A More Complete Discouragement of Brave Browser

[LunaGNUisance]

https://privacyguides.org/browsers/

Privacy Guides discourages Brave Browser, which the page itself says is one of the most high-profile privacy-focused browsers. It states that the Privacy Guides has "concerns with Brave’s business practices and future business model that prevents us from recommending them," but does not go on to say what those concerns are. At the end of the section, it states that Brave Browser does not want to be scrutinized, which I believe is a great place to start for good, solid reasons to avoid Brave Browser, but is not on its own sufficient.

Meanwhile, Google Chrome and Chromium are discouraged for several specific and solid reasons on this page. I believe most people will agree that Google Chrome and even Chromium Browser are not good choices very easily, but you will face much heavier resistance with Brave Browser, and for good reason.

Brave Browser ostensibly offers far more privacy protections out of the box compared to Firefox. Brave Browser lets you choose your search engine, as opposed to Firefox, which defaults to Google (and perhaps now Bing). Brave has a uBlock Origin-based ad and tracker blocker that is far more thorough than the ETP found in Firefox, which also offers the ability to turn off scripts. Brave also runs their own server as an intermediary between the user and Google for Safe Browsing, while Firefox (ostensibly) gets the user to fetch SafeBrowsing-related data directly from Google. Uniquely, Brave offers fingerprinting protection.

Brave Browser is also unique from most browsers in that it is open source, so anyone can inspect the code. This isn't true for any other commonly-recommended Chromium-based browser (aside from Chromium); specifically Vivaldi, which is partially proprietary.

Slightly unrelated, there should probably be a section for "small" browsers, like GNOME Web (Webkit), Falkon (Chromium), qutebrowser, Konqueror (KHTML), surf, etc. and whether Privacy Guides recommends or discourages their usage.

To preempt some of the often-cited reasons that people are sheepish regarding Brave Browser, I'd like to offer some of my rebuttals. If the Privacy Guides team disagrees with my rebuttals, these points of contention are a good place to start.

Firstly, what is wrong with Brave's business model? Compare it to Firefox, which despite being supported by Mozilla Corporation, has a very shaky and unreliable business model. The vast majority of its revenue comes from Google, which pays Mozilla to make Google the default search engine on Firefox. Mozilla has tried to create other revenue streams, such as Firefox OS and the phones that would go with it, Firefox Send, and now its VPN service. All of these services ended in failure, aside from the VPN service, because they just didn't make enough money.

Meanwhile, unlike a lot of other browsers, Brave has a clear, strong business model where advertisers pay Brave tens of thousands of dollars for impressions, and users also get a portion of the revenue. It claims that this is privacy-respecting because so many of the decisions regarding Brave Rewards happen client side, so it can't be used to build profiles of people. Additionally, this is opt-in, and not a requirement to use the browser. It's also entirely open source and can be audited.

Brave was caught "hijacking" particular URLs with affiliate links. This incident is often misreported as something it's not. There was an autocomplete option that had the affiliate link inserted. It's a dark pattern, but they didn't "hijack" URLs. Duckduckgo forces affiliate links into some webpages and only tells you on some obscure page that you need to search for, but no one complains about this: https://help.duckduckgo.com/duckduckgo-help-pages/company/advertising-and-affiliates/

They no longer do this.

A lot of people also make the argument that Brave "replaces" ads on webpages with their own. This is a very disingenuous way to phrase the argument. Brave doesn't replace ads. They block ads, and you can opt-in to seeing ads in notifications. If users don't want to block ads, they can disable their adblocker. By default, the wallpaper for a new tab is configured to occasionally show you promotional wallpapers which you won't get anything for until you log in. You have to opt-out of this.

Brave also failed to implement TOR in their browser windows incorrectly, which would have exposed any user's real IP address that used the windows for several months. It's likely that there are other flaws with Brave's TOR implementation, as it was designed to work on Firefox, not Chromium-based browsers. In a support page where they strangely contradict themselves, they recommend that you don't use TOR windows if you want "absolute anonymity": https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-

But Brave is not alone in controversial incidents. Mozilla has also had incidents in the past that would be of concern to users.

Read about Firefox's relationship with Cliqz, the company that created the search engine that Brave is now using for Brave Search: https://www.zdnet.com/article/firefox-tests-cliqz-engine-which-slurps-user-browsing-data/

And this reddit thread, because there was a lot of drama about this at the time: https://www.reddit.com/r/firefox/comments/74yo19/cliqz_and_mozilla_as_i_understand_it_and_metadrama/

They attempted to conceal from users that they even bundled Cliqz with some Firefox installations, which would send some of their browsing data to Cliqz servers, which the company promised they wouldn't use to build profiles of users.

They also bundled the Looking Glass adware into some user's browsers in the same year without explanation, which caused users to panic: https://www.ghacks.net/2017/12/16/firefox-looking-glass-extension-what-it-is/

This didn't compromise user's privacy, but it was some shady behavior worth mentioning.

This year, from Firefox 89 onward, users will be opted into DoH by default and be presented with a notification informing them that they now had "More secure, encrypted DNS lookups", but no mention of what "more secure" protocol they were using: https://support.mozilla.org/en-US/kb/dns-over-https-doh-faqs#w_will-users-be-warned-when-this-is-enabled-and-offered-an-opt-out

The notification is a dark pattern, with a disable option that is grayed out, and doesn't inform the average user of what has really changed. By default, they partner with Cloudflare, which many users may find untrustworthy, but this isn't mentioned in the notification. There is no option to choose an alternative DoH provider, such as NextDNS, in this notification, which they allow you to change in about:preferences.

It's not transparent, and DoH can be used to bypass host files, etc. that a user may have setup for security reasons. For a host of other reasons, DoH is also problematic. Many researchers agree that DoH is less secure than normal DNS lookups. This could compromise a user's privacy.

I hope that the Privacy Guides community and team can have a productive discussion regarding the discouragement of Brave Browser, and that this leaves the community with a good place to start that discussion.

[ghost]

Fully agree @LunaGNUisance, there were only two ways for a browser-maker to earn money: either become a non-profit or sell your data to the highest bidder.

While the non-profit one seems great, but it's neither reliable or substantial. Whereas the one who sells your personal data, can't be considered a private choice. Brave has made its own way to be secure for the future-run. We shouldn't criticize them for this, they are just unique. They even pay us more than the majority of what they earn. Brave is also much secure than Firefox.

They now don't insert there own affiliate links, and even if they did it in the past, it had no impact on our privacy. We should give them a chance. Majority of the people don't change any settings when they install a browser, Brave's developers have already 'hardened' it by default for this reason. They transmit no information to backend servers. Tell me, does Firefox disables 'autocomplete' by default? No, but Brave does!

Think will our grandparents go to Firefox's Settings and tweak so much? No! On Brave you're already good to go!

Even Firefox's Pocket is not so good, people tell to disable it, when it's turned on by default. But everyone criticizes Brave for their 'Rewards', which is already disabled! You don't trust it, don't turn it on, as simple as that! There fingerprint protection is also sufficient, if not perfect . Nothing is perfect! Brave even tells you to use DuckDuckGo, does Firefox do it? For no good reason you can say Brave is bad! You may say of their telemetry P3A, but on the first start-up, they even tell you, you can disable it in full-transparency, does Firefox tell you about their telemetry? No!

Brave is good, if not the best! C'mon privacy-advocates, we should add it!

[LunaGNUisance]

I'm not necessarily advocating for Brave Browser as much as I'm asking for a stronger argument against Brave Browser. There are things that make me uncomfortable about Brave, too, especially because it's nowhere near as community-centric as Firefox is, and, as you mentioned, not a non-profit. Things like auto-completing affiliate links in the URL bar makes me uncomfortable and wonder what else Brave is doing that we don't know about yet; a browser should be a neutral tool in my mind. I also think search engines should be neutral, but affiliate links in a website are more forgivable.

Now, that said, it seems that Firefox has also added sponsored autocomplete links to the address bar too, so it's not like Firefox has the moral high ground here.

If these are the reasons why Privacy Guides recommends against Brave Browser, that's fine, but they need to outline the reasons instead of just vaguely alluding to it, especially because Brave Browser is such a contentious issue.

Please note that, as mentioned on the page I linked in this discussion, Privacy Guides can't recommend Brave Browser, because Brave has petitioned the project to de-list them on account of not wanting to deal with "trolling": privacytools/privacytools.io#657

I think Privacy Guides has a point when they say that Brave is doing this to avoid scrutiny; to the point that they want to ask a privacy community not to recommend Brave.

But I also think that the current arguments against Brave don't hold much water, so I guess we'll see.

[dngray]

This will be decided on when we conclude https://github.com/privacyguides/privacyguides.org/discussions/453 no doubt.