He could work for Google! Lets fork Brave I blocked Brave on nextdns.io will log for a week, maybe something interesting happens.
Iāve asked Jonathan Sampson at Brave for a reaction, in fact he already did:
here
And he pointed me to another browser review:
here (Douglas J. Leith
School of Computer Science & Statistics, Trinity College Dublin, Ireland
24th Feb 2020ā)
Have fun reading and take your own conclusion, itās alway difficult who or what to believe. We canāt check it all ourselves, at least I canāt.
They will differ. Contnent, in a way trackers too, are delivered based on several factors.
This approach will give you only little information. It is maybe better to look how a browser communicates (unknown/hidden connections), how unique it is (https://amiunique.org/, Tools from EFFās Tech Team | Electronic Frontier Foundation) and so on.
Another area of interest to me was how they differ in sync. I use and appreciate syncing across a few devices.
From what I gathered with Brave all data was stored and encrypted on the client-side (our devices). I like this, what I donāt like is I canāt choose the passphrase which I would like to. I would do this by using a system generated passphrase in a FOSS password manager where it can be encrypted and stored.
With Firefox the sync data is encrypted client-side (our devices) and the encryption key is stored there. What I donāt like is that the data and authentication key are transferred to Mozillaās servers and stored there in an encrypted state (self hosted NextCloud vs say Pcloud from my understanding).
Hope I understood correctly . This also swayed my decision.
*Edit: nope, looks like sync on Brave is also stored in a cloud. I am having deja-vu think I already figured this out once before (so much info).
Excited to see any insight gained from what @nottolino and @andrelam are doing. Thanks for your willingness to help all of us collectively.
Thanks for this info. Have you done this? If so what did you find (FF vs Brave)?
I have tested Brave HERE and the results were better than other browsers (fingerprint less unique mostly), anyone know how Brave vs Firefox stacks up with this tool? I also received insight from @marcdw HERE.
Edit: Another thing I like about FF is its more mature and has better extensions (Privacy Badger, etc.) which Brave isnāt quite there yet. Do extensions open one up to a larger attack surface? I would think so.)
Butā¦ The fingerprint of Brave vs FF? I believe Brave wins here.?
Edit: @XjFred also did some testing HERE. Maybe @XjFred can weigh in on what he remembers from these tests? (Kinda already did in this thread, wonder if there is any other insight to share)
Yep, already sent the result : only Brave succeed in the CoverYouTracks tool (both trackers and fingerprinting). The EFF gives loads of explanation about what is fingerprinting and about the data sent by browsers.
Brave is build with the same feature for everyone. So one can easily understand that using it, you canāt be unique.
Thank you ! Nice document.
Responding to a previous explanation for the āwhitelistā, the author emphatically claims the engineers at Brave donāt understand how JavaScript works. If Iām not mistaken, the author is responding to Brendan Eich (Braveās CEO), who happens to also be the creator of JavaScript.
This is the most obvious logical fallacy ever. Having created something doesnāt mean knowing every single thing about it after years of evolving. Thatās like saying Carl Benz would know everything about Tesla because Teslas are cars and Carl Benz invented the carā¦ If Brendan knows everything about modern JavaScript so well, why is he CEO and not CTO?
Lots of passion on this topic.
No doubt similar conversations are happening at Brave and Mozilla (wanting to be the objective ābestā in the eyes of the users).
Understanding the background and situations behind the companies helps me see a strong reason why there is such fierce competition. I love this because the result is better tools with more privacy for us. I highly doubt Mozilla will turn a blind eye (and not introduce something) to fingerprinting long term.
Firefox blocks fingerprinting: What is fingerprinting and why you should block it
This is eye poping! Even if you just read the concluding āVIII Conclusionsā. Thanks for sharing @andrelam
@Taurus Iām going based off of the tests previously mentioned in this thread. Which to believe? Actual test at EFF or articles/description from Mozilla? Maybe both are correct but describing different fingerprinting methods?
Time for me to go back to school to get a Doctorate of Computer Science/Security Joking aside, I must say thank you to all here as I have learned much in the past few months.
Oh, I forgot about the top of the thread. Yeah, who do we believe? Good question.
@Taurus my gut tells me it is thisš
The author does not use his real name, and states this:
This is completely false. Theyāre blatantly lying to their users. Anyone who knows a bit about how JavaScript works and itās capacities to track you without the need of using cookies will be laughing after reading that.
No explanation, just some ranting. We donāt know who this author is, so we canāt check. Did you read the paper of Douglas J. Leith? Heās a professor, i think iām going for that truth.
Now āBraveā Jonathan even wants to help me examine the data , he pointed me to this tool Did a quick look, seems to be a nice tool, you can examine the data sent and received (tried with desktop version), I think you can also use it to examine your phone.
Although the sheer number of permissions is impressive: Firefox v89.1.1 ā 20, Brave v1.26.74 ā 33. Exodus state three trackers for Firefox, zero for Brave.
Fennec Version 89.1.1 from F-Droid: 2 Trackers, 18 permissions, at least some less than Firefox ;- )
Firefox Klar v8.16.0: one tracker, nine permissions
PS: Although these numbers vary slightly depending where you look. Exodus inside Aurora or Exodus website
Addendum: Fennec F-Droid is based on the latest Firefox release (codenamed Fenix).
It has proprietary bits and telemetry removed, but still connects to
various Mozilla and Google services that can track users.
When you install HTTP toolkit Android app you can see the requests from browsers (5 trackers in the App )
Very easy to setup, scan a qr, grant vpn acces and the requests are visible, very cool!
Thanks to you all. This forum, as I said in the beginning, itās an invaluable source of information.
I would particularly thank @TheLastProject for providing the link on which the discussion revamped.
Iām not sure I understood all the details and subtleties on the matter, but here you are some info on my side.
-
Firefox (no extensions) on the phone is completely unusable with TC.
-
Brave on my Linux mint allowed me to discover that my bank is tracing me. Navigation is DEFINITELY slow but possible
-
Firefox on Linux mint (ublock installed) didnāt say a word about my bank
+1, thanks for starting the deeper conversation @TheLastProject.
Something that might be of interest to those here, is this recently started thread by @marcdw
This topic was automatically closed after 30 days. New replies are no longer allowed.