Brave and TC: a lot of trackers and more. Is that expected?

He could work for Google! Lets fork Brave :slight_smile: I blocked Brave on nextdns.io will log for a week, maybe something interesting happens.

1 Like

Iā€™ve asked Jonathan Sampson at Brave for a reaction, in fact he already did:
here

And he pointed me to another browser review:
here (Douglas J. Leith
School of Computer Science & Statistics, Trinity College Dublin, Ireland
24th Feb 2020āˆ—)

Have fun reading :slight_smile: and take your own conclusion, itā€™s alway difficult who or what to believe. We canā€™t check it all ourselves, at least I canā€™t.

2 Likes

They will differ. Contnent, in a way trackers too, are delivered based on several factors.
This approach will give you only little information. It is maybe better to look how a browser communicates (unknown/hidden connections), how unique it is (https://amiunique.org/, Tools from EFFā€™s Tech Team | Electronic Frontier Foundation) and so on.

1 Like

Another area of interest to me was how they differ in sync. I use and appreciate syncing across a few devices.

From what I gathered with Brave all data was stored and encrypted on the client-side (our devices). I like this, what I donā€™t like is I canā€™t choose the passphrase which I would like to. I would do this by using a system generated passphrase in a FOSS password manager where it can be encrypted and stored.

With Firefox the sync data is encrypted client-side (our devices) and the encryption key is stored there. What I donā€™t like is that the data and authentication key are transferred to Mozillaā€™s servers and stored there in an encrypted state (self hosted NextCloud vs say Pcloud from my understanding).

Hope I understood correctly :point_up_2:. This also swayed my decision.

Brave

Firefox

*Edit: nope, looks like sync on Brave is also stored in a cloud. I am having deja-vu :slightly_smiling_face: think I already figured this out once before (so much info).

Excited to see any insight gained from what @nottolino and @andrelam are doing. Thanks for your willingness to help all of us collectively.

Thanks for this info. Have you done this? If so what did you find (FF vs Brave)?

I have tested Brave HERE and the results were better than other browsers (fingerprint less unique mostly), anyone know how Brave vs Firefox stacks up with this tool? I also received insight from @marcdw HERE.

Edit: Another thing I like about FF is its more mature and has better extensions (Privacy Badger, etc.) which Brave isnā€™t quite there yet. Do extensions open one up to a larger attack surface? I would think so.)

Butā€¦ The fingerprint of Brave vs FF? I believe Brave wins here.?

Edit: @XjFred also did some testing HERE. Maybe @XjFred can weigh in on what he remembers from these tests? (Kinda already did in this thread, wonder if there is any other insight to share)

Yep, already sent the result : only Brave succeed in the CoverYouTracks tool (both trackers and fingerprinting). The EFF gives loads of explanation about what is fingerprinting and about the data sent by browsers.

Brave is build with the same feature for everyone. So one can easily understand that using it, you canā€™t be unique.

Thank you ! Nice document.

1 Like

Responding to a previous explanation for the ā€œwhitelistā€, the author emphatically claims the engineers at Brave donā€™t understand how JavaScript works. If Iā€™m not mistaken, the author is responding to Brendan Eich (Braveā€™s CEO), who happens to also be the creator of JavaScript.

This is the most obvious logical fallacy ever. Having created something doesnā€™t mean knowing every single thing about it after years of evolving. Thatā€™s like saying Carl Benz would know everything about Tesla because Teslas are cars and Carl Benz invented the carā€¦ If Brendan knows everything about modern JavaScript so well, why is he CEO and not CTO?

Lots of passion on this topic.

No doubt similar conversations are happening at Brave and Mozilla (wanting to be the objective ā€œbestā€ in the eyes of the users).

Understanding the background and situations behind the companies helps me see a strong reason why there is such fierce competition. I love this because the result is better tools with more privacy for us. I highly doubt Mozilla will turn a blind eye (and not introduce something) to fingerprinting long term.

1 Like

Firefox blocks fingerprinting: What is fingerprinting and why you should block it

This is eye poping! Even if you just read the concluding ā€œVIII Conclusionsā€. Thanks for sharing @andrelam

1 Like

@Taurus Iā€™m going based off of the tests previously mentioned in this thread. Which to believe? Actual test at EFF :point_down: or articles/description from Mozilla? Maybe both are correct but describing different fingerprinting methods?

Time for me to go back to school to get a Doctorate of Computer Science/Security :smiley: Joking aside, I must say thank you to all here as I have learned much in the past few months.

Oh, I forgot about the top of the thread. Yeah, who do we believe? Good question.

1 Like

@Taurus my gut tells me it is thisšŸ‘‡

1 Like

The author does not use his real name, and states this:

This is completely false. Theyā€™re blatantly lying to their users. Anyone who knows a bit about how JavaScript works and itā€™s capacities to track you without the need of using cookies will be laughing after reading that.

No explanation, just some ranting. We donā€™t know who this author is, so we canā€™t check. Did you read the paper of Douglas J. Leith? Heā€™s a professor, i think iā€™m going for that truth.

1 Like

Now ā€œBraveā€ Jonathan even wants to help me examine the data :thinking:, he pointed me to this tool Did a quick look, seems to be a nice tool, you can examine the data sent and received (tried with desktop version), I think you can also use it to examine your phone.

1 Like

Although the sheer number of permissions is impressive: Firefox v89.1.1 ā†’ 20, Brave v1.26.74 ā†’ 33. Exodus state three trackers for Firefox, zero for Brave.

Fennec Version 89.1.1 from F-Droid: 2 Trackers, 18 permissions, at least some less than Firefox ;- )

Firefox Klar v8.16.0: one tracker, nine permissions

PS: Although these numbers vary slightly depending where you look. Exodus inside Aurora or Exodus website

Addendum: Fennec F-Droid is based on the latest Firefox release (codenamed Fenix).
It has proprietary bits and telemetry removed, but still connects to
various Mozilla and Google services that can track users.

When you install HTTP toolkit Android app you can see the requests from browsers (5 trackers in the App :frowning: )

Very easy to setup, scan a qr, grant vpn acces and the requests are visible, very cool!

Thanks to you all. This forum, as I said in the beginning, itā€™s an invaluable source of information.
I would particularly thank @TheLastProject for providing the link on which the discussion revamped.

Iā€™m not sure I understood all the details and subtleties on the matter, but here you are some info on my side.

  1. Firefox (no extensions) on the phone is completely unusable with TC.

  2. Brave on my Linux mint allowed me to discover that my bank is tracing me. Navigation is DEFINITELY slow but possible

  3. Firefox on Linux mint (ublock installed) didnā€™t say a word about my bank

1 Like

+1, thanks for starting the deeper conversation @TheLastProject.

Something that might be of interest to those here, is this recently started thread by @marcdw :point_down:

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.