform like fifty redirects in a row, and when you try to go ”back” it just redirects you forward to where you were. Eventually the browser hangs as you mash the back button, and the redirect chain fires off again. It’s a fucking shitty practice.
tl;dr: you can insert whatever page into the browser's history so when you click the back button the browser navigates to that specific page.
Google is working on preventing it in Chromium [1]
Internet users are entitled to all resources returned to their user agent by a request.
I know businesses want to pretend the web works like television, or radio, or newspapers, but it doesn't.
Whatever a site sends me as a response to a request is mine. It's mine. The transaction is completed, the response belongs to me and I can do whatever I want with it. I can not run the javascript. I can run my own javascript. I can mess with the HTML and CSS. I can choose not to view the ads. Hell, Brave is based on and works on this premise, it injects its own ads. They can do that. I can do that. I have no reason to do that, but I could.
That's the way the web works, has always worked, and will always work. And it's the reason ads on the internet were doomed from the start. The only reason they worked, at all, to begin with is that the public wasn't aware that ad blocking was possible, and browsers weren't capable of it, but the underlying capability was always there, it was always implicit to the way the request/response model of the web worked.
The only group acting entitled are businesses. They feel entitled to more control over the end user's experience than they have. If they want that kind of control, they can put up a paywall. Or go back to old media. Or accept the true nature of the field they're playing on, that they cannot have complete control over the end state of their content on the web. They cannot force the end user to endure their advertising if they don't want to.
> Internet users are entitled to all resources returned to their user agent by a request.
This is legally false. If a digital artist creates a painting and puts it up on their website, and you go view it, it does not become yours. The artist retains the copyright to the work, and not only is it illegal for you to then sell prints of it, but a violation of ethics, to boot.
>If a digital artist creates a painting and puts it up on their website, and you go view it, it does not become yours.
Of course the image is mine, just as an image of the painting in a newspaper or brochure would be mine, it's a copy freely distributed by the copyright owner. I'm perfectly within my legal rights to do whatever I want with it, within the confines of the browser.
I'm not claiming i have the right to sell it or anything, but I absolutely do have the right to decide whether or not it shows up.
Actually you have a lot more rights than that. Your rights stop when you want to distribute unmodified or derivative works without authorization. Nothing is stopping you from remixing ANYTHING* if you have no intent to distribute it.
*if it was legally acquired. Remixing illegal stuff would still be possession of illegal stuff.
Please stop abusing "ethics" to force your own moral framework on other people. This isn't what it is, and on top of that (given that it's different for everyone) if you need to say it the reader already knows you are wrong.
When did I mention "ethics" or any moral framework?
It's simply a matter of common sense, legal precedent and the way HTTP works.
To claim otherwise would mean companies have the right to force me not to alter the content of their responses in my browser, in order to guarantee their ads are viewed. If this were true, all browsers and many plugins would already be illegal, as would ad blockers, whose legality has been confirmed in multiple court cases.
Ethics and morality don't enter into the discussion. If I want to support a site by viewing their ads, I can. If I don't, I don't have to. The choice is mine to make. Sites depending on ad revenue, meanwhile, can try as hard as they want to convince me to choose to view their ads, but they have no legal right, nor technical ability to make me, as long as we're talking about content that can be filtered out of an HTTP response by a browser I control.
Information is free. The person using it has the obligation to be a good steward of humanity and it's use. We're getting better at it, but throwing up walled gardens is not the answer.
For me, it offers a faster browsing experience than Chrome, and privacy at least as good as Firefox.
I used to use both of these popular browsers, and now I'm all-in on Brave. Chrome is fast but has well-documented privacy issues. But even running various tracker blockers and a Pi-Hole, Chrome wasn't nearly as fast as Brave (without additional blockers or the Pi-Hole).
I like to support Mozilla/Firefox, and Firefox has been my daily driver for most of the last two decades. But it just isn't as fast as Chrome (let alone Brave). It has better privacy than Chrome, and the inimitable Tree Style Tabs, but it takes noticeably longer to open new tabs and load pages.
I moved over to Brave once they started supporting Chrome extensions. I have found that my MBP's fan kicks on much less often than before on Chrome/Firefox, and the battery lasts longer as well. While I miss the TST that I enjoyed on FF, I'm getting by with Sidewise. The inconvenience of having the tabs loaded in a separate window is massively outweighed by the speed/privacy benefits of Brave.
As for the ethics of ad-replacement, this is a bigger question. If the baseline were "everyone has ads everywhere", this could be seen as an unethical alternative. But the baseline is "many people (and presumably nearly everyone who is savvy enough to install Brave) use adblockers". So it's not like they're going from seeing ads to not seeing ads. They're going from blocking them with one system to blocking and replacing them with another system. And they can send the revenue from the replacement ads to the websites they spend time on.
The problem isn't Firefox. The problem is chrome. Since it has a biggest market share and most of the web developers use it. Websites tend to be more optimized for Chromium engine than Firefox. I moved to Firefox and Gmail and other google apps work terribly slow. I'm trying to find a new email provider now . Does anyone have recommendations?
Yeah supports all of the Chrome extensions I use, including Sidewise, Hacker News Enhancement Suite, and BeeLine Reader. I think some extensions may not work yet, but I’ve not come across any problems so far.
One interesting aspect is that they intend to integrate the ad matching & serving engine right into the browser. Thus (at least in theory) the browser can still serve "relevant" ads without exposing your clickstream to anyone. According to their materials, you'd have full control over what's collected and how it's used. It's opt-in.
IMHO The model hits the sweet spot for those who don't mind ads in principle but don't trust the ad industry.
It adds a new potential way monetize the web. Currently, the prevailing model is to offer a “free” product, where user data is being collected and sold to whoever is willing to pay.
Brave introduces the ability to pay per use and if you want to, you can opt-in to ads that are targeted based on anonymized data for targeting and you can earn BAT for doing so.
It basically changes the incentive model the ad industry and arguably a lot of the internet.
I don't like Brave's business model, but I like the browser itself. Firefox Mobile just didn't cut it to me. All I wanted was Chromium without Google, and all the privacy features[1] built-in. I'm glad such a browser exists.
I've switched from Brave to Bromite [0]. All of the same features, but no "business" involvement behind it -- just a clean Chromium with sane patches for privacy and security.
> but reading the Wikipedia article they seem to have a business model of replacing website adverts with their own. Which doesn't seem all that ethical.
It seems blindingly obvious that Brave/BAT is in seriously dangerous legal territory. I would be that very close to 0% of the money transferred by BATs has made it to the "rightful" owners, where rightful is "where people paying BATs thought they were going".
If this scheme ever gets any serious attention, positive or negative, it's going to be a spectacular implosion.
Twitter on Firefox android keeps giving me an error saying I have been rate limited and other Firefox users have reported the same. With how horrible twitter is I assume this is a problem on their side.
The “rate limited” error occurs for me on MobileSafari on iOS, so it’s not Firefox related. Reloading the page works fine. It seems to have to do with which referrer took you to Twitter.
Firefox blocks third party trackers by default. In some rate limiting implementation, this often signals a bot that don't often retain tracker cookies.
Does that happen on chrome? I wonder what would happen if you swap out the user agent and have that issue.
Edit: It's working now just fine, even if I am not signed in. Like they suggest below, it seems like that is Twitter being actively malicious to web users, and not Firefox.
For now. If the rise of Google has taught us anything it’s to analyze a business in terms of its likely future, not its present spin and PR. If all it takes to make more money is to flip a switch, then it’s reasonable to worry that such a flip is just a matter of wider adoption and time.
This is a thoughtful idea. What is the Brave endgame after they win a new browser war? Their model would encourage users to donate to spread BATs to creators, but it would be a small portion who did it. They could try to add a premium subscription, but again a minority of users would pay. Probably, it ends up with pressure to turn ads back on like the Adblock extension did, or to pay users to watch ads in a gamified way?
The alternative seems to be either ads/tracking (chrome), or directing people towards search engines owned by competitors (Firefox).
Then again, their whole tech stack is built on a competitors work too. All browsers depend so much on Google now its crazy
I’d prefer you responded to what I actually wrote, rather than a straw man I didn’t write. I can only really refer you back to my original comment, which answers the question, “What’s your point” without the unreasonable framing of my answer.
To reiterate If the rise of Google has taught us anything it’s to analyze a business in terms of its likely future, not its present spin and PR. If all it takes to make more money is to flip a switch, then it’s reasonable to worry that such a flip is just a matter of wider adoption and time.
Brave is a combination of adtech undermining other adtech, cryptocurrency, and a lot of verbiage. I feel that’s a reason to be concerned when the line between said verbiage and future profits (assuming widespread adoption rather than withering away) is the flip of a single option from “opt-in” to “opt-out”.
It may not simply take flipping a switch to make more money. As far as we all know, Google's value proposition for throwing as many ads as possible in front of us is that they have tons of personal data about their users.
Brave does not offer such value to advertisers (unless they start having people "Sign Up", which would be an effort significantly more difficult than flipping a switch), so where do you suppose the value in throwing as many ads as possible to as many people possible comes in? What value is there in showing me a browser-based ad for something completely irrelevant to me?
That aside, I responded directly to your comment, which basically says that if Organization X does something undesirable, related Organization Y would likely do it as well. On one level, I get it, it's almost agreeable. On another, it seems like you want to hold Brave accountable for the sins of Google, which is almost absurd to me. But hey, that's your right. Can you go ahead and copy/paste the comment again if you continue to disagree? I like being condescended to.
And Brave or similar programs that block ads but can intercept your web browsing wouldn’t be needed if Android had a built in content blocking framework like iOS. Ad blockers in iOS submit a JSON file to Safari that processes those rules. The third party ad blocked has no access to your browsing history.
And the one I use has a novel revenue model that doesn’t require anything shady - I give them money and they give me a product.
With Android Pie, users can just set the DNS to dns.adguard.com and be done with it at the DNS level. Works great on my Pixel so far (past couple months).
I read through the article and people were saying that the static rules limit its effectiveness. I haven’t noticed any difference between the effectiveness of ad blocking in iOS and using something like AdBlock for Chrome on desktops.
It seems like people don’t trust the motives of Google (and rightfully so).
I notice a pretty marked difference between the best ad blocker I could find for iOS (1 BlockerX) and uBlock Origin on Firefox.
The difference in utility is stark enough that if I'm on the road and need to browse the web outside of known-safe sites, I find it more pleasant to do so on my 5.7" Android phone than on my 10" iPad.
It's not just ads, it's also not having the ability to only allow 3rd-party scripts and frames via whitelist.
Since I don't use Safari for "normal" browsing, I can't recall any specific problematic sites, but just opening some random news headlines I get the following unwanted behaviours, roughly half of which are nags to install the iOS app:
* theverge.com - nag to disable ad blocker
* nbcbayarea.com - nag to install app
* youtube.com - nag to install app, autoplaying video, all the rest of the junk that YouTube annoyances blocklist blocks for me with uBlock: https://youtube.adblockplus.me/
* lifehacker.com - annoying animated recommended story gif (to be fair this isn't an ad-blocking issue, it's just a configuration setting that Safari doesn't offer)
* bloomberg.com - nag to install app, nag to subscribe
I’m not getting some of the app install nagware, but I’m
also not getting them when I disable content blockers so it may just be a cookie thing. Also I couldn’t manually block the nagware on the NBC site using the share extension.
I only use YouTube mostly for official AWS videos and then I use CornerTube. I usually don’t see ads. Do content producers get to choose when ads are shown?
> Do content producers get to choose when ads are shown?
That's my understanding. Also a mostly non-YouTube user though, I find the web interface really unpleasant - if I were going to "use" it on a regular basis I'd probably use youtube-dl.
IOS allows you to change rules on the fly. The chrome proposal says they are static and unchangeable, other than whitelisting specific pages. You can't, for example, add or delete a rule. The only way to change rules is to submit a new version of your extension.
One assumes that wasn't an accidental design flaw.
No need to look at motives. The end result matters, and the end result makes it as crippled as Apple's solution. Luckily, Android users will continue to have other options.
Privacy invasive options which kind of defeats half the purpose of ad blockers.
And those “other choices” only work within the browser. Apple’s ad blocking framework works with apps that embed web views using the SafariViewConttroller like Feedly.
And non-privacy invasive options. Your point is a very poor one. Android users can use options that are worse than iOS options, the same as iOS options, or better than iOS options. Most will use the last category, as you would expect.
Android also supports blocking ads throughout the system, not just in WebViews, which is the only option on iOS.
Can you guarantee that your ad blocking framework is not recording and selling your data or be sold to another company that will?
You can buy VPN subscriptions that serve as ad blockers outside of the App Store and just go into settings and configure it yourself. Preferably, host your own VPN host on your computer where you know no third party is intercepting and recording your traffic.
Most ad blockers that people use on Android are open source, e.g. uBlock. While due diligence is good, I don't think I've seen any evidence that would suggest gorhill wants to sell my data. You can't compare an ad blocking extension to an entirely different browser (Brave) as a whole. uBlock runs on regular old Firefox for Android.
I appreciate that it would be nice if Google gave us the option to block stuff in Webviews, but it's not a replacement for having a real ad blocker like uBlock that is much more complicated and has many more features. I think the person you are talking to is mainly criticizing Apple for not letting you use such an ad blocker on their OS.
What are these extra features? I asked earlier about posting a link to some pages where ads aren’t blocked by 1Blocker but are blocked by Firefox + extension.
What percentage of people have the requisite knowledge to do that? The Heartbleed bug was in open source software for over a year before anyone noticed it.
This could be avoided by only running programs written in safer languages. C/++ allows for very very hard to spot bugs that can cause serious issues like heartbleed. You would have to try a lot harder to hide such a thing in a haskell program .
Since all five widely implemented platforms (iOS, Android, MacOS, Windows, and Linux) and most mainstream open source software is written in C, that would be a tough lift. Also since there are far more people who know C than Haskell, that kind of gets rid of the “many eyes” defense.
There may be fewer people able to read haskell but I would say fewer are needed to verify that a program doesn't have unexpected behavior. Also languages like rust are becoming bigger which should help.
Sure there is a lot of C floating around but there is a solution in sight and there is some amount of effort being put in to rewriting things in Rust.
You don’t have to trust the ad blockers. The operating system won’t let ad blockers have access to your browser history. If you want to see how the ad blocking framework on iOS, you are free to go over to WebKit.org.
You really think people are auditing all of the open source software you are using? Where were they the year and a half the HeartBleed bug was out in the wild?
Nobody is claiming it stops all vulnerabilities, so let's get that straw man out of the way.
I'm saying it's significantly better than the alternative, and you continue to ignore that point. For example, reproducible builds directly stops XCodeGhost from ever happening, which was the single largest mobile malware infection in history by a wide margin. As another example, heartbleed has nothing on this 15 year old MacOS bug. https://www.macworld.com/article/3250125/macs/full-macos-com...
So a vulnerability that affects a phone with 12% market share if you downloaded an infected app is larger than a bug that affected all Android phones and all you needed was a phone number?
There have been no Stagefright malware infections ever reported. Compare to nearly half a billion XCodeGhost infections, which reproducible builds stop cold. When it comes to results, the Android security model is peachy compared to iOS's. https://www.theregister.co.uk/2017/02/15/google_stagefright_...
Even though 95% and 99% of phones were vulnerable and many never got patched, there was really no problem because few were affected?
I live in a neighborhood that has never had a reported break in. Does that mean I’m not more vulnerable if I leave my door unlocked and post a huge sign outside letting everyone know?
There are many layers of security in modern OSes. Apple ignores many of them to the peril of their customers, and it shows in the results. In your example, many Android devices left the door unlocked but had a security guard. Apple locked the door but the lock on the door allowed many other keys to work.
What security guard? There was no security that kept Android from being vulnerable. It would have been just as easy for someone to infect the Android build chain.
Even if you look at something like the way that third party keyboards work on Android, it’s a security nightmare.
On iOS, users have to explicitly go into settings to add a third party keyboard and even then it doesn’t have network access by default. The user has to go back into settings to enable the keyboard to have network access and then they get a big scary warning. Android users happily install keyloggers.
Also, even after you both install the keyboard and give the keyboard network access, iOS still switches back to the default keyboard when entering passwords.
Do you really think that Apple review goes through and reviews the whole JSON file that a third party content blocker creates and submits to Safari? Apple doesn’t sell ads, why would they care what is blocked?
Employee here- I haven’t seen an official comment here yet
The JSON file that was linked to does have partner domains which (when the header is present) the website will provide a specific integration. When those specific partner sites are visited, the headers are sent with the request
An example someone mentioned here already is marketwatch. They have a promotion where you can sign up for a free subscription if you use Brave
The browser is open source and nothing is being hidden- although this and the whitelist (used for a better webcompat experience) could be better documented
Should these lists be shown in the UI and configurable? (ex: disableable?) I wonder what a better experience would look like for people that don’t want this functionality
I reviewed with team and created https://github.com/brave/brave-browser/issues/3301 to track this (folks are welcome to give it thumbs up). The fix for this should be something we can deliver in our next product release (0.60.x - 9 days from now)
I do have to wonder if this is as egregious as some of the comments between the two threads would make it seem given that this is an open-source project.
It's just that I looked for curiosity in the source-code and found the whitelist (and separated
the threads to not create confusion) but I'm sure people with more time would find more.
Don't get me wrong I applaud the fact that you dug through the code and let the rest of us know. People (including myself) take things at face value too much these days :).
Their full mission is "We're reinventing the browser as a user-first platform for speed, privacy, better ads, and beyond
", therefore I guess this is for a "better ads" ;-)
This is why I can't support Brave. They see it as a foregone conclusion that the only way to make sure the internet doesn't starve it so make sure we all watch ads, and they think that if they can make the ads nicer, we'll all watch them. They gave Brave tools to hide some or most ads hoping that this will make us willingly watch other ads.
How about no? How about we find a better way to not starve than making sure everyone is fed their daily dose of manipulative marketing materials?
What I take from it is that the point of Brave is to keep your data yours. It wasn't to get rid of ads entirely. The internet has become a data mining project in which your time, attention, and data is straight up stolen (or worse given away) and then monetized by companies that have long realized that data has tangible value.
The point of Brave (to me) seems to be that it gives you the tools to keep your data secure and provides a way for you to willingly trade it for something of value (BAT). This is done by enabling ads. In essence you are the one being paid for your attention instead of Google or Facebook. The ads are serves by brave but purchased with BAT. So the same people who want to serve you ads need to buy BAT on the open market. This is what gives the token value.
So the point Isn't to get rid of ads. The point is to give you a way to actually get paid for your data. Your data has value and people are going to get paid for it as long as it A) exists and B) is useful to sell you stuff. I think that a tool to actually make people realize the value of their own data is something that we desperately need in this space.
Well, get to it. Give us the solution. Outright rejecting Brave isn't helpful. Newspapers financed themselves through ads for decades, but now because websites try to do the same (while abusing their position) and Brave tries to find a fair middle ground that still respects our privacy and rights, they're suddenly the bad guy.
They haven't even given a valid reason to consider the solution shitty enough to reject. All I could derive from their comment is that they doesn't like ads at all (while ignoring the fact that nobody else has managed to implement a working solution, that ads work, and that Brave is implementing the one solution that has traditionally had plenty of support (micropayments) and some hope of working).
Like, weren't micropayments all the rage just 5 years ago?
Are ads really the problem in itself? I'd say the real problem with ads are ad networks that track you, create a profile of you and use that to personalize ads, meanwhile providing an attack vector for malware and site owners abusing it historically in the form of Flash or other ugly and distracting ways of displaying them. Brave is providing a way to display ads that don't track you and don't infringe on your privacy. I don't see the downside here, only the upside that we can continue to have a 'free' internet where not only the well-off have access to vast swathes of the internet.
Most normal businesses don't provide free access without payment. Until recently, the only ones that did were newspapers. They were financed through ads and to a minor portion subscriptions. If you remove ads, you remove free internet. That's how it works. Unless you propose taxing everybody.
Exactly. Ads are a legacy business model of a legacy distribution system. Too few people have read JPB's excellent "Selling wine without bottles", but that is in full effect here.
The problem is that new content-centric business models have not yet emerged. So, some people remain chained to the old paradigms.
The crisis we have is a gap in vision. People don't realize that driving cost of information distribution to zero means that it no longer has enough scarcity to force the economic transfer of other scarce resources. Basically, what OSS did for commercial software, the Internet did for anything that fits within a 2D screen. Netflix, NYTimes, Fortnite, JK Rowling, and Jenna Jameson are all competitors in a space whose Pixels*Seconds value is commoditized.
Capitalism doesn't thrive unless there is an exponentiating dynamic. The only one available on the Internet is bandwidth capture. Which, for now, translates into attentional capture.
With the imminent arrival of P2P web software (e.g. Beaker Browser) and mesh networking, the tides will turn back towards a creator-centric peer network.
I asked Jonathan Sampson about this and it's a developing conversation. [1]
> For some partners, Brave will set a custom header to identify the browser. We use the Chrome user-agent string, so accounting for traffic coming from Brave is otherwise hard. [...] As an example, if you navigate to https://www.marketwatch.com/ you will notice a custom header. [image of header listing containing X-Brave-Partner: dowjones]
His explanation as to whether this might make a user more prone to fingerprinting was a total cop-out too. It does make you more prone to fingerprinting "but only to their audience" isn't a good enough answer. Customers/partners which users have no control over and are expected to trust Brave executives as acting in their best interest. Where is the foundation that justifies this trust?
That's my exact issue with Brave - though I do like what they're aiming for despite being in the ad-tech business.
I don't think it's the browser's role to police such things, it should be a dumb agent only requesting content, displaying it and not leaking any sensitive stuff.
I believe the way forward is to have another 3rd party where you can manage those things.
Want to create one persona per category of website you visit?
Even go as far as one per website? Doesn't matter, your metadata, you own it and more importantly your browser stays out of that business.
They are just getting started. You have the right to be skeptical but you would be better served turning that skepticism towards Google.
Brave plans to do all machine learning for their ad tech locally in the browser. Can you imagine Google ever doing that to protect their user's privacy?
That's a nice thought, but in reality lots of poorly coded sites out there do UA sniffing instead of feature detection. So lots of sites break (including many Google sites) if they think you don't have Chromium feature sets.
If I was ever trying to scrape a website that blocked my user agent I would just set the user agent to chrome on windows. Every library I have used supports setting whatever UA you want.
Won't lots of sites also break if you don't have Chromium feature set but report you do?
A more descript UA here ("Brave but built on Chromium") seems magnitudes better than imitating a native Chrome UA to avoid bad code that specifically looks for Chrome/ium, no?
At one point they were using a different user agent so that Brave couldn't be blocked. Of course the same people that care about this sort of thing are the same people that want to track you without your consent.
How is this a "backdoor"? They could have just done this in the browser code itself if they wanted to.
Unless you've found some way to change the content of that url without the browser detecting it, I don't understand what you think there is to be concerned about here.
Every day the browser downloads from "laptop-updates" server a list of hosts and list of headers to inject.
This is supposed to help websites to identify that the user is running Brave (but there are other exceptions in the code, like at https://github.com/brave/browser-laptop/blob/master/js/data/... ) but in practice, the Brave developers can inject any header into any website remotely.
Every single Brave installation is uniquely tracked by a "download-id" which makes the backdoor even more powerful.
No one brought up “website oriented” experiments. We’re talking about the browser itself. All modern browsers of them have the ability to download JavaScript and execute it to change functionality. All of them have the ability to toggle behavior remotely. That’s how you experiment, and experiment driven development is how modern software is made.
Finally, you can not be serious mentioning Lynx. It was obsolete in 1996. I know. I was there.
It is not. The Mr. Robot controversy showed that they can remotely install addons, and the Booking controversy showed that they can remotely alter the contents of the "new tab" page.
I used brave on Android some time ago as well. Firefox really wasn't an option back then, as the rendering engine was just to slow for reading webnovels... But adblock is essentially required on mobile because of the energy drain from ads
I ultimately went back to chrome though after I installed blokada. You might want to check that out as well.
You can get it from f-droid if you have that app store already.
To me, Brave left the moral high ground when they became an adtech company. Another harbinger of ill was foisting an ICO on the world -- to sell tickets to the adtech show. To date, Brave's moves have benefitted Brave, and no one else.
They're adding a header to identify Brave browser to sites they have partnerships with, like MarketWatch.com and Cheddar.com.
For example, if you add the header: `X-Brave-Partner: cheddar` to your headers in Chrome, and navigate to cheddar.com you get 3 free months of their paywalled content. (Who pays for a subscription to Cheddar.com?!)
If you think about it, you can start to see why they HAD to add a new Header and not just use a custom Brave UserAgent string.
They currently use Chrome's UA string, if they used a uniquely identifiable string, publishers who weren't on-board with Brave's ad network could start nagging users/trying to get around Brave's ad-switching technology.
> That is a very first beta version of Brave Rewards on Android. It is pointed on test network. DO NOT TRANSFER REAL MONEY!!! We use SafetyNet API for device attestation.There are grants available on first run. There are no grants on devices where attestation is failed(rooted devices, emulators). Auto-contribution time is set to 10 minutes, just for test purposes. Couple of verified pub on staging: duckduckgo.com 3zsistemi.si
Did it make it out? Here is the link
https://github.com/brave/browser-android-tabs/releases/tag/1...