> It doesn't seem to be anywhere (in text) in:
/Users/mark/Library/Application Support/BraveSoftware
Of course it's not in text. It's a SQLite3 database:
$ sqlite3 ~/'Library/Application Support/BraveSoftware/Brave-Browser/Default/Top Sites' .dump
PRAGMA foreign_keys=OFF;
BEGIN TRANSACTION;
CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY, value LONGVARCHAR);
INSERT INTO meta VALUES('mmap_status','-1');
INSERT INTO meta VALUES('version','4');
INSERT INTO meta VALUES('last_compatible_version','4');
CREATE TABLE top_sites (url LONGVARCHAR PRIMARY KEY,url_rank INTEGER,title LONGVARCHAR,redirects LONGVARCHAR);
INSERT INTO top_sites VALUES('https://chrome.google.com/webstore?hl=en',0,'Web Store',NULL);
COMMIT;
This is actually a database inherited from Chromium, so I'm not sure if the issue is inherited from Chromium.
Edit: Tried this on Chromium 86.0.4185.0, top sites db is cleared after clearing all browsing data, so probably not inherited from Chromium.
(Btw I wasn't able to repro on Brave because however many times I open news.ycombinator.com, it simply won't register in top sites -.-)
83.0.4103.116 is current stable. Chromium itself is distributed in snapshot form (I cask installed it) so naturally it's ahead — kind of like Canary, which is currently at 86.0.4194.0.
This is a bug, have you guys seen a software bug before? What is it with the appetite for outrage? Using brave on Android devices and not planning to switch
Ya I find the outright hatred for Brave on HN a bit bizarre. The more sustainable alternatives we have to Google Chrome hegemony the better IMHO. I say this as both a FF and Brave user.
I know nothing about pro and cons of Brave, but many people that criticize Chrome hegemony often see Brave as inconsequential. It has zero leverage on the evolution of web standards as they will never be able to hard-fork the engine.
In particular it does close to nothing to solve the problem of chrome-only websites.
It is one of the reason the demise of edgeHTML/chakra was a bittersweet news for many (in this case Microsoft could have the resources, in extreme cases, to hard-fork blink/V8).
I find HN has a bias against anything that hurts advertising and user tracking revenue. AMP and Brave seem to get a disproportionate amount of attention.
You do know Brave is built on top of Chromium which is funded by Google right? I won't call a browser that relies so much on Google as a sustainable alternative to Chrome.
The browser rendering engine for Firefox (Gecko) is independent from Chromium, and as such isn't really reliant on Google. Mozilla's reliance on Google is solely for displaying Google as the default search engine.
sure the engine is not descended from google code but if mozilla didnt have google's funding they would essentially go bankrupt and consequently ff would go byebye. id call that dependence.
Yes but they are at least trying to explore an alternative business model that doesn't fundamentally rely on hoovering up every bit of data there is to know about you without you even being aware most of the time (scepticism of cryotocurrencies aside).
Yeah any time brave comes up here, you can be assured the pitchforks will be out faster than anyone could load (much less read) the article. Seems people are always ignoring many of the unique ideas that brave brings to the space that I think could be quite important, but you never see those discussed.
Brave on Android still includes phone model in the user agent string which is terrible for privacy. There's been an open GitHub issue for over a year at this point, I think. It doesn't appear to be a priority to fix, despite being a massive low hanging fruit for improved privacy.
Same can be said about a lot of the outrage stories at Google, Facebook, etc. A lot of things viewed as hostile to users are actually bugs.
I'm not suggesting that there shouldn't an outrage against big tech companies. But small company should be held to the same standards, especially as they make those very features their main point of existence.
Outrage and canned evangelical responses require very little effort and rake in the easy karma. Way easier to scream "Firefox" under every post about every other browser than trying to understand a technical issue.
Just look at the heaviest thread (now apparently downweighted by mods). A whopping 86 responses later, can you learn anything from it? Other than the root comment providing some context, I can hardly find anything of value that's not been repeated every single day on this site.
It's a company who's business model is to fork an existing project and use it to remove advertising from content creators and replace it with their own, founded and led by an asshole. I'm not outraged, but I've long since stopped giving Brave any benefit of the doubt.
Not really, their whole proposition is to do ads in a privacy respecting way, and you always have the option to just turn them off entirely. The payments model they have for websites is my favorite thing about the browser and I'd love to see more models like it catch on. Giving the ability to easily fund content creators by just filling up your wallet periodically (without having to view ads if you don't want) is a great idea. Perhaps the execution leaves something to be desired, but I wish people would at least discuss the important ideas it brings rather than simply dismiss it as an evil browser and recommend Firefox + ublock origin (which, while a good temporary solution, is ultimately just kicking the can down the road and doesn't do a whole lot to solve the root issues).
Thanks for the correction. I like the idea of what Brave does, but I'm too reliant on some Firefox features (tree style tabs + containers) so I don't actually use it myself and sometimes get it a bit wrong.
Brave Browser continues to behave in ways that are contrary to their stated principles. I dropped the browser a couple of months ago on the heels of the bitcoin affiliate link scandal and went back to Safari and Firefox.
I am keeping an eye on Braver Browser, a fork of Brave with the intention of removing the questionable behavior:
https://github.com/braver-browser
I don't use IOS (yet) so "no" on that front. I tried Brave and was happy with it until these recent revelations, so upon hearing about Braver I simply decided to keep an eye on it.
Firefox still doesn't have ergonomic pinch-to-zoom on macOS... There are experimental flags you can use to get it mostly working, but the gestures can end up triggering navigate-back or -forwards actions.
well, compared to undisclosed affiliate marketing for trading sites[1], soliciting of donations without consent[2] or the recent redirection through affiliate links[3], this seems pretty tame.
I'm already using Windows and despite me ticking all privacy checks - I am, as such, trusting MS with my data. Might as well switch over to Edge when I need a chromium-based browser. Threads like these move me in inch closer to that decision. (currently default: Firefox and secondary: Brave)
ps: Edge's reader mode and narrator are top-notch.
I can definitely see the reasoning. I suppose I'm still debating whether it's good to have all my personal information with only one company or spread around a bit more.
If I was going to plump for one company, Microsoft might not be the worst choice simply because their business model doesn't revolve around monetizing my personal information.
I know right. I don't get it. I would expect a company like Microsoft that makes most of their money selling to businesses would take privacy and security more seriously.
I don't know why you would assume that Microsoft uses their ill-gotten user information to make their UX better and Google to make theirs worse. Is it just because Microsoft's products' UX cannot be made any worse?
Edge synchronization doesn't do end to end encryption for your browsing history or bookmarks (for this reason alone you're actually better off with Chrome). Windows 10 also has a low entropy advertising ID, that via Edge is passed to Bing Ads for ads personalization.
Firefox does not send your unencrypted browsing data to Microsoft and it does not send Windows 10's advertising ID to Bing Ads.
---
You may trust Microsoft enough to run Windows 10, but it does not follow that Microsoft already has that data. And giving even more data to a company that already has plenty on you is always unwise.
If you care about privacy or security for that matter, compartmentalization is key.
I've disliked Brave from the beginning. Initially because of the pretentious - and frankly appropriated - name, but now for the much more substantive reasons you've cited.
Seriously, if you want a browser that gives you control over your data and privacy, use Firefox. It doesn't do any of this shady nonsense.
Brave is trash, but to say Firefox hasn't done shady things is a bit of joke after the whole incident where they sent full site URLs and interaction data over to Cliqz's servers for a random sampling of users in Germany while being neither opt-in nor clear to the users about what data was being sent.
Short sighted and terrible PR, yes, but to say that what Firefox was doing was shady, specially anything close to as shady as Brave, is being straight out disingenuous.
I was pretty clear about my stance on Brave in the first three words of my comment, but I'm skeptical of any interpretation of user privacy which is so eager to excuse sending user browsing history without asking as not "shady" but simply "short sighted and bad PR" just because Mozilla's the one doing it
Yes: the concept of browsing the web with your privacy preserved has literally zero to do with the concept of bravery. The name is clearly a statement but not one that's ever made any sense to me.
Apparently the main reason Chrome has the name is that the dev team leads like fast cars and that was the initial project code name. The reference to "UI Chrome" was largely an accident.
Long before Google Chrome development began (and to this day), Firefox code has used the term “chrome” internally to distinguish between privileged JavaScript code used in the Firefox UI and regular JavaScript from web content.
But "chrome" to mean user interface is pretty far down the list of definitions for chrome, and even the most generous interpretation is similar to GUI/UI/UX and that doesn't exactly say "web browser".
That's not "appropriation", that's just marketing. You can call that "appropriation" if you want but it really just dilutes the very concept you're trying to invoke.
Right, Ubuntu might be considered an appropriated name, but hopefully not because the name is used respectfully by someone who, while not Nguni, is at least familiar with the people.
Pedantic historical browser etymology note: Firefox began as Phoenix, because it was metaphorically rising from the ashes of Netscape. For trademark reasons, they changed it to Firebird. Then they learned that there was already an open source DB using that name, so they picked Firefox.
Brave bought the brave.com domain from the band Brave Combo, whose homepage was listed as http://brave.com/bo since the early days of the web. Last year I was pleased to see that they kept a redirect in place from https://brave.com/bo to band's new site https://bravecombo.com but it appears they've discontinued that courtesy. Too bad.
Firefox prevents me from installing webextensions from sources and even forces me to send the code of my own extensions for my own usage to their webservices in order to use them. This is certainly not a browser that "gives you control over your data", when you're a hacker.
You can load local extensions from about:debugging. They just won't be permanently installed. (Developer edition may be different.) And Chrome's local loading comes with a disable modal at every startup. So I'm curious what browser you consider worthy.
Edit: forgot to mention you can install from 3p sources as I've done from my own site in the past. They just need to be signed by Mozilla first.
Yes, you can temporarily load extensions in firefox, but I certainly won't reload all my extensions manually at every startup :)
I don't think there's really a good browser for both privacy and hacking. I use chromium when I have no choice (not sure what you're referring to concerning the disable modal ; if it's an issue with chromium too, I haven't hit it, and I have 11 extensions loaded from sources).
But my "main browser until it's not enough" is elinks (slightly modified by me to fix ruby support and offer a few more api methods to extensions). I can write extensions as simple ruby scripts, doing things like adding native markdown support, allowing to edit local files, adding proper indentation to HN comments, etc. It's the perfect browser for me (and with cookies disabled and js, css and images not fetch nor executed, it's a good privacy browser as well). But of course, you won't be able to use that to buy something on the web. Still, it's surprising how much I can accomplish with just that.
Disable modal may only impact unpacked extensions then. My apologies for the confusion.
Forking a text browser is impressive. Though to be honest the older I get the less energy and time I have to be picky. (And building Firefox was so painful I vowed to only make changes via extensions.)
It's not that a big deal to modify elinks, because it's a codebase way simpler than full blown browsers. But yes, it still a handful of hours of work, like modifying any software, so you have to actually find it fun to tinker with free software :)
Actually, my first attempt to fix my problem was to try to find in firefox codebase where it deletes the extensions loaded from sources, either at the end or the start of the session, I supposed, to shunt that "feature". But after a week a free time spent on it, I made no progress. The codebase and the architecture are just too gargantuan to be tinkered with - at least for me.
Wow, that sucks. We use Chrome extensions (from source) to automate aspects of our customer service work, and we can't distribute these extensions on a hosted store.
So Firefox prevents this perfectly reasonable thing? WTF.
Do I need permission from Mozilla to sign things? Or are there self-signed certificates? Does that means source distribution works, or do I have to use their "store"?
As have I. The entire money making scheme behind it, while innovative, is a privacy nightmare.
> Seriously, if you want a browser that gives you control over your data and privacy, use Firefox. It doesn't do any of this shady nonsense.
Agreed, with the caveat that Firefox does have its own, completely different privacy issues[1][2]. Still, it's probably the best choice for a mainstream browser, and there are open source scripts out there[3] to plug up Firefox's few leaks. I used to use (and recommend) Waterfox as a more secure, private alternative to Firefox, but lately Firefox with Shawn's or a similar script applied is just as good. It's generally better to get FF from your operating system's repository and keep it updated that way rather than manually installing a fork.
I had never heard of these before, but when I go to about:studies, I see that I have never participated in any studies, and when I click the link from that page to "Firefox data collection and use" setting, I see that I am opted out from everything. Pretty sure I didn't do that manually.
Your second link is to a page called "Firefox health report". I have no idea what conclusions I'm supposed to draw from that.
Can you provide more info about the privacy violations you're referring to?
> but when I go to about:studies, I see that I have never participated in any studies
Are you in the US? I also have not participated in any studies but in the preferences it is marked as active. My guess would be that they either run very few of them or are restricted to the US.
I am in the US. It was disabled by default in Debian, but it is on in Windows. It looks like I have not participate din any studies on the Windows machine.
> when I click the link from that page to "Firefox data collection and use" setting, I see that I am opted out from everything. Pretty sure I didn't do that manually.
Are you on Linux? Many distributions include their own tweaks to the Firefox package, including disabling data collection.
You're right, and Pocket being integrated into the browser itself rather than remaining a plugin was the one that drove me to Waterfox a few years ago. I just listed a couple of general issues above for brevity's sake.
Before they bought Pocket it was a plugin/service that was completely optional. They bought Pocket and integrated it into the browser at a much deeper level, making it opt-out instead of opt-in (and very difficult for the average user to opt out; you have to change several settings in about:config which most users have no idea even exists).
I felt they should have made it an opt-in service that the user can choose on the first launch. Taking away user choice is rarely a good thing, and even less so when dealing with anything privacy related.
Pocket, the service for collecting and syncing articles, is basically a separate thing from pocket suggestions.
The original service was integrated a while ago, but it doesn't really have severe privacy implications. If you click a pocket button, it asks you to log in. If you don't click, it does nothing. This is the one that's hard to disable, but it's an annoyance more than a security problem.
Pocket suggestions are newer, showing articles on the new tab page. They are trivial to turn off, and for what it's worth all the sorting/filtering is done locally.
It's the automatic opt-in that concerned me more than anything; any time a company chooses to force a new feature on their users I question the necessity of the action as well as the intent. I had the same issue with automatic opt-in of their telemetry and Studies; I never asked for that and I don't expect it from a company that touts their stance on privacy as a reason to use their software.
My point being, even if Pocket is 100% benign and never leaks any user data, the user should still have a say in whether it is turned on by default on a fresh installation. Anything less is user-hostile, a descriptor Mozilla should avoid if possible.
>The entire money making scheme behind it, while innovative, is a privacy nightmare.
Is it? An ad bundle is downloaded to your pc. Your pc tracks some usage, and stores every analytic locally. Using the analytics, your local client chooses which ads to target you with. You wipe your local data cache, your analytics disappear. I would guess people wished more advertising respected privacy this way.
This seems like much LESS of a privacy nightmare than Google, Facebook, Verizon, Microsoft, Amazon storing a named profile for each person.
Answering my own question, Firefox Android allows Add-Ons. So installing uBlock Origin for ad blocking and NoScript Security Suite for script blocking was trivial. So far so good, curious to see how it plays out...
In uBlock Origin, there is a setting that disables Javascript by default (which I use). You can then enable it temporarily or permanently on a per-site basis.
I use uMatrix to block scripts on certain domains. I used to use NoScript for this, but switched to uMatrix when I found that it gave me much more fine-grained control over what to allow or block.
For ad-blocking, I supplement uMatrix with uBlock Origin. It has its own block lists that it perodically
On top of that, I use privoxy as an http proxy. Unfortunately, it can't filter https.
Yet another part of my defense is DNS blocklists that I put in to /etc/hosts.[1]
Using this combination, I virtually never see any ads.
> I use uMatrix to block scripts on certain domains. [...] For ad-blocking, I supplement uMatrix with uBlock Origin.
As the author of both uBO and uMatrix, I don't understand the need to use uMatrix to block scripts when already using uBO, since uBO can do the same.
Even better, uBO supports replacing certain blocked scripts with a local, neutered version (to lower likelihood of site breakage), something which becomes broken if you block the same script with another extension (i.e. in either NoScript or uMatrix).
uMatrix gives me the ability to select on a domain and subdomain level where to block or allow script and other page elements using its matrix interface.
If this is possible to do in uBlock Origin, I don't know how.
AFAIK, uBO does not have a similar matrix-like interface. So if the equivalent control is possible somehow, it must be hidden further down in its interface, which makes it much less convenient for me than the simple matrix that's behind a single mouse click for me in uMatrix.
I'd love to learn how uBO can be used like uMatrix, if that's possible. There's no need for both extensions if uBO can do it all, but as far as I know it can't.
Any plans to update uMatrix so it behaves nicer on mobile? The popup interface resists pinch-to-zoom and the text is so small as to be literally illegible on mobile devices. So I can't read the various domains to decide which ones I want to block or permit!
[uBlock Origin was recently updated to make it more mobile friendly. Although, ironically, out of the two, it was already more usable on mobile as it was possible to zoom and pan round the interface.]
I'm using Adguard's DNS on my router. 5 of us at home due to Covid-19 and no complaints from anybody about things not working.
NextDNS has a more advanced version (you can add and remove domains) for $19.90/year
It's not quite as good as having a PiHole or similar setup because some devices have their DNS settings hard coded. You have to route those addresses to override your Chromecast, etc.
About [1], read the reply from the devs, seems reasonable and it was announced on their blog, it was temporary and could be turned off at anytime. Besides eToro is a well established site in Europe to buy stocks (no affiliations here), the reporter seems to really hate them for some reasons.
[2] was fixed a while ago as mentioned in your link.
[3] was also fixed quickly.
I don't know if you've ever run a company but if you do, I hope your users won't attack you and remember every single mistakes you've ever made even if just 3.
Disclaimer: I don't work for Brave and rarely use it sometimes as secondary browser.
I did run a company and I feared making mistakes. In principle the best way to avoid making kinds of mistakes your users will hate you for is to put user interest first. By looking at Brave's profile I can not say they are living by that principle 100%.
For example, the decision to hijack links to insert their own affiliate links is not a mistake, it was a decision. These kind of decisions are not made by a developer in the team, it is a leadership level decision, coming from principles those leaders live by, and also one that does not put users first. On the contrary, it takes advantage of the users.
The principle of 'forgiving mistakes' applies only to honest mistakes. Otherwise we would all be browsing with Chrome/posting on Facebook/[insert currently hated company on HN here] and forgiving them all their 'mistakes'.
Putting your users interest first needs to be balanced with remaining profitable so you can keep existing. It's hard to put your user interest first when you don't exist anymore.
This is why Firefox decided for example to support non-free mp4 or EME (DRM), even though it goes against their mission of supporting the open web. They decided that not supporting these features would kill their market share, relevance and revenue making it hard to support their users in the future.
When Brave made the decision to insert affiliate, they saw it as a way to help with their revenue which helps their mission without hurting privacy too much (they still block more trackers than any other browser in the market including firefox). Still, they rectified this quickly showing that they are not stubborn and are ready to sacrifice revenue for their users. Anyway, it's not easy to balance all this and you will be hard put to find saints that do it all perfectly out there, good luck finding one though.
> Putting your users interest first needs to be balanced with remaining profitable so you can keep existing.
Although this can be a sound principle for many, I do not agree with it. Brave is not 'entitled' in any way nor should the world bend to make Brave possible. It's a company like any other, with a product like any other and with, IMO, questionable leadrship principles demonstrated over and over again. The market will 'price' it accordingly in terms of market share.
If I was to build a browser (which btw I am doing) I would put 100% user interest first, at the price of not succeeding in the market. That is the only way I could sleep well at night.
> Brave is not 'entitled' in any way nor should the world bend to make Brave possible.
I never said it was entitled, I said it had to balance things to survive.
> If I was to build a browser (which btw I am doing) I would put 100% user interest first, at the price of not succeeding in the market. That is the only way I could sleep well at night.
A quick look at the history of humanity will show you that even the most moral entities had at a point of their existence have to compromise with morality to survive, or made bad choices out of self-interest. Just like every single human being who has ever lived. I don't think you can never ever ever compromise on anything while accomplishing anything significant. By the way, do you plan on taking out mp4 and user freedom hostile features such as EME support in your browser?
You can balance things without making moral compromises. Making bad choices deliberately is different than making bad choices by a virtue of an honest mistake. For this particular feature Brave could have offered to split affiliate revenue with users 50-50. Then even if the idea was received poorly nobody could argue against the right to experiment and try to survive. Keeping 100% for yourself is greedy, shady and unnecessary not to mention uncovers that they don’t really put users first. Why not just run a bitcoin miner in the browser and keep everything for themselves? Where do you draw a line and say this company is not behaving like you are expecting?
These aren't mistakes, though, at least not in the sense of accidents. They were bad ideas, but it certainly wasn't a case of "oops, I accidentally added affiliate hijacking, silly me".
I mean, I suppose you could interpret them as severe naiveté and/or incompetence? That's probably the most charitable way to look at them, but still wouldn't exactly encourage me to use the product.
It's the nature of the mistakes that matter here. It's not like some dumb bug; time and time again they do unethical things that harm their users. Why?
brave's biggest innovation is the introduction of direct payments. i hope that catches on, even if brave fails, because it will truly transform the economics of the internet.
Is it fair to _ever_ say that clearing the history completely removes all traces of visited sites? I have always operated under the assumption that some trace will remain pretty much forever.
Why would you make this assumption? It seems perfectly reasonable to me to assume, in the absence of evidence to the contrary, that a program actually does what it claims to do.
I sometimes do computer forensics for clients and you can be sure that you leave traces. You'd need to wipe out the area of the disk over and over again to fully remove it (sometimes it'll still remain despite that, for undisclosed reasons).
secure erase is the only way to clear all sectors on an SSD but at that point you're just relying on the manufacturer's implementation (and past experience from encryption has ruled that to be a derp).
an easy alternative is just to encrypt the drive using software-based encryption and just delete the key. Windows 10 has now stopped relying on hardware-based ssd encryption because it was found some of it was just garbage.
Edit: Additional caveats: some drives can move data in and out of the non-system viewable area and dead cells cannot be written if they're no longer viable so data can still remain there.
yes I know, even the Gutmann wipe is no longer effective and SSDs are essentially unwipeable, but that's not what this is about. It's about the software not wiping (or not even deleting) data at all when you'd expect it to do so. Generally, you'd expect software to do what it tells you.
The best way to wipe an SSD is to have full disk encryption and then wipe the key off the ssd. Even if you do manage to recover the key which is a big if, you still need the key in your brain. Combined with writing random data over the ssd you will be lucky to pull anything out of it.
I'm not sure why you'd want to do that, considering that it's inefficient (it requires internet access, and it's capped by its speed), and you're rolling the dice on whether it's wiped or not. eg. if you have 100GB of free space to wipe, and the closest you can get to 100GB with your steam games is 95GB, then there's a 5% chance that your data would still be on the disk. Doing something like
Simply filling the disk by any means runs the risk of your incriminating (or whatever) information being retained in a sector that got remapped out from under you that you can no longer write to.
Wiping the encryption key takes care of that problem, as well as being much faster.
Thank you, this is what I was trying to avoid doing by simply filling an SSD with random data. As you mention, I suppose FDE is better, but now you have to ask yourself whether OS level or hardware level is best. In this case if you override an encrypted partition with a fresh OS installation it wont matter as much since most of what will be left will be gibberish.
Sometimes I do just that, I'll install Linux encrypted, and then reinstall later without migrating any bytes. My main concern is work related / personal finance documents being left over on a laptop. I've tested plenty of forensic utilities on my system after erasing files.
I found random source to be slow, so, I made Perl script (in the 90s) - basically writing the same random blob over and over. Two passes with different blobs seemed to do the trick
This is also something I've done, just fill a text file, copy it over and over, eventually look for the old files, it's gone, good enough. It sucks laptops dont come with FDE by default.
There comes a point where I simply won’t believe in magic. Whether it’s 3 writes or 7 writes, at some point there is not enough contextual information left on rigid magnetic media to recover any amount of useable information.
They might be referring to SSDs which would also be bad to do overwrites on since you are essentially killing the life of the drive. Better off just outright filling up a whole drive.
that seems a little naive. what about actual evidence of performing said wipe? a little progress bar showing the 35× overwrite technique maybe, verified by a failed recovery. do any browsers have these small, open source capabilities baked in? seems like nowadays the only way to ensure and audit personal privacy is by having network inspection and disk utilities constantly monitoring these "pro-privacy" apps
Store browsing data in memory. That said, data being available to forensic level HD recovery is very different from data still being used to populate the most visited sites.
even if the browser's storage engine was part of a RAMdisk for each session, such an area would still have to reside in hard disk storage to survive a reboot
Needing to survive a reboot isn't necessary. This system would let you know that nothing is being saved. It's not perfect, but it does that thing very well.
you cannot store the history in memory and survive a reboot, unless you write the memory to disk, then read into memory from disk on boot, but even then the history is being stored on disk and so is recoverable. surviving a reboot is necessary since the point of storing history is to make it accessible later, otherwise you would use incog/private mode, or stronger. I don't know what it is you think I don't think is possible
>surviving a reboot is necessary since the point of storing history is to make it accessible later, otherwise you would use incog/private mode, or stronger.
What actual evidence do you have that incognito mode is wiping the history at session end?
It stores history though, go log into any site in incognito mode. It has the same problem your original post highlights, and is an example of a situation where your history not surviving a reboot would not be an issue.
of course it doesn't actively store history. it doesn't wipe the storage medium so may leave a trace, but that's different. if a browser says it is wiping then there should be proof of this, instead of the "just trust us" stance which the article rightly highlights as dangerous
>that seems a little naive. what about actual evidence of performing said wipe? a little progress bar showing the 35× overwrite technique maybe, verified by a failed recovery
Implementing this is problematic because depending on the filesystem, it might not be possible to "wipe" a file by repeatedly writing over it. For instance, if it's a log structured filesystem. On the other hand, you might not even need to overwrite in some cases, eg. filesystems on SSDs with trim support. Also you don't need 35x overwrites. There's no evidence that even 1x overwrite can be recovered on contemporary hard drives.
Because it is a well known fact that it is trivially easy for a resourced attacker to retrieve data from a storage medium well after your computer claims it is deleted.
> Because it is a well known fact that it is trivially easy for a resourced attacker to retrieve data from a storage medium well after your computer claims it is deleted.
No it isn't. You said nothing about a browser. You said storage medium.
If you need an alternative to Brave, then see https://news.ycombinator.com/item?id=23708688. This comment also shares the auto-suggestions-for-profit which is another reason I'm not using it. Since I cannot use DDG nor Brave, the only alternative (besides the currently bloated Firefox -- in my biased opinion) is ungoogled-chromium.
Not GP, but excluding benchmarks and profiling data, since I've not done that, Brave feels faster. There are times when Firefox gets slow and I need to restart it, new tabs take more time than they should to open, stuff like that.
My experience is 100% on Linux, and perhaps Firefox on Windows or OS X is quite different.
Locately is pioneering the science of Location Analytics. Locately's software analyzes semi-continuous GPS data from mobile phones to better understand what consumers do and how they shop.
Edit: why the downvotes? :/ I like my HN points...
founder has a bad track record on user privacy. Founded Names Database[1], a social media website designed to collect user information as aggressively as possible, before selling all the information to classmates.com.
1. Founded Names Database - a social media website designed to collect user information as aggressively as possible, before selling all the information to classmates.com.[1] (got this from https://news.ycombinator.com/item?id=23709270)
2. Invested in Locately TWO YEARS after founding DDG.[2]
Locately, for those unfamiliar with the company, had built a proprietary data-mining engine which collected data from customers’ (opted-in) mobile phones in order to understand more about what sort of behaviors they were engaging in out in the real world. It could tell how a customer moved from one location to the next, what stores they passed along the way, how long they visited stores, what sort of lifestyle or shopper segment the user fell into, which competing stores a consumer would frequent, how a business compared to its rivals, and much more.
3. The DDG favicon issue since 2018. Was only promised to be fixed four days ago after it got to the front page of HN.[3]
I asked about the privacy practices of the company and 66% of your answer is about the founder and not the company. I specifically wanted information about DDG, not the founder. This kind of response makes me more suspicious of the outrage.
> It doesn't seem to be anywhere (in text) in: /Users/mark/Library/Application Support/BraveSoftware
Of course it's not in text. It's a SQLite3 database:
This is actually a database inherited from Chromium, so I'm not sure if the issue is inherited from Chromium.
Edit: Tried this on Chromium 86.0.4185.0, top sites db is cleared after clearing all browsing data, so probably not inherited from Chromium.
(Btw I wasn't able to repro on Brave because however many times I open news.ycombinator.com, it simply won't register in top sites -.-)
They still use 83.0.4103.116 even with that it's easy to mess chromium up with your patches. I don't think it has malicious intend, just a bug.
[1]: https://brave.com/latest/
83.0.4103.116 is current stable. Chromium itself is distributed in snapshot form (I cask installed it) so naturally it's ahead — kind of like Canary, which is currently at 86.0.4194.0.
This is a bug, have you guys seen a software bug before? What is it with the appetite for outrage? Using brave on Android devices and not planning to switch
Privacy is Brave's value proposition and this bug hasn't been fixed or meaningfully discussed in like six weeks.
Firefox
Right! If X is your value prop you unit test the shit out of X. And patch bugs in X quickly.
Here X=Privacy so, where are the unit tests and patch? Faster now that it's Top on HN.
Ya I find the outright hatred for Brave on HN a bit bizarre. The more sustainable alternatives we have to Google Chrome hegemony the better IMHO. I say this as both a FF and Brave user.
I know nothing about pro and cons of Brave, but many people that criticize Chrome hegemony often see Brave as inconsequential. It has zero leverage on the evolution of web standards as they will never be able to hard-fork the engine.
In particular it does close to nothing to solve the problem of chrome-only websites.
It is one of the reason the demise of edgeHTML/chakra was a bittersweet news for many (in this case Microsoft could have the resources, in extreme cases, to hard-fork blink/V8).
I find HN has a bias against anything that hurts advertising and user tracking revenue. AMP and Brave seem to get a disproportionate amount of attention.
You do know Brave is built on top of Chromium which is funded by Google right? I won't call a browser that relies so much on Google as a sustainable alternative to Chrome.
same can be said for Firefox though (+300 million a year comes from google):
https://en.m.wikipedia.org/wiki/Mozilla_Foundation#Financing
The browser rendering engine for Firefox (Gecko) is independent from Chromium, and as such isn't really reliant on Google. Mozilla's reliance on Google is solely for displaying Google as the default search engine.
sure the engine is not descended from google code but if mozilla didnt have google's funding they would essentially go bankrupt and consequently ff would go byebye. id call that dependence.
Yes but they are at least trying to explore an alternative business model that doesn't fundamentally rely on hoovering up every bit of data there is to know about you without you even being aware most of the time (scepticism of cryotocurrencies aside).
> What is it with the appetite for outrage?
It pretty obviously has a lot to do with Brendan Eich.
And obviously the flaws in thr product itself...
Yeah any time brave comes up here, you can be assured the pitchforks will be out faster than anyone could load (much less read) the article. Seems people are always ignoring many of the unique ideas that brave brings to the space that I think could be quite important, but you never see those discussed.
If a company's selling point is 'privacy', it is perhaps unsurprising that they're criticised when they repeatedly turn out to be quite bad at it.
Brave on Android still includes phone model in the user agent string which is terrible for privacy. There's been an open GitHub issue for over a year at this point, I think. It doesn't appear to be a priority to fix, despite being a massive low hanging fruit for improved privacy.
This just shows that the company isn't actually serious about privacy.
Use Firefox Focus instead: https://play.google.com/store/apps/details?id=org.mozilla.fo...
People fundamentally [1] dislike Brave, so this is just another opportunity to rap on it.
[1] https://news.ycombinator.com/item?id=22510008
Same can be said about a lot of the outrage stories at Google, Facebook, etc. A lot of things viewed as hostile to users are actually bugs.
I'm not suggesting that there shouldn't an outrage against big tech companies. But small company should be held to the same standards, especially as they make those very features their main point of existence.
> What is it with the appetite for outrage?
Outrage and canned evangelical responses require very little effort and rake in the easy karma. Way easier to scream "Firefox" under every post about every other browser than trying to understand a technical issue.
Just look at the heaviest thread (now apparently downweighted by mods). A whopping 86 responses later, can you learn anything from it? Other than the root comment providing some context, I can hardly find anything of value that's not been repeated every single day on this site.
It's a company who's business model is to fork an existing project and use it to remove advertising from content creators and replace it with their own, founded and led by an asshole. I'm not outraged, but I've long since stopped giving Brave any benefit of the doubt.
They are an adtech company. That should be all we need to know, right? I'm willing to change my mind, so far it doesn't make sense to use Brave.
> That should be all we need to know, right?
Not really, their whole proposition is to do ads in a privacy respecting way, and you always have the option to just turn them off entirely. The payments model they have for websites is my favorite thing about the browser and I'd love to see more models like it catch on. Giving the ability to easily fund content creators by just filling up your wallet periodically (without having to view ads if you don't want) is a great idea. Perhaps the execution leaves something to be desired, but I wish people would at least discuss the important ideas it brings rather than simply dismiss it as an evil browser and recommend Firefox + ublock origin (which, while a good temporary solution, is ultimately just kicking the can down the road and doesn't do a whole lot to solve the root issues).
> you always have the option to just turn them off entirely
This is not fully accurate. You have to explicitly find and enable ads if you want them. They are off by default.
Thanks for the correction. I like the idea of what Brave does, but I'm too reliant on some Firefox features (tree style tabs + containers) so I don't actually use it myself and sometimes get it a bit wrong.
Hmm, that's a good point. I wish a non-adtech company created a "pay publishers" tool.
Its a very different ad tech company.
Not only is it opt in, but all the ad matching happens locally.
1) The browser periodically downloads an ad catalog (signal in, no signal out).
2) The browser now holds (1) the ad catalog (with some targeting keywords and terms set by advertisers); (2) your browsing history.
3) It then matches the ads from the catalog against your browsing history.
4) They're actually adware
An opt-in feature to have your notification center fill with ads, and be paid for it. Currently its not hard to get $10/m.
Brave Browser continues to behave in ways that are contrary to their stated principles. I dropped the browser a couple of months ago on the heels of the bitcoin affiliate link scandal and went back to Safari and Firefox.
I am keeping an eye on Braver Browser, a fork of Brave with the intention of removing the questionable behavior: https://github.com/braver-browser
I've also been keeping an eye on Braver. There was an initial flurry of work that seemed to have gotten it to a decent point but no activity since.
What's the advantage of Braver over Firefox? Is it just that you're trying to get ad blocking on iOS?
I don't use IOS (yet) so "no" on that front. I tried Brave and was happy with it until these recent revelations, so upon hearing about Braver I simply decided to keep an eye on it.
Firefox with gorhill's uBlock (search GitHub for official links, because there are imposters) is less buggy than Brave. I highly recommend it.
That's pretty much the only reason I use Brave. But also fuck Apple for forcing everyone to use WebKit.
Firefox still doesn't have ergonomic pinch-to-zoom on macOS... There are experimental flags you can use to get it mostly working, but the gestures can end up triggering navigate-back or -forwards actions.
well, compared to undisclosed affiliate marketing for trading sites[1], soliciting of donations without consent[2] or the recent redirection through affiliate links[3], this seems pretty tame.
[1]: https://github.com/brave/brave-browser/issues/8793
[2]: https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-br...
[3]: https://news.ycombinator.com/item?id=23442027
I'm already using Windows and despite me ticking all privacy checks - I am, as such, trusting MS with my data. Might as well switch over to Edge when I need a chromium-based browser. Threads like these move me in inch closer to that decision. (currently default: Firefox and secondary: Brave)
ps: Edge's reader mode and narrator are top-notch.
I can definitely see the reasoning. I suppose I'm still debating whether it's good to have all my personal information with only one company or spread around a bit more.
If I was going to plump for one company, Microsoft might not be the worst choice simply because their business model doesn't revolve around monetizing my personal information.
> Microsoft might not be the worst choice simply because their business model doesn't revolve around monetizing my personal information.
Yet they seem intent on collecting as much data as possible.
I know right. I don't get it. I would expect a company like Microsoft that makes most of their money selling to businesses would take privacy and security more seriously.
At least I know some of it will be used in an attempt to make their product's UI better for the user.
Compared to google which continues to make their UI more hostile to users with each iteration.
I don't know why you would assume that Microsoft uses their ill-gotten user information to make their UX better and Google to make theirs worse. Is it just because Microsoft's products' UX cannot be made any worse?
my understanding is that most of the web reports back to Google anyways:(
I mean, sure, but there's plenty of add-ons and filter lists that would make the web stop doing that.
* when I need a chromium-based browser *
Try ungoogled-chromium:
https://github.com/Eloston/ungoogled-chromium
Put uMatrix, HTTPS everywhere
That either requires you to spend hours building it yourself, or trust random people's builds.
Edge synchronization doesn't do end to end encryption for your browsing history or bookmarks (for this reason alone you're actually better off with Chrome). Windows 10 also has a low entropy advertising ID, that via Edge is passed to Bing Ads for ads personalization.
Firefox does not send your unencrypted browsing data to Microsoft and it does not send Windows 10's advertising ID to Bing Ads.
---
You may trust Microsoft enough to run Windows 10, but it does not follow that Microsoft already has that data. And giving even more data to a company that already has plenty on you is always unwise.
If you care about privacy or security for that matter, compartmentalization is key.
I hadn't heard about the lack of E2E on Edge's sync, thanks for highlighting it here.
I've disliked Brave from the beginning. Initially because of the pretentious - and frankly appropriated - name, but now for the much more substantive reasons you've cited.
Seriously, if you want a browser that gives you control over your data and privacy, use Firefox. It doesn't do any of this shady nonsense.
Brave is trash, but to say Firefox hasn't done shady things is a bit of joke after the whole incident where they sent full site URLs and interaction data over to Cliqz's servers for a random sampling of users in Germany while being neither opt-in nor clear to the users about what data was being sent.
Short sighted and terrible PR, yes, but to say that what Firefox was doing was shady, specially anything close to as shady as Brave, is being straight out disingenuous.
I was pretty clear about my stance on Brave in the first three words of my comment, but I'm skeptical of any interpretation of user privacy which is so eager to excuse sending user browsing history without asking as not "shady" but simply "short sighted and bad PR" just because Mozilla's the one doing it
appropriated name?
Yes: the concept of browsing the web with your privacy preserved has literally zero to do with the concept of bravery. The name is clearly a statement but not one that's ever made any sense to me.
Not sure appropriated is the word you’re looking for.
re-appropriated
The other browsers don't have "normal" names either.
Chrome and Internet Explorer are both trivially descriptive names.
Internet Explorer maybe, but Chrome? I don't think "Chrome" screams web browser to me. "Safari" seems more trivial than Chrome.
https://www.urbandictionary.com/define.php?term=browser%20ch...
Apparently the main reason Chrome has the name is that the dev team leads like fast cars and that was the initial project code name. The reference to "UI Chrome" was largely an accident.
https://www.thewindowsclub.com/google-chrome-reason-revealed...
And doesn’t actually make much sense, as Chrome when it was released made a point of having vastly less ‘chrome’ than the incumbent IE.
But it was a thin "chrome" over webkit (well, at the time...)
Long before Google Chrome development began (and to this day), Firefox code has used the term “chrome” internally to distinguish between privileged JavaScript code used in the Firefox UI and regular JavaScript from web content.
Sure "browser chrome" suggests a web browser.
But "chrome" to mean user interface is pretty far down the list of definitions for chrome, and even the most generous interpretation is similar to GUI/UI/UX and that doesn't exactly say "web browser".
Internet Explorer yes, Chrome no.
That's not "appropriation", that's just marketing. You can call that "appropriation" if you want but it really just dilutes the very concept you're trying to invoke.
Right, Ubuntu might be considered an appropriated name, but hopefully not because the name is used respectfully by someone who, while not Nguni, is at least familiar with the people.
Doesn’t have anything to do with firefoxes or electroplated chromium either. Shrug.
Pedantic historical browser etymology note: Firefox began as Phoenix, because it was metaphorically rising from the ashes of Netscape. For trademark reasons, they changed it to Firebird. Then they learned that there was already an open source DB using that name, so they picked Firefox.
Brave bought the brave.com domain from the band Brave Combo, whose homepage was listed as http://brave.com/bo since the early days of the web. Last year I was pleased to see that they kept a redirect in place from https://brave.com/bo to band's new site https://bravecombo.com but it appears they've discontinued that courtesy. Too bad.
Firefox prevents me from installing webextensions from sources and even forces me to send the code of my own extensions for my own usage to their webservices in order to use them. This is certainly not a browser that "gives you control over your data", when you're a hacker.
You can load local extensions from about:debugging. They just won't be permanently installed. (Developer edition may be different.) And Chrome's local loading comes with a disable modal at every startup. So I'm curious what browser you consider worthy.
Edit: forgot to mention you can install from 3p sources as I've done from my own site in the past. They just need to be signed by Mozilla first.
>They just need to be signed by Mozilla first
No they don't, xpinstall.signatures.required to false
Doesn't work on "normal" Firefox, does it? Only dev builds or the unbranded version without automatic updates.
Sorry true, should have mentioned that, just works on dev build's and some version from distributions.
Yes, you can temporarily load extensions in firefox, but I certainly won't reload all my extensions manually at every startup :)
I don't think there's really a good browser for both privacy and hacking. I use chromium when I have no choice (not sure what you're referring to concerning the disable modal ; if it's an issue with chromium too, I haven't hit it, and I have 11 extensions loaded from sources).
But my "main browser until it's not enough" is elinks (slightly modified by me to fix ruby support and offer a few more api methods to extensions). I can write extensions as simple ruby scripts, doing things like adding native markdown support, allowing to edit local files, adding proper indentation to HN comments, etc. It's the perfect browser for me (and with cookies disabled and js, css and images not fetch nor executed, it's a good privacy browser as well). But of course, you won't be able to use that to buy something on the web. Still, it's surprising how much I can accomplish with just that.
Try mothra, the browser for the real 'hackers' ;)
http://man.9front.org/1/mothra
Thanks, never heard about it, I'll have a look.
OK now i feel bad, you have to install 9front (it's a plan9 fork) first, then you can use mothra
Disable modal may only impact unpacked extensions then. My apologies for the confusion.
Forking a text browser is impressive. Though to be honest the older I get the less energy and time I have to be picky. (And building Firefox was so painful I vowed to only make changes via extensions.)
It's not that a big deal to modify elinks, because it's a codebase way simpler than full blown browsers. But yes, it still a handful of hours of work, like modifying any software, so you have to actually find it fun to tinker with free software :)
Actually, my first attempt to fix my problem was to try to find in firefox codebase where it deletes the extensions loaded from sources, either at the end or the start of the session, I supposed, to shunt that "feature". But after a week a free time spent on it, I made no progress. The codebase and the architecture are just too gargantuan to be tinkered with - at least for me.
As a hacker, you should start to learn howto use google ;)
'about:config' set 'xpinstall.signatures.required' to 'false'
Yeah, as a hacker,
Wow, that sucks. We use Chrome extensions (from source) to automate aspects of our customer service work, and we can't distribute these extensions on a hosted store.
So Firefox prevents this perfectly reasonable thing? WTF.
> So Firefox prevents this perfectly reasonable thing? WTF.
Not true. You can get them signed without publicly redistributing them.
Do I need permission from Mozilla to sign things? Or are there self-signed certificates? Does that means source distribution works, or do I have to use their "store"?
> I've disliked Brave from the beginning.
As have I. The entire money making scheme behind it, while innovative, is a privacy nightmare.
> Seriously, if you want a browser that gives you control over your data and privacy, use Firefox. It doesn't do any of this shady nonsense.
Agreed, with the caveat that Firefox does have its own, completely different privacy issues[1][2]. Still, it's probably the best choice for a mainstream browser, and there are open source scripts out there[3] to plug up Firefox's few leaks. I used to use (and recommend) Waterfox as a more secure, private alternative to Firefox, but lately Firefox with Shawn's or a similar script applied is just as good. It's generally better to get FF from your operating system's repository and keep it updated that way rather than manually installing a fork.
[1] https://support.mozilla.org/en-US/kb/shield?as=u&utm_source=...
[2] https://www.mozilla.org/en-US/privacy/firefox/#health-report
[3] https://github.com/shawnanastasio/firefox-privacy-restorer
Your first link is about Firefox studies.
I had never heard of these before, but when I go to about:studies, I see that I have never participated in any studies, and when I click the link from that page to "Firefox data collection and use" setting, I see that I am opted out from everything. Pretty sure I didn't do that manually.
Your second link is to a page called "Firefox health report". I have no idea what conclusions I'm supposed to draw from that.
Can you provide more info about the privacy violations you're referring to?
> but when I go to about:studies, I see that I have never participated in any studies
Are you in the US? I also have not participated in any studies but in the preferences it is marked as active. My guess would be that they either run very few of them or are restricted to the US.
I am in the US. It was disabled by default in Debian, but it is on in Windows. It looks like I have not participate din any studies on the Windows machine.
No, Vietnam.
> when I click the link from that page to "Firefox data collection and use" setting, I see that I am opted out from everything. Pretty sure I didn't do that manually.
Are you on Linux? Many distributions include their own tweaks to the Firefox package, including disabling data collection.
There are many other questionable privacy policies from Firefox. Here's one (mobile):
https://support.mozilla.org/en-US/questions/1265029
But there are many others, just search "firefox privacy concerns" or similar keywords. Telemetry data -- Pocket suggestions -- etc.
You're right, and Pocket being integrated into the browser itself rather than remaining a plugin was the one that drove me to Waterfox a few years ago. I just listed a couple of general issues above for brevity's sake.
Mozilla owns Pocket. Why wouldn’t they include their own service in the browser?
Before they bought Pocket it was a plugin/service that was completely optional. They bought Pocket and integrated it into the browser at a much deeper level, making it opt-out instead of opt-in (and very difficult for the average user to opt out; you have to change several settings in about:config which most users have no idea even exists).
I felt they should have made it an opt-in service that the user can choose on the first launch. Taking away user choice is rarely a good thing, and even less so when dealing with anything privacy related.
Pocket, the service for collecting and syncing articles, is basically a separate thing from pocket suggestions.
The original service was integrated a while ago, but it doesn't really have severe privacy implications. If you click a pocket button, it asks you to log in. If you don't click, it does nothing. This is the one that's hard to disable, but it's an annoyance more than a security problem.
Pocket suggestions are newer, showing articles on the new tab page. They are trivial to turn off, and for what it's worth all the sorting/filtering is done locally.
It's the automatic opt-in that concerned me more than anything; any time a company chooses to force a new feature on their users I question the necessity of the action as well as the intent. I had the same issue with automatic opt-in of their telemetry and Studies; I never asked for that and I don't expect it from a company that touts their stance on privacy as a reason to use their software.
My point being, even if Pocket is 100% benign and never leaks any user data, the user should still have a say in whether it is turned on by default on a fresh installation. Anything less is user-hostile, a descriptor Mozilla should avoid if possible.
>The entire money making scheme behind it, while innovative, is a privacy nightmare.
Is it? An ad bundle is downloaded to your pc. Your pc tracks some usage, and stores every analytic locally. Using the analytics, your local client chooses which ads to target you with. You wipe your local data cache, your analytics disappear. I would guess people wished more advertising respected privacy this way.
This seems like much LESS of a privacy nightmare than Google, Facebook, Verizon, Microsoft, Amazon storing a named profile for each person.
>I've disliked Brave from the beginning. Initially because of the pretentious - and frankly appropriated - name
I always joked that if you were really Brave you wouldn't need their browser, it should be more aptly named "Wimp".
I think a better joke would be how you would have to be brave to try a browser that vaguely uses cryptocurrency/blockchain in any way.
How can I get these two features on Firefox:
1. Block scripts on certain domains
2. Block ads & tracking (including on Android)
Those are my favorite Brave features. How do I get them on Firefox?
Answering my own question, Firefox Android allows Add-Ons. So installing uBlock Origin for ad blocking and NoScript Security Suite for script blocking was trivial. So far so good, curious to see how it plays out...
And it turns out uBlock does allow you to block scripts on specific domains, so I don't even need NoScript. Nice.
Install "uBlock Origin" add-on, with "I am advanced user" enabled. And/or "uMatrix" for more fine-grained control.
On mobile: https://play.google.com/store/apps/details?id=org.mozilla.fe... + enable the extention "uBlock Origin" in the settings (not sure the exact steps while writing this, sorry)
On desktop: regular Firefox + https://addons.mozilla.org/en-US/firefox/addon/ublock-origin...
In uBlock Origin, there is a setting that disables Javascript by default (which I use). You can then enable it temporarily or permanently on a per-site basis.
Thank you! Was very easy. Liking this so far.
I use uMatrix to block scripts on certain domains. I used to use NoScript for this, but switched to uMatrix when I found that it gave me much more fine-grained control over what to allow or block.
For ad-blocking, I supplement uMatrix with uBlock Origin. It has its own block lists that it perodically
On top of that, I use privoxy as an http proxy. Unfortunately, it can't filter https.
Yet another part of my defense is DNS blocklists that I put in to /etc/hosts.[1]
Using this combination, I virtually never see any ads.
[1] - https://github.com/StevenBlack/hosts
> I use uMatrix to block scripts on certain domains. [...] For ad-blocking, I supplement uMatrix with uBlock Origin.
As the author of both uBO and uMatrix, I don't understand the need to use uMatrix to block scripts when already using uBO, since uBO can do the same.
Even better, uBO supports replacing certain blocked scripts with a local, neutered version (to lower likelihood of site breakage), something which becomes broken if you block the same script with another extension (i.e. in either NoScript or uMatrix).
uMatrix gives me the ability to select on a domain and subdomain level where to block or allow script and other page elements using its matrix interface.
If this is possible to do in uBlock Origin, I don't know how.
AFAIK, uBO does not have a similar matrix-like interface. So if the equivalent control is possible somehow, it must be hidden further down in its interface, which makes it much less convenient for me than the simple matrix that's behind a single mouse click for me in uMatrix.
I'd love to learn how uBO can be used like uMatrix, if that's possible. There's no need for both extensions if uBO can do it all, but as far as I know it can't.
Off-topic, but seeing as we've got gorhill here:
Any plans to update uMatrix so it behaves nicer on mobile? The popup interface resists pinch-to-zoom and the text is so small as to be literally illegible on mobile devices. So I can't read the various domains to decide which ones I want to block or permit!
[uBlock Origin was recently updated to make it more mobile friendly. Although, ironically, out of the two, it was already more usable on mobile as it was possible to zoom and pan round the interface.]
I'm using Adguard's DNS on my router. 5 of us at home due to Covid-19 and no complaints from anybody about things not working.
NextDNS has a more advanced version (you can add and remove domains) for $19.90/year
It's not quite as good as having a PiHole or similar setup because some devices have their DNS settings hard coded. You have to route those addresses to override your Chromecast, etc.
https://adguard.com/en/adguard-dns/overview.html https://nextdns.io/
I've met Johny Ryan and he seems like an honest and privacy-focused guy. He seems to really care about his work.
I must admit that does not quite fit with a lot of the thing I've read about Brave over the years.
About [1], read the reply from the devs, seems reasonable and it was announced on their blog, it was temporary and could be turned off at anytime. Besides eToro is a well established site in Europe to buy stocks (no affiliations here), the reporter seems to really hate them for some reasons.
[2] was fixed a while ago as mentioned in your link.
[3] was also fixed quickly.
I don't know if you've ever run a company but if you do, I hope your users won't attack you and remember every single mistakes you've ever made even if just 3.
Disclaimer: I don't work for Brave and rarely use it sometimes as secondary browser.
I did run a company and I feared making mistakes. In principle the best way to avoid making kinds of mistakes your users will hate you for is to put user interest first. By looking at Brave's profile I can not say they are living by that principle 100%.
For example, the decision to hijack links to insert their own affiliate links is not a mistake, it was a decision. These kind of decisions are not made by a developer in the team, it is a leadership level decision, coming from principles those leaders live by, and also one that does not put users first. On the contrary, it takes advantage of the users.
The principle of 'forgiving mistakes' applies only to honest mistakes. Otherwise we would all be browsing with Chrome/posting on Facebook/[insert currently hated company on HN here] and forgiving them all their 'mistakes'.
Putting your users interest first needs to be balanced with remaining profitable so you can keep existing. It's hard to put your user interest first when you don't exist anymore.
This is why Firefox decided for example to support non-free mp4 or EME (DRM), even though it goes against their mission of supporting the open web. They decided that not supporting these features would kill their market share, relevance and revenue making it hard to support their users in the future.
When Brave made the decision to insert affiliate, they saw it as a way to help with their revenue which helps their mission without hurting privacy too much (they still block more trackers than any other browser in the market including firefox). Still, they rectified this quickly showing that they are not stubborn and are ready to sacrifice revenue for their users. Anyway, it's not easy to balance all this and you will be hard put to find saints that do it all perfectly out there, good luck finding one though.
> Putting your users interest first needs to be balanced with remaining profitable so you can keep existing.
Although this can be a sound principle for many, I do not agree with it. Brave is not 'entitled' in any way nor should the world bend to make Brave possible. It's a company like any other, with a product like any other and with, IMO, questionable leadrship principles demonstrated over and over again. The market will 'price' it accordingly in terms of market share.
If I was to build a browser (which btw I am doing) I would put 100% user interest first, at the price of not succeeding in the market. That is the only way I could sleep well at night.
> Brave is not 'entitled' in any way nor should the world bend to make Brave possible.
I never said it was entitled, I said it had to balance things to survive.
> If I was to build a browser (which btw I am doing) I would put 100% user interest first, at the price of not succeeding in the market. That is the only way I could sleep well at night.
A quick look at the history of humanity will show you that even the most moral entities had at a point of their existence have to compromise with morality to survive, or made bad choices out of self-interest. Just like every single human being who has ever lived. I don't think you can never ever ever compromise on anything while accomplishing anything significant. By the way, do you plan on taking out mp4 and user freedom hostile features such as EME support in your browser?
You can balance things without making moral compromises. Making bad choices deliberately is different than making bad choices by a virtue of an honest mistake. For this particular feature Brave could have offered to split affiliate revenue with users 50-50. Then even if the idea was received poorly nobody could argue against the right to experiment and try to survive. Keeping 100% for yourself is greedy, shady and unnecessary not to mention uncovers that they don’t really put users first. Why not just run a bitcoin miner in the browser and keep everything for themselves? Where do you draw a line and say this company is not behaving like you are expecting?
> I don't think you can never ever ever compromise on anything while accomplishing anything significant.
I don't think you can never ever ever compromise on anything while accomplishing anything significant.
Not with that attitude you don't.
> mistakes
These aren't mistakes, though, at least not in the sense of accidents. They were bad ideas, but it certainly wasn't a case of "oops, I accidentally added affiliate hijacking, silly me".
I mean, I suppose you could interpret them as severe naiveté and/or incompetence? That's probably the most charitable way to look at them, but still wouldn't exactly encourage me to use the product.
It's the nature of the mistakes that matter here. It's not like some dumb bug; time and time again they do unethical things that harm their users. Why?
And that's just a short list of the shady things Brave has done. For example, Brave has also carried out an illegal security offering with their ICO.
brave's biggest innovation is the introduction of direct payments. i hope that catches on, even if brave fails, because it will truly transform the economics of the internet.
See it. These new browsers claiming "privacy" aren't private at all.
It is more private than Chrome. And full privacy probably doesn't exist.
If that is all they got going I don't foresee them lasting much longer. At least Chrome and Firefox have their own open source browsing engines.
Someone posted on the GH issue that someone posted the GH issue on HackerNews.
https://github.com/brave/brave-browser/issues/9929#issuecomm...
I'm glad I didn't believe the hype. I just run edge, and I have a powershell script that runs on startup, shutdown to wipe everything.
Lost all trust in Brave some time ago, back to FF.
FF?
Firefox.
FireFox
Firefox. You don't need to change many settings to make it much more private than Brave.
What settings would you recommend to change?
Partially points of that list:
https://www.privateinternetaccess.com/blog/firefox-hardening...
Fire. Fox.
I wonder if this is true of "private window" mode as well?
Is it fair to _ever_ say that clearing the history completely removes all traces of visited sites? I have always operated under the assumption that some trace will remain pretty much forever.
Why would you make this assumption? It seems perfectly reasonable to me to assume, in the absence of evidence to the contrary, that a program actually does what it claims to do.
I sometimes do computer forensics for clients and you can be sure that you leave traces. You'd need to wipe out the area of the disk over and over again to fully remove it (sometimes it'll still remain despite that, for undisclosed reasons).
Asking because I don't know: does that also hold true for SSDs if the sectors are overwritten (either with new data, or due to wear levelling)?
Correct. None of the publicly/commercially available software can do that, so don't worry most people won't pay for it.
secure erase is the only way to clear all sectors on an SSD but at that point you're just relying on the manufacturer's implementation (and past experience from encryption has ruled that to be a derp).
an easy alternative is just to encrypt the drive using software-based encryption and just delete the key. Windows 10 has now stopped relying on hardware-based ssd encryption because it was found some of it was just garbage.
Edit: Additional caveats: some drives can move data in and out of the non-system viewable area and dead cells cannot be written if they're no longer viable so data can still remain there.
Thanks: helpful to know.
yes I know, even the Gutmann wipe is no longer effective and SSDs are essentially unwipeable, but that's not what this is about. It's about the software not wiping (or not even deleting) data at all when you'd expect it to do so. Generally, you'd expect software to do what it tells you.
The best way to wipe an SSD is to have full disk encryption and then wipe the key off the ssd. Even if you do manage to recover the key which is a big if, you still need the key in your brain. Combined with writing random data over the ssd you will be lucky to pull anything out of it.
Or fill it with some AAA Steam games shouldnt take long to fill the whole thing.
I'm not sure why you'd want to do that, considering that it's inefficient (it requires internet access, and it's capped by its speed), and you're rolling the dice on whether it's wiped or not. eg. if you have 100GB of free space to wipe, and the closest you can get to 100GB with your steam games is 95GB, then there's a 5% chance that your data would still be on the disk. Doing something like
is much more reliable and isn't dependent on your internet.
Why would any of these suggestions be better than the following?
Simply filling the disk by any means runs the risk of your incriminating (or whatever) information being retained in a sector that got remapped out from under you that you can no longer write to.
Wiping the encryption key takes care of that problem, as well as being much faster.
Thank you, this is what I was trying to avoid doing by simply filling an SSD with random data. As you mention, I suppose FDE is better, but now you have to ask yourself whether OS level or hardware level is best. In this case if you override an encrypted partition with a fresh OS installation it wont matter as much since most of what will be left will be gibberish.
Sometimes I do just that, I'll install Linux encrypted, and then reinstall later without migrating any bytes. My main concern is work related / personal finance documents being left over on a laptop. I've tested plenty of forensic utilities on my system after erasing files.
I found random source to be slow, so, I made Perl script (in the 90s) - basically writing the same random blob over and over. Two passes with different blobs seemed to do the trick
http://edoceo.com/creo/drive-shred
This is also something I've done, just fill a text file, copy it over and over, eventually look for the old files, it's gone, good enough. It sucks laptops dont come with FDE by default.
“undisclosed reasons”
There comes a point where I simply won’t believe in magic. Whether it’s 3 writes or 7 writes, at some point there is not enough contextual information left on rigid magnetic media to recover any amount of useable information.
They might be referring to SSDs which would also be bad to do overwrites on since you are essentially killing the life of the drive. Better off just outright filling up a whole drive.
that seems a little naive. what about actual evidence of performing said wipe? a little progress bar showing the 35× overwrite technique maybe, verified by a failed recovery. do any browsers have these small, open source capabilities baked in? seems like nowadays the only way to ensure and audit personal privacy is by having network inspection and disk utilities constantly monitoring these "pro-privacy" apps
Store browsing data in memory. That said, data being available to forensic level HD recovery is very different from data still being used to populate the most visited sites.
storing in memory would only provide browsing data for the current session, permanent storage of history is not possible without writing to disk
That would provide fairly strong evidence that it was actually being deleted.
if what you are referring to were possible
It's not really hard, you just want a system that let's you save your history through a reboot.
even if the browser's storage engine was part of a RAMdisk for each session, such an area would still have to reside in hard disk storage to survive a reboot
Needing to survive a reboot isn't necessary. This system would let you know that nothing is being saved. It's not perfect, but it does that thing very well.
it is necessary in relation to the original topic of browser history
>seems like nowadays the only way to ensure and audit personal privacy is by...
Storing the history in memory also solves this half of this problem, and surviving a reboot is not necessary to ensure and audit privacy.
edit I'll stop. I can understand the flaws in this setup, I don't understand why you think it isn't possible/wouldn't solve the problem.
you cannot store the history in memory and survive a reboot, unless you write the memory to disk, then read into memory from disk on boot, but even then the history is being stored on disk and so is recoverable. surviving a reboot is necessary since the point of storing history is to make it accessible later, otherwise you would use incog/private mode, or stronger. I don't know what it is you think I don't think is possible
>surviving a reboot is necessary since the point of storing history is to make it accessible later, otherwise you would use incog/private mode, or stronger.
What actual evidence do you have that incognito mode is wiping the history at session end?
I did not say that, I said it doesn't store history
It stores history though, go log into any site in incognito mode. It has the same problem your original post highlights, and is an example of a situation where your history not surviving a reboot would not be an issue.
of course it doesn't actively store history. it doesn't wipe the storage medium so may leave a trace, but that's different. if a browser says it is wiping then there should be proof of this, instead of the "just trust us" stance which the article rightly highlights as dangerous
>that seems a little naive. what about actual evidence of performing said wipe? a little progress bar showing the 35× overwrite technique maybe, verified by a failed recovery
Implementing this is problematic because depending on the filesystem, it might not be possible to "wipe" a file by repeatedly writing over it. For instance, if it's a log structured filesystem. On the other hand, you might not even need to overwrite in some cases, eg. filesystems on SSDs with trim support. Also you don't need 35x overwrites. There's no evidence that even 1x overwrite can be recovered on contemporary hard drives.
Because it is a well known fact that it is trivially easy for a resourced attacker to retrieve data from a storage medium well after your computer claims it is deleted.
Not if it is securely wiped multiple times. At that point they'll go looking at your DNS provider and ISP, or local fusion center.
Right, but my browser isn't doing that. Therefore the original point still stands.
> Because it is a well known fact that it is trivially easy for a resourced attacker to retrieve data from a storage medium well after your computer claims it is deleted.
No it isn't. You said nothing about a browser. You said storage medium.
If you need an alternative to Brave, then see https://news.ycombinator.com/item?id=23708688. This comment also shares the auto-suggestions-for-profit which is another reason I'm not using it. Since I cannot use DDG nor Brave, the only alternative (besides the currently bloated Firefox -- in my biased opinion) is ungoogled-chromium.
Please read https://news.ycombinator.com/item?id=23708986 before deciding on which browser to switch to.
“Currently bloated Firefox” is a baseless claim in my opinion.
I've been using ff for years and had no problem with it. Uninstalled Brave after the affiliate link incident.
In what sense is Firefox bloated compared to brave?
Not GP, but excluding benchmarks and profiling data, since I've not done that, Brave feels faster. There are times when Firefox gets slow and I need to restart it, new tabs take more time than they should to open, stuff like that.
My experience is 100% on Linux, and perhaps Firefox on Windows or OS X is quite different.
Are you a former DDG employee?
And to clarify you do use the DDG search engine, just not their browser.
DDG's CEO has a shady background. It's not as privacy centric as they claim to be.
Source?
His investments into Locately in 2010.
Locately is pioneering the science of Location Analytics. Locately's software analyzes semi-continuous GPS data from mobile phones to better understand what consumers do and how they shop.
Edit: why the downvotes? :/ I like my HN points...
Either someone who's not comfortable with your comment or you forgot to link to a source.
> Either someone who's not comfortable with your comment
Someone who?
Brave team?
Last time this came up:
https://news.ycombinator.com/item?id=23709270
founder has a bad track record on user privacy. Founded Names Database[1], a social media website designed to collect user information as aggressively as possible, before selling all the information to classmates.com.
[1]https://en.wikipedia.org/wiki/Names_Database </i>
Subsequent comments have pointed to the founder’s background. What’s the evidence that DDG itself is not privacy centric as claimed?
1. Founded Names Database - a social media website designed to collect user information as aggressively as possible, before selling all the information to classmates.com.[1] (got this from https://news.ycombinator.com/item?id=23709270)
2. Invested in Locately TWO YEARS after founding DDG.[2]
Locately, for those unfamiliar with the company, had built a proprietary data-mining engine which collected data from customers’ (opted-in) mobile phones in order to understand more about what sort of behaviors they were engaging in out in the real world. It could tell how a customer moved from one location to the next, what stores they passed along the way, how long they visited stores, what sort of lifestyle or shopper segment the user fell into, which competing stores a consumer would frequent, how a business compared to its rivals, and much more.
3. The DDG favicon issue since 2018. Was only promised to be fixed four days ago after it got to the front page of HN.[3]
[1]https://en.wikipedia.org/wiki/Names_Database
[2]https://www.crunchbase.com/person/gabriel-weinberg
[3]https://news.ycombinator.com/item?id=23708166
> What’s the evidence that DDG itself is not privacy centric as claimed?
Past behavior is a predictor of future behavior. (see: Zuck, Thiel, Facebook, Palantir)
------
Why the downvotes again? I gave a reasonable reply to their question.
At least give me a reason for them... =)
I asked about the privacy practices of the company and 66% of your answer is about the founder and not the company. I specifically wanted information about DDG, not the founder. This kind of response makes me more suspicious of the outrage.
Yeah, using software you have to build yourself is a much better alternative. Especially when it's not available for Android at all..
Yes it is