>Yes and no. To start a call, you’ll need to be on the Brave browser. However, people you invite to a call can join from any browser. They just need the call link.
So, most of it already functions on other browsers...they are gating the "start a call" bit. The faq has some details on some sort of encryption relay they have 8x8 run for them, so maybe there's some key management stuff in the brave browser?
Brave's whole "thing" seems to be being a one-stop Google replacement for everything you could do online, but just having to trust them instead of Google. Through that lens, I can see why they're constantly adding more "route your data through us instead" already-features instead of focusing on making a good, standalone web browser.
Not really. I used to use it, but it was noticeably slower than Firefox and ungoogled chromium. It's basically just ungoogled chromium with a bunch of extensions preinstalled.
> It's basically just ungoogled chromium with a bunch of extensions preinstalled.
That's not true. It has, in an easy-to-access UI many privacy protections, including fingerprinting and tracking, and even disabling JavaScript per site (EDIT: Among other things, including a crypto payment system, IPFS, and more.)
It's ok. It certainly doesn't hurt to try it. I tried using it as a daily driver a couple times and went back to Firefox. In my opinion, Vivaldi is better than Brave and I also prefer it to Firefox.
It is worth giving it a try, why not. I'm a Firefox user and I gave it a try for ~3 months out of boredom (and perception of higher speed). The novelty wore off and I went back to FF, but now I know why I like it more.
With Brave I never really bought into the advertising model so all those little donation buttons and crypto suggestions started to bother me.
I was a diehard FF user from the early 2000s to 2019. One of my users emailed me to ask if my browser plugin worked on Brave. I tried it and was shocked at how fast it was.
I dearly miss Tree Style Tabs (and make do with a Chrome extension that mostly works, but is annoyingly in a separate window), I can't go back to FF. The speed difference is too great. YMMV, I'm on a 2017 MBP, base model, and I typically have dozens of tabs open across several windows.
Does Brave make tabs narrower like Chrome when you open a lot of them? That's always been a dealbreaker for me in Chromium-based stuff, open enough of them and switching tabs becomes a mouse precision challenge and titles aren't visible anymore. So far FF is the only browser I know that can handle a lot of tabs without degrading the user experience.
Yes, but I use a TST-like extension so I can see them all on the left side. I ignore the stubs at the top, and I believe there's a way to make them disappear entirely.
I also had the same problem (can't believe Chrome apparently doesn't have any UI solution for this natively), but reading your comment made me wonder if Vimium could be a solution to this. And yeah, pressing T and typing part of the title makes it much easier to select a tab when you have many. Only useful if you're already using Vimium or are ready to switch of course, but improves the usability of Brave a lot for me.
Thanks. But that's a solution to a small - and to me less important - part of the problem. My main issue is a Fitts' law kind of thing where it's just unnecessarily difficult to click to choose a tab without a risk of closing it.
Oh thanks! The pages I found from a search didn't mention this at all (probably because they were largely about how Microsoft Edge enables the scrolling by default, and the Chromium flag itself not being the main focus).
I have the exact opposite problem: for me, Chrome's tiny minimum tab width is one of its best features, and one of my biggest obstacles for switching to Firefox. Firefox has an about:config setting that lets me shrink tabs a bit, but nowhere near as far. Firefox's low limit on the number of visible tabs is really frustrating.
By default, yes. It's stock Chromium with privacy features and an independent sync backend etc.
Chromium has recently added features for a scrollable tab strip a la Firefox, and you can adjust how much tabs compact themselves before the browser starts using scrolling behavior instead. Check a flag called Tab Scrolling.
I'm on Chromium partly because of the tab management - tab groups are crack.
I'm happy with it. It's pretty much like Chrome/Chromium (more responsive and performant than Firefox on macOS) but with some privacy settings/tweaks [0]. All of the cryptocurrency features can be turned off. The only thing I dearly miss from Firefox is Awesomebar. Brave's/Chromium's Omnibar is terrible in comparison. A lot of times you'll need to go to History to search for the same keywords and click the first result...
Oh and they have got a lot better with keeping up Chromium releases. It now usually takes one or two days for a new Brave version to be released after a new Chromium is released (as opposed to a few weeks in the past!?).
If you like the way Chromium looks and feels then yes it's very worth it. Personally I switched from Firefox to Brave due to their different approaches to fingerprinting protection which I consider a huge privacy issue. Firefox seems to take the approach of making everyone look the same all the time, but not enough people use the locked down version for it to be effective and they still leak enough Javascript-level information that that even within the "all look the same" crowd you will stand out, for example they spoof the request user agent but not the javascript-level user agent string (maybe that was a bug and has been fixed?). Brave on the other hand takes my preferred approach which is to muddy the water as much as possible, they spoof as many data points to make you look as unique as possible, between every user and between ever session (which is especially important imho). With Brave if you want a fingerprinting website to think you're someone new you just need to open a new session.
There isn't much to say about it beyond the buffs to privacy, as that's really it's purpose, to be Chrome but more privacy focused.
I run a portable version of brave in a 1Gb ramdisk.
Works great, and no mess left on the pc, apart from somehow Microsoft messes with things and writes stuff to a C:\...\Appdata\local\Brave Software folder...which I auto-delete every boot, just in case it's there.
Something to do with the 'default' browser always trying to be edge.
FU MS.
Apart from severely going thru the settings, take a look at the "brave://flags/" (no quotes), for more advanced ways to break things.
I wonder if Brave or any other browser will eventually allow for some sort of "delegation" ability to be introduced, where you can use your own spare compute to effectively run the tab on another machine but present it nicely (with even things like being able to select the text and copy) on the present.
Brave is really introducing many of these features and I fear it'll be the same slogged down mess as all of the other browsers when you use them all at once.
Brave seemed to start out as an ad replacement system. There was a crypto token involved and an ICO. Then they decided to be a Patreon-style support-any-website thing, which turned into legal hot water when they started accepting money for people who hadn't signed up.
Now they seem to be doing the privacy-browser thing, like Firefox was before it went all "spyware on by default".
Then there was a search engine? And now video calls?
This seems like a team and some funding in search of a problem, like a heat-seeking missile without a target. From an outside perspective, the product strategy seems entirely incoherent.
Who are the competitors? Ad networks? ERC20s? Mozilla? DuckDuckGo? Google? Zoom?
I've no idea what is happening with this company, and from a personal standpoint, I don't use products that aren't a component of some larger mission or vision, as they're usually just a quite temporary affair until such time the (seemingly aimless) organization evaporates. Every additional pivot and product launch adds to my confusion and reduces my understanding of (and respect for) the brand.
I have no idea what the Brave brand is supposed to represent, or what the company's stated purpose is. This seems like a major failure of their communications.
EDIT: TFA says "Unlimited, private video calls, right in your browser. No extra apps.". I'm using a browser, but the CTA button says to download an extra app: a different browser. I'm really hoping we're not at the point now where "in browser" now generically means "in the browser I want you to use". That, to me, would be a good and clear sign that apps have killed the web.
EDIT2: It looks like this is also a paid subscription service if you want more than 4 call participants. This adds to my total confusion about Brave's revenue plans. Does this mean I have to pay you and then also shill your browser to my 4+ other callers?
Web browser business must be hard unless you have a complimentary revenue stream. Brave tries to push on some new tech fronts, like IPFS, but there is no third wheel between Apple - Google - Mozilla. Also, Mozilla is losing impact when commercial operators are winning over mission driven companies.
As far as I can tell, there is zero functionality in Brave related to ipfs that can't be accomplished in a different browser with a very simple plugin. They're not running the p2p net as a transport, last I looked.
It's not very important though, as approximately nobody is using ipfs to move webpages to eyeballs, and actually nobody is choosing their browser based on support for ipfs or lack thereof. (I say this as a big proponent of ipfs and an early adopter/user.)
This is one of the things that contributes to the brand incoherence. Chasing anything that's trending (ico! p2p web! google's quality is declining, so search engine! video calls!) does not instill confidence.
It reminds me a lot of Mozilla (the Brave CEO's last gig), another organization that seems to have no defined philosophy or clear product strategy other than keeping antitrust regulators off of Google's back.
I'm amazed that you managed to find so much negativity in Brave - a tiny player - making massive accomplishments. Unlike Firefox, Brave does not get half a billion USD of Universal Basic Income from Google every year. They are a for profit entity and need a revenue stream to fund the highly expensive browser development work.
Mozilla is on a nosedive towards fading to obscurity. I am unable to understand any parallels here.
I have to agree. Brave's original reason for being was to work on a disruptive new model for media, one that's better for users, producers and advertisers. It looked good on paper, and I think many of us were just glad to see someone try something different. I think the dank cryptocurrency scene was the first thing to seriously undermine its core proposition when it comes to mainstream adoption, so much energy wasted on that BS. As far as I can tell, there was no reason it had to be a blockchain, and all of a sudden you're surrounded by a bunch of losers fluctuating between yelling about the moon and trying to steal their mom's TV set, foaming at the mouth in any case. "I'm gonna go over there", said almost everyone else. So, clearly the attraction to shiny objects was really there from the beginning. Then Search, VPN, "firewall", Playlist (Pocket? On iOS only?), now this. However many years on, core proposition adrift and still no good mainstream browser available.
There's a few people here that are repeating a theme that they don't understand Brave's brand. Let me explain what my take on it is.
The CEO has been pivotal in important parts of the internet, he created Javascript and co-founded Mozilla. He seems to be trying to creating a more useful and equitable internet, that's more for users and less for large corporate interests.
All the things I've seen are in support of these goals.
BAT / the ads system he proposed => trying to make the funding for internet sites more balanced for the roles involved, and sustainable both culturally and economically. You can read his thoughts/philosophy on this, he's eloquent and it's informed and interesting - make sure you get it from the source of his own writing instead of the many attacks on him.
The best Adblocking available => not blockable by google, fastest runtime performance. Good for users, less for megacorps.
IPFS => not having much impact now, but aligned with the goal of balancing power away from megacorps towards users.
Calls/Jitsi => again, away from megacorps toward users.
Notice a theme here! That's the brand, however he's not going to sell you on it, hes not spending money doing megacorp 'branding' instead he's quietly making genuinely useful things.
He's actually continuing the mission of what Mozilla was formed to do long ago, before it was overtaken by the G megacorp.
.
n.b.
I would say that the theme of rebalancing power away from megacorps towards users probably explains why he gets continual astroturfing, as opposed to the wokeist reasons that are usually stated for it, but thats a different converstation.
Brave is what Mozilla should be IMO. They identify key areas where there is something wrong with the web. Then they try to fix it with a technological solution.
For example, there's a moral dilemma where person A complains about ads and person B says "yeah but how should content producers get paid?" Brave gives us a third option: basic authentication tokens[1].
Or the moral dilemma where person C complains about Google's search results only showing X-leaning answers about some question, and person D says "yeah but do we really want a Y-leaning search engine?" Brave gives us a third option: Brave Search with Goggles[2].
They block ads and way more tracking out of the box than any of the other main browsers. You don't need to install extensions for this.
Now, how does that translate into revenue? That's a good question. I kind of wish they could work as a non-profit since that fits better with their mission.
> Now, how does that translate into revenue? That's a good question.
They take 30% of your BAT whenever you use it for a transaction, even when you're donating to a content creator that has not consented or authorized a BAT wallet to be made in their likeness. Tom Scott dragged them on Twitter for this, it's quite an entertaining rabbit hole to fall down: https://u.today/reddit-top-youtuber-accuses-brave-browser-of...
Nit: 0% on transactions. You can transact BAT like any other unrestricted ERC20 with no enforced fees (apart from any gas, if applicable). The charge is specifically for donations through their platform.
> For example, there's a moral dilemma where person A complains about ads and person B says "yeah but how should content producers get paid?" Brave gives us a third option: basic authentication tokens[1].
Changing the currency in which ad revenue is denominated does not fundamentally change the problem.
Handwavey "but tokens!" does not change the fact that looking at a creator's webpage does not generate money. Attention is valuable, but attention itself does not mint tokens, and does not pay creators. Someone has to write a check for an ad placement.
I think that's why I never bought into the whole BAT scheme: they have never once said where the money is supposed to come from. For fiat dollars to reach creator bank accounts so that they can pay their bills, those dollars have to come from somewhere other than ERC20 speculators. Are they expecting ad-replacement advertisers to buy BAT? Are they expecting Brave to subsidize creators directly via BAT payments via BAT appreciation increasing the value of Brave's token holdings when ERC20 speculators buy BAT?
None of it makes sense. Where does the revenue come from?
Brave buys the BAT they give users from the open market with a percentage of their normal money ad revenue. So there's always someone to sell the tips you get.
> Now they seem to be doing the privacy-browser thing, like Firefox was before it went all "spyware on by default".
Brave was always about privacy, which is why they started with ad blocking + a way to pay creators along with ad serving where the local client determined which ads you should see instead of sending all of your usage data to a third-party ad service.
> Brave was always about privacy, which is why they started with ad blocking + a way to pay creators along with ad serving where the local client determined which ads you should see instead of sending all of your usage data to a third-party ad service.
You realize that the ad system you describe is still easily able to harvest the data of which ads were viewed, right?
Yes, that’s not a secret but it’s superior to the alternative of sending all of my browser data to an ad service. It’s also completely optional.
I don’t even have Brave installed, but I suspect most people on this site understand how websites can track you no matter how you are routed to them.
Edit: it’s worth reading about privacy preservation, and understanding that users don’t actually need to click the ads (or didn’t used to) in order to get paid: https://brave.com/intro-to-brave-ads/
A browser that kills tracking ads and an ad agency that sells nontracking ads and needs places to sell them.
A privacy browser kills tracking ads -> most of the web is ad-funded, wat do. Brave's solution is a nontracking ad agency to make money. How to get people to watch ads? They buy BAT with a portion of their ad revenue and send it to users, so the users can make pocket money or use Brave's tipping service to support content creators. The creators who get the crypto can sell their crypto because Brave's buying it with normal money they earn from ad sales.
Not sure if you meant this literally or figuratively but it does appear to be a different codebase primarily in TypeScript vs JS (Jisti meet). I didn't dig enough to see if it was fork or not but it doesn't look like a white labeled jitsi https://github.com/brave/brave-talk
The UI is definitely at least lifted from jitsi-meet, and if you look at the dev console you can see that it's using lib-jitsi-meet. I'm not sure what the backend is, but I'd be surprised if it's not just straight up jitisi-videobridge. They might have built some stuff on top of lib-jitsi-meet but the actual bones of it (such as the encryption, which is likely to be of interest to HN types) is almost certainly gonna be Jitsi itself. I suspect that the project you linked is basically just some chrome around the actual Jitsi internals.
Haven't done any codebase spelunking, but their FAQ at the bottom of the page states it pretty clearly:
"Who provides the Brave Talk service?
The Brave Talk service is provided in partnership with 8x8. And the service is built on the open-source Jitsi platform."
The only issued trademark is for "google meet". They have filed for 'meet' in 2021 but they cant retroactively enforce that against 8x8 who have been using it since mid 2020
OT: is there a shadow economy of squatting common words as trademarks, like with domain names? It's surprising and slightly terrifying this is even possible.
The video and audio from your call are transmitted to other participants with the help of a Video Bridge server that’s run by Brave’s partner, 8x8. When you enable Video Bridge Encryption in Security Options, your browser exchanges keys with other call participants, and these keys are used to encrypt the video and audio streams. Only people with keys can see your calls. Assuming no malevolence, neither Brave nor its partner, 8x8, have this key by default.
However, there are some important limits to Video Bridge Encryption. If you want to include a phone participant in your call, have more than 20 participants, or want to include users with incompatible browsers (Safari, most iOS browsers, and browsers based on Chromium version 83 or below), this encryption setting will not work. If you record a call, 8x8’s servers will receive a set of keys to decrypt the video/audio stream in order to process and store that recording. Brave will continue to improve Brave Talk’s encryption properties and work to remove some of these limitations.
Read a more detailed description of Jitsi encryption (the open source basis for Brave Talk).
> Jitsi has been around for quite a while. Now I'm not sure what makes Brave Talk any different.
It makes Jitsi available to many people who wouldn't otherwise use it. If you care about Jitsi and people communicating, that's great. If you care about marketshare and fame, that's not.
* They call it private, but I don't see how the metadata - who you talk to, which is as important as what you say - is private.
* "Assuming no malevolence ...": Assuming no malevolence, we don't need to encrypt anything. Though even if we assume malevolence, if we trust Brave to make the browser, they can do almost anything they want regardless, without our knowing much about it.
I think they specifically mean assuming no malevolence by Brave and 8x8.
TLS, which is probably the most widely used form of encryption, is also more or less dependent on assuming no malevolence by the certificate authorities.
Your points about possible metadata collection, and end-to-end encryption not being the default are valid though.
> is also more or less dependent on assuming no malevolence by the certificate authorities
It doesn't have to be. Nothing's stopping you from signing your own certificates, just like nothing is stopping you from trusting the certificate your friend gave you, whether its by printing out the certificate on paper and then "handing" it to you, or sending it in an email. You're also 100% welcome to trust that your friend isn't a moron and lost control of his private key. AT THE SAME TIME, nothing stops you and abunch of your friends from trusting one or 2 dudes to be a certificate authority for your group.
Cryptography wasn't (and never tried to be) ever an alternative to not being stupid. Any 2 people can setup maximum 100% encrypted end-to-end communication using tools older than I am (or about my age). I feel like we let security and centralization blind us to solutions that we already have because those solutions are hard to onboard too. IRC is free, GPG is free, TOR is free, Email is still free.
In this case we would be assuming no malevolence on an additional party, in addition to Brave, so it does somewhat increase risk of bad things happening.
Not at all. But if you assume 0 malevolence from any party, there is no need for security in the first place, is there? Security models commonly explicitly assume the possibility of malicious actors.
For two well-known examples, Bitcoin PoW assumes the possibility that a malicious actor can spin up arbitrary amounts of malicious nodes. TLS assumes that the intermediary nodes in underlying network (e.g. ISPs) can be malicious. The assertions still hold.
Even with zero malevolence security isolates systems from mishap. If Jim can't delete the user database then Jim also can't delete the user database by mistake.
We accidentally made librarians Owners of Teams associated with courses students were taking where that librarian was subject specialist, so e.g. Modern History librarian finds they are now Owner of dozens of teams full of teenage students. That's annoying, so they click Delete. Are you sure? Says Teams. Of course they're sure. And the Team is deleted.
If security prevented them doing that, they'd have complained "Why am I in all these teams?" instead of deleting the teams. No malevolence involved.
I too have some concerns about the privacy statements. It would be easy for an average person to assume that they are anonymous and hidden from all things - but this system using webrtc that exposes your IP addy to the person you are prank calling / harassing / threatening or whatever and this can be connected by more than just the person on the other end, but one may not assume such a thing when they read:
Video calling, with Brave privacy at its core
No tracking. No data collection. Nothing linking you (or anyone else) to a call. Period. With Brave Talk, your conversations stay private to you.
-----
Don't get me wrong, am really glad they are releasing this and I hope a lot of people use it!
I just think we need to educate the end users more about how even private / encrypted things are not tracking-proof .. the "No tracking" to you/me/brave may be 'no advertiser big fang tracking' in our mind - but that's not how it's written or read / understood by the average person I would guess.
I think perhaps they are insinuating that this is secure assuming Brave, 8x8, and/or your meeting participants are not compromised outside the scope of the application. Though I'd agree that phrase does a poor job of communicating that.
Using the Diffie-Helman would be good practice, but it's not enough to assume a defence against a malevolent actor who controls the client. It's not about the key exchange itself.
Essentially, a determined malevolent actor who controls the client could exfiltrate your keys easily. Maybe it's intentionally introducing a subtle vulnerability and then exploiting it server-side[0], or it's just simply doing a file upload of the keys. Basically, you can't be certain there isn't a backdoor from a malevolent actor.
[0] IIRC, there was some vulnerability in the Linux Kernel a few years ago that was basically there due to an errant space. Some people theorized that this could have actually been intentionally introduced by sophisticated actors, to hide in plain-sight open source code.
No. The problem with first-party end-to-end encryption is that the entity whose customer you are not just providing the pipe for unknown encrypted traffic, but are also providing the encryption software, and can therefore subvert the encryption software (in order to report the key, or other similar actions) if they decide to act maliciously, or are compelled to by any third party (most likely government). If the software is third-party, then the service provider cannot breach the encryption in any way, or provide any assistance in doing so: the third-party software provider will be the party to attack/require to insert a back door, which in this age will generally be a fair bit harder, though it’s far from inviolable.
It's admittedly hard to find non-biased takes on their history because everyone seems to have a love/hate relationship with them, but here's a couple things off the top of my head that might give searchable terms:
* Inserting their own affiliate links into URLs you visit (now removed)
* Their implementation of Tor didn't actually work; leaked your browsing activity (now fixed)
* Received BAT donations on behalf of creators without notifying donators whether creators had opted-in to receive donations or not, and without notifying creators that they even had donations unless they reached a certain $ threshold (donations are now returned to users after a set time unless creators opt in to Brave's rewards platform)
* Similarly, they used to scrape site creators' socials (twitter, youtube, etc) to use their images/details in the donation CTA a la shadow profiles (now removed)
* They require Uphold to "cash out" earned BAT, which has a ton of their own controversies around freezing/deleting accounts when people try to withdraw a majority of their wallet (AFAIK still an issue)
There's plenty of others that inevitably get brought up in most threads about Brave. Most have been fixed after complaints/callouts, but employee reactions to getting called out are usually to the tune of "sorry you're surprised, but it's legal for us to do" instead of "we're sorry we did XYZ without telling you; we'll remove it".
I don't know how everyone's experience has been with Brave. For me, I installed it and used it for a few minutes, then forgot about it. A few days later a notification popped up on the screen advertising a cryptocurrency. Distressed, I looked for the culprit and it was Brave. So I uninstalled it. Not sure why I would use them for anything ever after that.
The only way to make money with a free commercially built product is advertising.
The only way to make money with a free commercially built product that kills other advertising... is advertising.
They don't have the coffers for this to be an instance of "commoditizing their complement" as there is no other fat revenue stream from another of their business units to speak of. (I don't even think they have multiple business units.) So they have to make money with Brave somehow.
The original concept of their "basic attention token" was an experiment to see if they could drive growth by paying users to watch ads with some abstract and dubious crypto coin. Their hope is that it's attractive enough to peel users away from Chrome, then they can sell targeted ads. I don't buy it.
In any case, you're not paying for Brave, so therefore you're the product. Yet again. No matter what their marketing says.
There's literally no reason for Brave to exist. You can run Firefox or Chromium just fine.
Their notification ads are annoying, but you can disable them. I do use it, only get the new tab ads, which aren't bad and hey, free "pennies" (I've opted in for them).
I do that, but it is certainly not anywhere near as easy as using Brave.
I am skeptical of Brave, because their business model seems hand-wavy and their crypto shit seems skeezy. But right now, I can't think of anything offering better ROI for ad/tracker blocking.
If you are going to tell your parents "just set up pi-hole on a cheap raspi, or spin up an LXC or Docker container to run it on your LAN, then use it for DNS" then you definitely have different parents than I do.
But pretty much anybody who uses a computer can install and run Brave.
I think the crypto is quite interesting. I'm fascinated to see the sites that have opted in to receive "tips" from me in the form of their BAT token.
Micropayments in lieu of ads has been a dream of many for a long time. Brave is doing that, and the crypto part seems like a rare appropriate use case.
Yeah, I am skeptical, but not totally dismissive. I would love to see those micropayments in lieu of ads work — but I have never seen a site that takes Brave tips.
(Admittedly, I only use Brave for a small subset of websites.)
How is it handwavy? They are an ad agency, and their sales pitch is an ad delivery model that respects user privacy (they download an entire country catalog in bulk and do all matching locally).
The coin works such that Brave buys BAT with a percentage of their normal money ad revenue, distribute it to users who can then use that to tip content creators with Brave's tipping service. Content creators can then sell BAT for real money, and there's always someone buying, namely Brave. It's pretty much the least scammy crypto coin I've come across.
Well, just in the sense that I don't see how it is going to possibly work, without radical revision/pivot. Maybe it will, though; I am kind of rooting for them.
But when I tried it, the ads Brave served were much worse than banner ads in a web page — they were super-intrusive system notifications, with ad payloads in them. I can't imagine any significant number of users ever using Brave with those ads enabled.
Likewise, I have never seen a website that is willing to accept my BAT crypto, other than the one posted in this thread.
Perhaps the second point (micropayments to authors) is not critical to their model, though.
Ironically, CNAME blocking is actually a (potential) privacy leak depending on your network configuration. It does a DNS look up (ignoring your system DNS settings) and checks what the CNAME record is pointing to against the block list. Assuming you have control of your DNS settings, you've (hopefully) configured your DNS to use Quad9 or something similar rather than Cloudflare (questionable) or Google (outright invasive). UBO ignores this choice.
UBO also recently added a warning about this in their extended info on the option, and it's been featured on HN a few times.
Brave ads are opt in, I've installed it a bunch of times on all sorts of systems and never once had a notification ad, are you sure you didn't just accidentally opt in when clicking through the install dialogue?
I don't use Brave yet, but I suspect I will have to make a decision between Brave and Firefox next January. Chrome Manifest v3 is going to be strictly enforced, which will neuter uBlock Origin, which will significantly increase the number of ads I interact with while browsing.
Firefox is the nobler choice, to be sure, but I enjoy working within the Chromium ecosystem. Brave is built on top of Chromium and will still be affected, but Brave Shields is a native implementation, not an extension, and will be unaffected. They will also work to support v2 as best as possible. This gives them a certain allure!
Curious what you mean by this. If you're talking about devtools, Firefox dev tools are also great, although there's nothing to say you couldn't use Firefox as a daily driver and pop open Chrome for developer work to avoid learning a new set of browser devtools.
Eh, thanks for calling me out on this. As I reflect a bit more, really what it comes down to is:
- Yes, dev work. I generally always need to be testing against Chromium where FF has such a small userbase that code regressions aren't costly. Keeping two browsers open all the time isn't a big deal, but feels like a hassle for some reason.
- There's a barrier to transitioning away from Google Chrome, but I have to overcome that for either transition. Exporting/importing passwords, hunting down extensions, etc. There's likely replacements for everything on Firefox, but there's absolutely everything on Brave as it's compatible with the Chrome Web Store.
- I don't give bonus points to Firefox for its approach to open source. Yes, it's better to be open source, but compelling, interesting features are where it's at for me.
- I don't give bonus points to Brave for being pro-crypto, but I'm not anti-crypto, either. It does seem like Brave has a faster pace of development these days, and I think it would be more interesting in conversations to discuss that I'm on Brave, and those facts, while relatively trivial, cause me to lean more towards it.
So I suppose it's not so much about staying within the Chromium ecosystem. It's mostly that Brave feels more alive and doesn't have such a bad reputation (IMO) to dissuade me from using it.
If you don't need account synchronization, Ungoogled Chromium has served me great. If you do want some kind of sync, I'd maybe take a look at Vivaldi first? Lot better experience than Brave, IMO.
Vivaldi's UI is custom and IME laggier than Chrome native. Plus I've had issues with the browser not showing me the same tab order it holds internally.
Vivaldi's definitely great, but it focuses more on customizability than raw privacy protections. Brave's the reverse. Stock Chrome, but top tier blocking functionality.
I mean... I don't want to sound harsh or like a Brave shill, but it sounds like you installed it without having a clue about what it is. I keep seeing negative comments about it that are dismissive like this or just plain wrong and I even though I don't even use it anymore I believe it's highly injusticed.
First off, if you installed it and used it to the point where it showed you an ad, you must have seen the initial screen asking whether you'd like to opt into ads. There's no dark pattern, it's spelled out for you. If you just went "yeah, yeah, whatever", that's on you.
Second, the reason why they have ads is pretty much why the browser itself exists. They introduced a suite of privacy features and an ad model that aims to be privacy-preserving and sustainable (especially in the sense of not letting the web turn into a content cesspool like Google has been doing). In fact their model is the only one I've seen so far that is actually desirable to all actors (advertisers, content producers and content consumers -- yes, including those that don't want any ads, ever). It's a shame it comes with all the stigma crypto has and so it's unlikely to take off.
Replacing publishers ads with your own and stealing their revenue is not sustainable. Even if you allow them to sign up and claim that revenue.
Also to be clear, brave is not remotely desirable to advertisers. (See my post history) I manage tens of millions of dollars in ad spend and 0% of that goes to brave. Full stop. Brave is adlbocking crypto circle jerk and nothing more. Give me a browser that is privacy first without crypto/scam bullshit and I am all in.
I guess this is more of an analogy, but it seems that a huge amount of the revenue of the ad industry now goes to Google, where it didn't before, so I can see where the op may be coming from.
No, that’s not stealing. Yes, it is sustainable (as evidenced by Brave’s ongoing viability as a company).
There used to be a free ISP called NetZero that would give you free dial up if you ran an app that ran at the bottom of your screen and showed ads. I used to adjust the screen so those 100 pixels (or whatever) didn’t show. That wasn’t stealing.
On my hardware, I can do whatever I want with what you send me. If you send me ads, I can choose not to look at them. I can write a program that hides the ads. I can use someone else’s program to hide the ads.
It’s strange that somehow my behavior is “stealing” and that shows a bizarre intellectual outlook on reality, to me.
Am I stealing when I mute ads on broadcast tv?
Am I stealing when I don’t look at billboards on the side of the road?
Am I stealing if I write an AR app that replaces billboards with pictures of kittens? (Or other ads?)
Finally, brave runs great with ads and crypto turned off. So I frequently run it as a “free-loader” and am grateful to the people who watch the ads and use the crypto to keep them in business.
It is not stealing from the user, it is brave stealing from the website.
Brave takes revenue that would have gone to the website. If you Adblock/etc that revenue is never generated. If you use brave, the revenue is generated and stolen by brave.
That’s not stealing. Again, all my examples are me avoiding ads, is that stealing?
Why would an AR goggle replacing IRL ads with their own be stealing?
If I run a pi-hole on my network, am I stealing from all the advertisers I block? What if I charge $1 for access to that network? Am I stealing $1 because the ads are never shown and I show an ad asking for $1.
Are people who sell pi-holes stealing?
I think that any moral expectation of people sending data to me, on my devices is comically wrong. If advertisers want to force ads then give out hardware that they control. I won’t take it, but maybe some will.
(disclaimer: I work for Brave) Just to be clear, no ads are "replaced" when a user opts-in to seeing Brave ads.
Ads and trackers are blocked on all websites by default when you use Brave. IF a user opts-in to viewing Brave ads, THEN they see the ads as notifications that are in Brave's ad inventory and that line up with their interests. This ad matching to users' interests is all done on-device - Brave or advertisers never learn anything about which ad a user saw or what their interests are.
I think it depends. I think when the material is hard to follow or customer negative and hidden, it’s a dark pattern.
In this case the brave install is a pretty straightforward Yes/No prompt with focus on Yes so people will tap it out of habit.
I think the important factor is the harm in the default action. In this case, it shows ad notifications (pretty annoying) and accrues crypto coins (pretty invisible). I’d be angrier if it consented to sharing all data for whatever purposes they’d like (ie, apps that upload all contacts and photos).
It appears you opted into Brave Rewards. There would've been a screen which very explicitly asked you if this is what you want as Brave Rewards is off by default.
I’ve been using it as my daily driver for a few years and like it. I didn’t turn on OS notifications so didn’t get the same pop up you did.
I like it because it’s built in ad blockers do a good job of reducing traffic and simplifying browsing. I can configure blockers in other browsers, but it’s one less thing.
It’s also small compared to chrome. I like being able to have small downloads because my home internet is only 50Mbps.
It also prompts me for updates and doesn’t run any secret background agents that occasionally flip out and peg my cpu (like chrome does). I don’t care enough about timely browser updates to have a process that just watches for this.
The tech pessimism in this community really is getting out of hand. Nothing but burns, seeking only negatives, bad faith assumptions and not giving any idea any chance.
When you install Brave, it's going to ask you about that Brave rewards thing. It's opt-in. Nothing will happen if you have some sweeping rage against crypto. And the thing asking you for it, it takes one click to hide it.
Congrats. Now you have an incredibly snappy browser. It's Chrome without all the Google-specific crap. Whereas using uBlock is a massive performance improvement, Brave is a similarly large EXTRA performance improvement. Click around some heavy content websites, performance is near-instant. I'm on a very high-end desktop and even then the difference between ordinary Chrome and Brave is extreme.
Although privacy comparisons between browsers are complex, Brave scores high if not highest. Unlike Mozilla, they don't need to make exceptions for Google. Brave has made a few mistakes in this area, all quite inconsequential, but they were quick to correct it. They're not like Mozilla that sits 7 years on a ticket.
So it's extremely fast and top-notch in terms of privacy. It has a built-in ad blocker, is has the option of using Tor for private windows, directly built-in. How cool is that?
Wayback integration for 404s? Thoughtful and clever.
They dare to innovate. For example, they support IPFS directly inside the browser. You may not need it, but it's an interesting technology to explore if you care about tech at all. And if not IPFS, just the idea in itself of a browser going a bit bleeding edge should be celebrated. And I extend that thought to their add-on products. Like chat or video calls, alternatives to the big tech versions of those. Why not? They may never become successful but why shut the door before you tried it? These are attempts at the alternative internet done the right way, the work that Mozilla would be doing, if they weren't so dysfunctional.
Why stamp all of that into the ground before even seriously looking at it?
And about that crypto-based rewards program, before you make up your mind, you know what else one can do? Try it. Wire 10$ into a wallet. Send BAT tokens to websites that you appreciate.
Congrats, you now used crypto. You're not a criminal, nobody will arrest you, you didn't burn the planet and didn't get kicked out of the political party. You send small money to people you like. The shock, the horror.
I just replied to another comment and I'm just now reading yours, this is how I'd like to have worded mine.
Brave is doing so much right (and I'm counting fearless experimentation as "right") and getting so much unjustified flak it makes me believe there's big money being poured into shit-talking it.
As much as I'd love to dig into whatever conspiracy theory you're coming up with, I think it'd be more constructive to point out that you've (likely unintentionally) become one of the participants in a Suck/Rock dichotomy[1]. That is to say, I didn't particularly have an opinion on Brave before reading these comments, but now (especially having read this one) I am very much disinclined to try it.
The breathless praise for this browser that appears to add a handful of bells and whistles (and also ads and crypto that people apparently haven't realized they've opted themselves into) really just makes me want to stay away from whatever community has built up around this browser.
Heh I would not call this breathless praise. There's a minority of posters that like Brave, while the majority either refute the praise or dislike Brave (or both). If you want to dislike Brave go ahead, but at least try to form that opinion a semi-informed basis.
Exactly the opposite happened with me, a few months ago. Brave posts were getting so much mindless hate, and every argument involved shifting goalposts or people just running away when asked specific factual questions in response to their vague FUDding. I was a long term Firefox user who was looking for an additional browser to check out and partially switch to, and this astounding amount of vitriol made me want to check out Brave and see what had these people all riled up.
(And I believe the answer is crypto - any association with it at all. There was a long period when crypto threads were just complete hatefests - yes, even more than today - and I think it's the Moxie web3 article, despite being generally against crypto, shifted the general tone of these to have some actual thoughtful comments. And the Brave thread here seems to have experienced the exact same change compared to before.)
> you know what else one can do? Try it. Wire 10$ into a wallet. Send BAT tokens to websites that you appreciate.
1. That money doesn't go to the websites, since they have to make a wallet first (and I can damn well guarantee you that 95+% of the blogs I visit don't have it set up)
2. I'm not paying for $10 of cryptocurrency just so Brave can take 30% off my transactions.
But isn't this fundamentally better than the current privacy-destroying ad-tracker hellscape we live in? Sure, some of us can use adblockers, but that won't work if everyone starts using them. Companies will switch to different, still invasive systems. Brave's idea is a lot closer to what I'd like the ideal world to look like, even if my ideal world wouldn't involve a middleman that took a 30% cut.
You're not wrong, but my bigger point was a general stance against tech pessimism. It seems people make up their mind in about 3 seconds and come up with many reasons as to why something is absolutely bad in a very binary way.
As said, you can avoid the crypto part altogether, it's not mandatory. Or, even taking your issues into account, you can try to find some websites you like that do have a wallet, and have a play with it.
The Brave take on self funded wallet tips is 5%. 30% is take on ad share if you have Brave ads enabled. You keep 70%, or in the example mentioned above your supported creator would get 95%… that’s in line with most crowdfunding platforms.
// Unlike Mozilla, they don't need to make exceptions for Google.
// They're not like Mozilla that sits 7 years on a ticket.
Suppose a browser is an iceberg. Mozilla has to maintain, improve and develop on the whole of the iceberg. In case of Brave, Google and Chromium developers do maybe 90 or 95% of the iceberg? My understanding is that the Chromium codebase is one of the largest and complex ones ever? I also read somewhere is has a large amount of churn/flux, but not sure.
I'm not saying Brave does not add anything of value, but let's do a fair comparison.
You're absolutely right, but not everybody understands the consequences.
Mozilla/Gecko is on life support with no light at the end of the tunnel. When the ex-CTO of Mozilla picks Chromium to run Brave, and Microsoft picks Chromium for Edge, things become pretty clear: Chromium/V8 is the standard. And not just the standard, also the superior, future-proof engine.
So yes, Brave gets a lot of things "for free", but that's a smart move. Ultimately users and developers don't care.
> The tech pessimism in this community really is getting out of hand.
So true in this thread. All the top rated comments are by people who don't use Brave but are jumping on the chance to knock it. From my experience Brave is frictionless to use & configure whilst providing much value.
I'm happy to see Brave offer a useful feature with an opportunity to monetise part of it and become a sustainable Browser - which is surely what they are trying to do and innovating around.
I wonder about this and seems like a mismatch with my Brave experience (a pretty good browser, not something I care much about and I use it quite a bit but will switch in 5 minute for a better).
I wonder if the “shade throwing” is subconscious because so many work for/like Google. Or because of dislike for the Brave CEO’s historical stance.
I tend to notice (or think I notice) when there’s a mismatch between a tech and the conversation by tech people and find it curious and want to find the true reason.
Free, but they scan your conversation for products that you mention and replace them with ads for other products. But don't worry you'll get compensated in some randomcoin.
176 comments
[ 2.9 ms ] story [ 214 ms ] thread>Do I need the Brave browser to use Brave Talk?
>Yes and no. To start a call, you’ll need to be on the Brave browser. However, people you invite to a call can join from any browser. They just need the call link.
So, most of it already functions on other browsers...they are gating the "start a call" bit. The faq has some details on some sort of encryption relay they have 8x8 run for them, so maybe there's some key management stuff in the brave browser?
https://browser.kagi.com/
https://www.google.com/search?q=firefox+google+map+ubuntu&sx...
Working fine for me on:
- Debian, Raspbian
- Arch, Manjaro
- Fedora
That's not true. It has, in an easy-to-access UI many privacy protections, including fingerprinting and tracking, and even disabling JavaScript per site (EDIT: Among other things, including a crypto payment system, IPFS, and more.)
With Brave I never really bought into the advertising model so all those little donation buttons and crypto suggestions started to bother me.
I dearly miss Tree Style Tabs (and make do with a Chrome extension that mostly works, but is annoyingly in a separate window), I can't go back to FF. The speed difference is too great. YMMV, I'm on a 2017 MBP, base model, and I typically have dozens of tabs open across several windows.
Chromium has recently added features for a scrollable tab strip a la Firefox, and you can adjust how much tabs compact themselves before the browser starts using scrolling behavior instead. Check a flag called Tab Scrolling.
I'm on Chromium partly because of the tab management - tab groups are crack.
[0] https://privacytests.org/
There isn't much to say about it beyond the buffs to privacy, as that's really it's purpose, to be Chrome but more privacy focused.
Works great, and no mess left on the pc, apart from somehow Microsoft messes with things and writes stuff to a C:\...\Appdata\local\Brave Software folder...which I auto-delete every boot, just in case it's there. Something to do with the 'default' browser always trying to be edge. FU MS.
Apart from severely going thru the settings, take a look at the "brave://flags/" (no quotes), for more advanced ways to break things.
https://portapps.io/app/brave-portable/
Brave is really introducing many of these features and I fear it'll be the same slogged down mess as all of the other browsers when you use them all at once.
Now they seem to be doing the privacy-browser thing, like Firefox was before it went all "spyware on by default".
Then there was a search engine? And now video calls?
This seems like a team and some funding in search of a problem, like a heat-seeking missile without a target. From an outside perspective, the product strategy seems entirely incoherent.
Who are the competitors? Ad networks? ERC20s? Mozilla? DuckDuckGo? Google? Zoom?
I've no idea what is happening with this company, and from a personal standpoint, I don't use products that aren't a component of some larger mission or vision, as they're usually just a quite temporary affair until such time the (seemingly aimless) organization evaporates. Every additional pivot and product launch adds to my confusion and reduces my understanding of (and respect for) the brand.
I have no idea what the Brave brand is supposed to represent, or what the company's stated purpose is. This seems like a major failure of their communications.
EDIT: TFA says "Unlimited, private video calls, right in your browser. No extra apps.". I'm using a browser, but the CTA button says to download an extra app: a different browser. I'm really hoping we're not at the point now where "in browser" now generically means "in the browser I want you to use". That, to me, would be a good and clear sign that apps have killed the web.
EDIT2: It looks like this is also a paid subscription service if you want more than 4 call participants. This adds to my total confusion about Brave's revenue plans. Does this mean I have to pay you and then also shill your browser to my 4+ other callers?
It's not very important though, as approximately nobody is using ipfs to move webpages to eyeballs, and actually nobody is choosing their browser based on support for ipfs or lack thereof. (I say this as a big proponent of ipfs and an early adopter/user.)
This is one of the things that contributes to the brand incoherence. Chasing anything that's trending (ico! p2p web! google's quality is declining, so search engine! video calls!) does not instill confidence.
It reminds me a lot of Mozilla (the Brave CEO's last gig), another organization that seems to have no defined philosophy or clear product strategy other than keeping antitrust regulators off of Google's back.
Mozilla is on a nosedive towards fading to obscurity. I am unable to understand any parallels here.
The CEO has been pivotal in important parts of the internet, he created Javascript and co-founded Mozilla. He seems to be trying to creating a more useful and equitable internet, that's more for users and less for large corporate interests.
All the things I've seen are in support of these goals.
BAT / the ads system he proposed => trying to make the funding for internet sites more balanced for the roles involved, and sustainable both culturally and economically. You can read his thoughts/philosophy on this, he's eloquent and it's informed and interesting - make sure you get it from the source of his own writing instead of the many attacks on him.
The best Adblocking available => not blockable by google, fastest runtime performance. Good for users, less for megacorps.
IPFS => not having much impact now, but aligned with the goal of balancing power away from megacorps towards users.
Calls/Jitsi => again, away from megacorps toward users.
Notice a theme here! That's the brand, however he's not going to sell you on it, hes not spending money doing megacorp 'branding' instead he's quietly making genuinely useful things.
He's actually continuing the mission of what Mozilla was formed to do long ago, before it was overtaken by the G megacorp.
.
n.b. I would say that the theme of rebalancing power away from megacorps towards users probably explains why he gets continual astroturfing, as opposed to the wokeist reasons that are usually stated for it, but thats a different converstation.
For example, there's a moral dilemma where person A complains about ads and person B says "yeah but how should content producers get paid?" Brave gives us a third option: basic authentication tokens[1].
Or the moral dilemma where person C complains about Google's search results only showing X-leaning answers about some question, and person D says "yeah but do we really want a Y-leaning search engine?" Brave gives us a third option: Brave Search with Goggles[2].
They block ads and way more tracking out of the box than any of the other main browsers. You don't need to install extensions for this.
Now, how does that translate into revenue? That's a good question. I kind of wish they could work as a non-profit since that fits better with their mission.
[1] https://brave.com/brave-rewards/
[2] https://brave.com/wp-content/uploads/2021/03/goggles.pdf
They take 30% of your BAT whenever you use it for a transaction, even when you're donating to a content creator that has not consented or authorized a BAT wallet to be made in their likeness. Tom Scott dragged them on Twitter for this, it's quite an entertaining rabbit hole to fall down: https://u.today/reddit-top-youtuber-accuses-brave-browser-of...
Changing the currency in which ad revenue is denominated does not fundamentally change the problem.
Handwavey "but tokens!" does not change the fact that looking at a creator's webpage does not generate money. Attention is valuable, but attention itself does not mint tokens, and does not pay creators. Someone has to write a check for an ad placement.
I think that's why I never bought into the whole BAT scheme: they have never once said where the money is supposed to come from. For fiat dollars to reach creator bank accounts so that they can pay their bills, those dollars have to come from somewhere other than ERC20 speculators. Are they expecting ad-replacement advertisers to buy BAT? Are they expecting Brave to subsidize creators directly via BAT payments via BAT appreciation increasing the value of Brave's token holdings when ERC20 speculators buy BAT?
None of it makes sense. Where does the revenue come from?
You can optionally choose to receive ad notifications. Companies pay money to target certain keywords with a notification that links to their website.
Brave was always about privacy, which is why they started with ad blocking + a way to pay creators along with ad serving where the local client determined which ads you should see instead of sending all of your usage data to a third-party ad service.
You realize that the ad system you describe is still easily able to harvest the data of which ads were viewed, right?
I don’t even have Brave installed, but I suspect most people on this site understand how websites can track you no matter how you are routed to them.
Edit: it’s worth reading about privacy preservation, and understanding that users don’t actually need to click the ads (or didn’t used to) in order to get paid: https://brave.com/intro-to-brave-ads/
A privacy browser kills tracking ads -> most of the web is ad-funded, wat do. Brave's solution is a nontracking ad agency to make money. How to get people to watch ads? They buy BAT with a portion of their ad revenue and send it to users, so the users can make pocket money or use Brave's tipping service to support content creators. The creators who get the crypto can sell their crypto because Brave's buying it with normal money they earn from ad sales.
The competition is pretty squarely Google.
I set up a Jitsi deployment for my company in mid 2020 when everyone went online, and it's served us quite faithfully.
"Who provides the Brave Talk service? The Brave Talk service is provided in partnership with 8x8. And the service is built on the open-source Jitsi platform."
The video and audio from your call are transmitted to other participants with the help of a Video Bridge server that’s run by Brave’s partner, 8x8. When you enable Video Bridge Encryption in Security Options, your browser exchanges keys with other call participants, and these keys are used to encrypt the video and audio streams. Only people with keys can see your calls. Assuming no malevolence, neither Brave nor its partner, 8x8, have this key by default.
However, there are some important limits to Video Bridge Encryption. If you want to include a phone participant in your call, have more than 20 participants, or want to include users with incompatible browsers (Safari, most iOS browsers, and browsers based on Chromium version 83 or below), this encryption setting will not work. If you record a call, 8x8’s servers will receive a set of keys to decrypt the video/audio stream in order to process and store that recording. Brave will continue to improve Brave Talk’s encryption properties and work to remove some of these limitations.
Read a more detailed description of Jitsi encryption (the open source basis for Brave Talk).
It makes Jitsi available to many people who wouldn't otherwise use it. If you care about Jitsi and people communicating, that's great. If you care about marketshare and fame, that's not.
* Encryption is not enabled by default.
* They call it private, but I don't see how the metadata - who you talk to, which is as important as what you say - is private.
* "Assuming no malevolence ...": Assuming no malevolence, we don't need to encrypt anything. Though even if we assume malevolence, if we trust Brave to make the browser, they can do almost anything they want regardless, without our knowing much about it.
TLS, which is probably the most widely used form of encryption, is also more or less dependent on assuming no malevolence by the certificate authorities.
Your points about possible metadata collection, and end-to-end encryption not being the default are valid though.
It doesn't have to be. Nothing's stopping you from signing your own certificates, just like nothing is stopping you from trusting the certificate your friend gave you, whether its by printing out the certificate on paper and then "handing" it to you, or sending it in an email. You're also 100% welcome to trust that your friend isn't a moron and lost control of his private key. AT THE SAME TIME, nothing stops you and abunch of your friends from trusting one or 2 dudes to be a certificate authority for your group.
Cryptography wasn't (and never tried to be) ever an alternative to not being stupid. Any 2 people can setup maximum 100% encrypted end-to-end communication using tools older than I am (or about my age). I feel like we let security and centralization blind us to solutions that we already have because those solutions are hard to onboard too. IRC is free, GPG is free, TOR is free, Email is still free.
https://arstechnica.com/information-technology/2021/09/priva...
I strongly disagree or all assertions in humanity are meaningless. Everything we do and think relies on trusting others.
For two well-known examples, Bitcoin PoW assumes the possibility that a malicious actor can spin up arbitrary amounts of malicious nodes. TLS assumes that the intermediary nodes in underlying network (e.g. ISPs) can be malicious. The assertions still hold.
We accidentally made librarians Owners of Teams associated with courses students were taking where that librarian was subject specialist, so e.g. Modern History librarian finds they are now Owner of dozens of teams full of teenage students. That's annoying, so they click Delete. Are you sure? Says Teams. Of course they're sure. And the Team is deleted.
If security prevented them doing that, they'd have complained "Why am I in all these teams?" instead of deleting the teams. No malevolence involved.
like automatically adding affiliate links to URLs without notifying their users
https://www.cpomagazine.com/data-privacy/brave-privacy-brows...
Video calling, with Brave privacy at its core
No tracking. No data collection. Nothing linking you (or anyone else) to a call. Period. With Brave Talk, your conversations stay private to you.
-----
Don't get me wrong, am really glad they are releasing this and I hope a lot of people use it!
I just think we need to educate the end users more about how even private / encrypted things are not tracking-proof .. the "No tracking" to you/me/brave may be 'no advertiser big fang tracking' in our mind - but that's not how it's written or read / understood by the average person I would guess.
I'm sorry, when did we start to take security measures assuming no malevolence?
The fact of the matter is that first-party end-to-end encryption is pretty much broken by design, and very few people ever talk about this.
[1] https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exc...
Essentially, a determined malevolent actor who controls the client could exfiltrate your keys easily. Maybe it's intentionally introducing a subtle vulnerability and then exploiting it server-side[0], or it's just simply doing a file upload of the keys. Basically, you can't be certain there isn't a backdoor from a malevolent actor.
[0] IIRC, there was some vulnerability in the Linux Kernel a few years ago that was basically there due to an errant space. Some people theorized that this could have actually been intentionally introduced by sophisticated actors, to hide in plain-sight open source code.
* Inserting their own affiliate links into URLs you visit (now removed)
* Their implementation of Tor didn't actually work; leaked your browsing activity (now fixed)
* Received BAT donations on behalf of creators without notifying donators whether creators had opted-in to receive donations or not, and without notifying creators that they even had donations unless they reached a certain $ threshold (donations are now returned to users after a set time unless creators opt in to Brave's rewards platform)
* Similarly, they used to scrape site creators' socials (twitter, youtube, etc) to use their images/details in the donation CTA a la shadow profiles (now removed)
* They require Uphold to "cash out" earned BAT, which has a ton of their own controversies around freezing/deleting accounts when people try to withdraw a majority of their wallet (AFAIK still an issue)
There's plenty of others that inevitably get brought up in most threads about Brave. Most have been fixed after complaints/callouts, but employee reactions to getting called out are usually to the tune of "sorry you're surprised, but it's legal for us to do" instead of "we're sorry we did XYZ without telling you; we'll remove it".
The only way to make money with a free commercially built product that kills other advertising... is advertising.
They don't have the coffers for this to be an instance of "commoditizing their complement" as there is no other fat revenue stream from another of their business units to speak of. (I don't even think they have multiple business units.) So they have to make money with Brave somehow.
The original concept of their "basic attention token" was an experiment to see if they could drive growth by paying users to watch ads with some abstract and dubious crypto coin. Their hope is that it's attractive enough to peel users away from Chrome, then they can sell targeted ads. I don't buy it.
In any case, you're not paying for Brave, so therefore you're the product. Yet again. No matter what their marketing says.
There's literally no reason for Brave to exist. You can run Firefox or Chromium just fine.
Bandwidth saved 5.23GB
Time saved 2.8hours
I am skeptical of Brave, because their business model seems hand-wavy and their crypto shit seems skeezy. But right now, I can't think of anything offering better ROI for ad/tracker blocking.
If you are going to tell your parents "just set up pi-hole on a cheap raspi, or spin up an LXC or Docker container to run it on your LAN, then use it for DNS" then you definitely have different parents than I do.
But pretty much anybody who uses a computer can install and run Brave.
Micropayments in lieu of ads has been a dream of many for a long time. Brave is doing that, and the crypto part seems like a rare appropriate use case.
(Admittedly, I only use Brave for a small subset of websites.)
The coin works such that Brave buys BAT with a percentage of their normal money ad revenue, distribute it to users who can then use that to tip content creators with Brave's tipping service. Content creators can then sell BAT for real money, and there's always someone buying, namely Brave. It's pretty much the least scammy crypto coin I've come across.
But when I tried it, the ads Brave served were much worse than banner ads in a web page — they were super-intrusive system notifications, with ad payloads in them. I can't imagine any significant number of users ever using Brave with those ads enabled.
Likewise, I have never seen a website that is willing to accept my BAT crypto, other than the one posted in this thread.
Perhaps the second point (micropayments to authors) is not critical to their model, though.
- performance gains from optimized machine code
- CNAME adblocking, which is otherwise not possible on Chromium-based browsers
- robustness against potential changes from upstream (i.e. Manifest v3)
And, not exactly adblocking, but other privacy protections that are only possible with a deep level of control over browser APIs:
- advanced fingerprinting protections, including subtle randomized perturbations of canvas reads, fonts, user agent, etc.
- ephemeral storage sandboxing for third-party content
Bandwidth saved 15.84GB
Time saved 5.8hours
Firefox is the nobler choice, to be sure, but I enjoy working within the Chromium ecosystem. Brave is built on top of Chromium and will still be affected, but Brave Shields is a native implementation, not an extension, and will be unaffected. They will also work to support v2 as best as possible. This gives them a certain allure!
Curious what you mean by this. If you're talking about devtools, Firefox dev tools are also great, although there's nothing to say you couldn't use Firefox as a daily driver and pop open Chrome for developer work to avoid learning a new set of browser devtools.
- Yes, dev work. I generally always need to be testing against Chromium where FF has such a small userbase that code regressions aren't costly. Keeping two browsers open all the time isn't a big deal, but feels like a hassle for some reason.
- There's a barrier to transitioning away from Google Chrome, but I have to overcome that for either transition. Exporting/importing passwords, hunting down extensions, etc. There's likely replacements for everything on Firefox, but there's absolutely everything on Brave as it's compatible with the Chrome Web Store.
- I don't give bonus points to Firefox for its approach to open source. Yes, it's better to be open source, but compelling, interesting features are where it's at for me.
- I don't give bonus points to Brave for being pro-crypto, but I'm not anti-crypto, either. It does seem like Brave has a faster pace of development these days, and I think it would be more interesting in conversations to discuss that I'm on Brave, and those facts, while relatively trivial, cause me to lean more towards it.
So I suppose it's not so much about staying within the Chromium ecosystem. It's mostly that Brave feels more alive and doesn't have such a bad reputation (IMO) to dissuade me from using it.
Vivaldi's definitely great, but it focuses more on customizability than raw privacy protections. Brave's the reverse. Stock Chrome, but top tier blocking functionality.
First off, if you installed it and used it to the point where it showed you an ad, you must have seen the initial screen asking whether you'd like to opt into ads. There's no dark pattern, it's spelled out for you. If you just went "yeah, yeah, whatever", that's on you.
Second, the reason why they have ads is pretty much why the browser itself exists. They introduced a suite of privacy features and an ad model that aims to be privacy-preserving and sustainable (especially in the sense of not letting the web turn into a content cesspool like Google has been doing). In fact their model is the only one I've seen so far that is actually desirable to all actors (advertisers, content producers and content consumers -- yes, including those that don't want any ads, ever). It's a shame it comes with all the stigma crypto has and so it's unlikely to take off.
Also to be clear, brave is not remotely desirable to advertisers. (See my post history) I manage tens of millions of dollars in ad spend and 0% of that goes to brave. Full stop. Brave is adlbocking crypto circle jerk and nothing more. Give me a browser that is privacy first without crypto/scam bullshit and I am all in.
Tell that to Google.
This is the same for all the content preview used by Google in search results alongside ads.
The Tor browser, not necessarily using onion routing is the option with the least compromises of your privacy.
No, that’s not stealing. Yes, it is sustainable (as evidenced by Brave’s ongoing viability as a company).
There used to be a free ISP called NetZero that would give you free dial up if you ran an app that ran at the bottom of your screen and showed ads. I used to adjust the screen so those 100 pixels (or whatever) didn’t show. That wasn’t stealing.
On my hardware, I can do whatever I want with what you send me. If you send me ads, I can choose not to look at them. I can write a program that hides the ads. I can use someone else’s program to hide the ads.
It’s strange that somehow my behavior is “stealing” and that shows a bizarre intellectual outlook on reality, to me.
Am I stealing when I mute ads on broadcast tv?
Am I stealing when I don’t look at billboards on the side of the road?
Am I stealing if I write an AR app that replaces billboards with pictures of kittens? (Or other ads?)
Finally, brave runs great with ads and crypto turned off. So I frequently run it as a “free-loader” and am grateful to the people who watch the ads and use the crypto to keep them in business.
Brave takes revenue that would have gone to the website. If you Adblock/etc that revenue is never generated. If you use brave, the revenue is generated and stolen by brave.
Why would an AR goggle replacing IRL ads with their own be stealing?
If I run a pi-hole on my network, am I stealing from all the advertisers I block? What if I charge $1 for access to that network? Am I stealing $1 because the ads are never shown and I show an ad asking for $1.
Are people who sell pi-holes stealing?
I think that any moral expectation of people sending data to me, on my devices is comically wrong. If advertisers want to force ads then give out hardware that they control. I won’t take it, but maybe some will.
Replacing ads that would pay the publisher, but now instead pay somebody else is stealing.
Ads and trackers are blocked on all websites by default when you use Brave. IF a user opts-in to viewing Brave ads, THEN they see the ads as notifications that are in Brave's ad inventory and that line up with their interests. This ad matching to users' interests is all done on-device - Brave or advertisers never learn anything about which ad a user saw or what their interests are.
This is core to the privacy model of Brave ads. You can read more here: https://github.com/brave/brave-browser/wiki/Security-and-pri...
In this case the brave install is a pretty straightforward Yes/No prompt with focus on Yes so people will tap it out of habit.
I think the important factor is the harm in the default action. In this case, it shows ad notifications (pretty annoying) and accrues crypto coins (pretty invisible). I’d be angrier if it consented to sharing all data for whatever purposes they’d like (ie, apps that upload all contacts and photos).
I like it because it’s built in ad blockers do a good job of reducing traffic and simplifying browsing. I can configure blockers in other browsers, but it’s one less thing.
It’s also small compared to chrome. I like being able to have small downloads because my home internet is only 50Mbps.
It also prompts me for updates and doesn’t run any secret background agents that occasionally flip out and peg my cpu (like chrome does). I don’t care enough about timely browser updates to have a process that just watches for this.
When you install Brave, it's going to ask you about that Brave rewards thing. It's opt-in. Nothing will happen if you have some sweeping rage against crypto. And the thing asking you for it, it takes one click to hide it.
Congrats. Now you have an incredibly snappy browser. It's Chrome without all the Google-specific crap. Whereas using uBlock is a massive performance improvement, Brave is a similarly large EXTRA performance improvement. Click around some heavy content websites, performance is near-instant. I'm on a very high-end desktop and even then the difference between ordinary Chrome and Brave is extreme.
Although privacy comparisons between browsers are complex, Brave scores high if not highest. Unlike Mozilla, they don't need to make exceptions for Google. Brave has made a few mistakes in this area, all quite inconsequential, but they were quick to correct it. They're not like Mozilla that sits 7 years on a ticket.
So it's extremely fast and top-notch in terms of privacy. It has a built-in ad blocker, is has the option of using Tor for private windows, directly built-in. How cool is that?
Wayback integration for 404s? Thoughtful and clever.
They dare to innovate. For example, they support IPFS directly inside the browser. You may not need it, but it's an interesting technology to explore if you care about tech at all. And if not IPFS, just the idea in itself of a browser going a bit bleeding edge should be celebrated. And I extend that thought to their add-on products. Like chat or video calls, alternatives to the big tech versions of those. Why not? They may never become successful but why shut the door before you tried it? These are attempts at the alternative internet done the right way, the work that Mozilla would be doing, if they weren't so dysfunctional.
Why stamp all of that into the ground before even seriously looking at it?
And about that crypto-based rewards program, before you make up your mind, you know what else one can do? Try it. Wire 10$ into a wallet. Send BAT tokens to websites that you appreciate.
Congrats, you now used crypto. You're not a criminal, nobody will arrest you, you didn't burn the planet and didn't get kicked out of the political party. You send small money to people you like. The shock, the horror.
Brave is doing so much right (and I'm counting fearless experimentation as "right") and getting so much unjustified flak it makes me believe there's big money being poured into shit-talking it.
The breathless praise for this browser that appears to add a handful of bells and whistles (and also ads and crypto that people apparently haven't realized they've opted themselves into) really just makes me want to stay away from whatever community has built up around this browser.
1: https://nealford.com/memeagora/2009/08/05/suck-rock-dichotom...
(And I believe the answer is crypto - any association with it at all. There was a long period when crypto threads were just complete hatefests - yes, even more than today - and I think it's the Moxie web3 article, despite being generally against crypto, shifted the general tone of these to have some actual thoughtful comments. And the Brave thread here seems to have experienced the exact same change compared to before.)
1. That money doesn't go to the websites, since they have to make a wallet first (and I can damn well guarantee you that 95+% of the blogs I visit don't have it set up)
2. I'm not paying for $10 of cryptocurrency just so Brave can take 30% off my transactions.
> even if my ideal world wouldn't involve a middleman that took a 30% cut.
“Knowing where the trap is — that's the first step in evading it.” - Frank Herbert, Dune
As said, you can avoid the crypto part altogether, it's not mandatory. Or, even taking your issues into account, you can try to find some websites you like that do have a wallet, and have a play with it.
// They're not like Mozilla that sits 7 years on a ticket.
Suppose a browser is an iceberg. Mozilla has to maintain, improve and develop on the whole of the iceberg. In case of Brave, Google and Chromium developers do maybe 90 or 95% of the iceberg? My understanding is that the Chromium codebase is one of the largest and complex ones ever? I also read somewhere is has a large amount of churn/flux, but not sure.
I'm not saying Brave does not add anything of value, but let's do a fair comparison.
Mozilla/Gecko is on life support with no light at the end of the tunnel. When the ex-CTO of Mozilla picks Chromium to run Brave, and Microsoft picks Chromium for Edge, things become pretty clear: Chromium/V8 is the standard. And not just the standard, also the superior, future-proof engine.
So yes, Brave gets a lot of things "for free", but that's a smart move. Ultimately users and developers don't care.
So true in this thread. All the top rated comments are by people who don't use Brave but are jumping on the chance to knock it. From my experience Brave is frictionless to use & configure whilst providing much value.
I'm happy to see Brave offer a useful feature with an opportunity to monetise part of it and become a sustainable Browser - which is surely what they are trying to do and innovating around.
I wonder if the “shade throwing” is subconscious because so many work for/like Google. Or because of dislike for the Brave CEO’s historical stance.
I tend to notice (or think I notice) when there’s a mismatch between a tech and the conversation by tech people and find it curious and want to find the true reason.
(/s if not obvious)
Wonder how long it'll be before I need to switch.