Which privacy browser?

Sar · April 30, 2021, 1:10pm

This is my homepage in Brave atm. TBH I’m fine with this, as I largely ignore the sponsored image - in fact I could/should turn that off as well, but it’s not a huge bother to me.

And if I turn off the sponsored image?

pebcak · April 30, 2021, 1:15pm

With the same setup as in my previous posts, I get consistently 100% blocked. Not sure what might be off on your end.

Beardedgeek72 · April 30, 2021, 1:23pm

I don’t use noscript, so I expect some things to slip thru, but what surprised me was the inconsistency.

SweSG · April 30, 2021, 9:25pm

There shouldn’t be such big differences between the times.

I got 98% on my first test and then I changed my block lists a little bit and got 100%. Now I get 100% on every browser I test every time.

It’s with firewall rules and pi-hole. I don’t have NoScript either.

Beardedgeek72 · April 30, 2021, 10:03pm

Not sure what was going on, I tried three more times and it stayed at 94%.
To be fair it seems one of the red-flagged ones are one that is constantly being petitioned to uBlock to unblock so it is possible that if you don’t have Easylist but uBlock’s default filters it might atm be unblocked.
The other is a few Social Media plugins that I am not sure if I actually HAVE, or if the page is just testing if they would be blocked IF I had them? Oh well.

I am not too worried, just surprised about that result.
(Again, basically I ran the test 7 times giving me 98, 75, 64, 94, 94, 94, 94. Not sure if the test page was drunk, or if uBlock was drunk, or…

SweSG · May 1, 2021, 12:06am

Naomi Brockwell made a small clip on this topic:

Maybe not so much we don’t know about. Posts the clip anyway if someone finds it interesting.

Sar · May 1, 2021, 8:46am

Got the same results with a fresh install of Firefox Nightly with Ublock Origin installed, and no other relevant tweaks/extensions.

pebcak · May 1, 2021, 8:52am

Yes, the arkenfox user.js which I had in the tested browser profile seems to be irrelevant. However I had always both uBlock and NoScript on. Looks like NoScript doesn’t have any bearing on the result either according to your test.

SweSG · May 1, 2021, 8:58am

There’s a difference between ads and scripts. Even the arkenfox user.js does another thing.

pebcak · May 1, 2021, 9:00am

You are right. I disabled NoScript and still get the same result.

dalto · May 1, 2021, 3:51pm

First of all, let me say that this is just my personal opinion.

A browser is one of the most important links in the chain when it comes to privacy and security. I consider two things when selecting a browser. Does it have the controls I need to protect myself and to what degree can I trust the people making the browser.

For me, that second point it is the issue. As for why, we can take walk through Brave’s history. I am going from memory here so I can’t warrant that this is perfect but it is in the ballpark.

The original concept behind Brave is that it would remove ads from websites and replace them with ads provided by Brave. Brave would then share the revenue from the ads with the sites. They were essentially planning to steal ad revenue from sites without permission. As you can imagine, that didn’t go over very well an they were forced to reconsider.

They then came up with plan B. They would allows people to donate crypto to sites. However, for the site to benefit, they would have to opt-in to letting Brave swap their ads out. Of course, they had a problem with this strategy. They didn’t have enough users for many site owners to be willing to share their ad revenue.

This led to plan C. Seemingly overnight they rebranded as a privacy and security focused browser with a bunch of slick marketing. Privacy and security were hot topics at the time and this allowed them to increase their user base. However, there was a small issue. At the time, they hadn’t actually implemented most of the controls they have in place today. They were just claiming to be privacy and security focused.

Since becoming a privacy marketing browser, they have had quite a few missteps, most of which the Brave fanatics write off as mistakes. However, to me, they mostly seem deliberate. I can’t remember all of them but here are a few.

They were whitelisting certain facebook URLs. The whitelist was hard-coded into the software. When they were caught, their response was that people wanted to be able to login to facebook more easily.
They started actively promoting sending BAT to sites that were not signed up with their service. Essentially allowing them skim all those donations back to themselves.
They were caught inserting their own affiliate links into the URLs of Brave users

Perhaps the worst part of all of these breaches of trust is the way they reacted to them. Instead of owning their mistakes, the CEO always has a litany of reasons why what they were doing made sense.

To me that is more than enough for me to not be willing to trust them with my privacy. However, I encourage everyone to do their own research. All these issues are widely publicized and there is lots of ready information on them.

To be clear, do I think that Brave itself is stealing my information? No. Am I confident that they aren’t allowing others to do so? No.

Ultimately, it looks to me like Brave is desperate to monetize the company using whatever means necessary. I am going to be honest, I have nothing against for profit entities. However, the methods and techniques that Brave has used to do this is too underhanded for my comfort.

Now, if privacy isn’t big priority for you, than the trust issue becomes less relevant and Brave is a chromium-based browser with some out of the box privacy and security features enabled by default. However, since this is the “Which Privacy Browser?” topic. I think it is worth mentioning.

otherbarry · May 2, 2021, 3:13am

This. This. More This.

Shonky, underhanded crooks IMHO.

They rely on gullible people to trust their constantly shifting PR spin over their long history of questionable actions & behaviors.

mardi · May 3, 2021, 8:02am

When people are making a choice of a browser they are going to use, it would be interesting to know what part privacy and usability acts as their decision? Do they exclude each other?

To me usability always comes first even if I have paid more attention to privacy lately. I have 3 browsers on my laptop at the moment. They all have different purpose. Firefox is for banking, LibreWolf is for daily use and Chromium is for something Firefox based browsers are not capable (like using Skype web version). On my tablet my daily browser is Brave because it just works better on that old Huawei mediapad T3. I would like to use Firefox or something less “shadier browser” on it, but they all are too slow or lack of some other important features I need.

SweSG · May 3, 2021, 8:17am

I choose the browser I like the most. Which is Firefox. Then I change a little in about:config so it becomes a little more private. I can not bear to work with too many browsers. I test around among browsers sometimes.

I do a lot at layer 3 level instead. Then I only need to do it once.

keybreak · May 3, 2021, 8:57am

Why choose between privacy and usability?

You can have both!

dalto · May 3, 2021, 9:10am

Usability is an interesting word here. If we are talking about usability from a UI perspective, I don’t think there needs to be any compromise. However, in reading your post I think you are using usability to refer more to convenience of use and/or compatibility. In this case, there are certainly trade-offs.

I am willing to trade quite a bit of convenience/functionality for privacy. Most people wouldn’t like my browser. A few examples off the top of my head:

Many things just don’t work because I have them blocked
If I close all my tabs to a site I have to login again
If I click a link from an email I won’t be logged in and may not be able to access it

There are many more but at this time of the morning I can’t easily think of them.

mardi · May 3, 2021, 9:43am

I’m a guy who wants that everything happens now, not next week…
My main browsers get 100 % in this test and block fingerprinting nicely in this. I don’t know if that has anything to do with anything, but it’s enough for me.
To me speed is usability especially with mobile devices. If I want to check bus timetables in a hurry with my phone, I don’t have use for browser which is slow or block me completely from a site I need…

otherbarry · May 3, 2021, 10:16am

My browser is also locked down air tight, with [double digit]+ different profiles for various specific use cases, meaning many sites simply won’t work either. This is where user.js profiles are very valuable.

That is not counting all the VMs configured for different browsing use cases also, including TAILS and Whonix.

Any sites requiring captcha are not even visitied. These sites won’t let you in if they cannot identify you. Good riddence.

pebcak · May 3, 2021, 10:56am

If run on a host connected to Internet through VPN, would that breach Whonix’ anonymity model?

And would running another browser than the default TOR in the workstation do the same?

Sorry @all for “slightly” off-topic.

otherbarry · May 3, 2021, 11:54am

Internet search TOR over VPM, or Onion over VPN, there is lots of info out there.

This was the first article in my search …

https://www.comparitech.com/blog/vpn-privacy/tor-vpn/

IMHO the pros outweigh the cons, and as always it comes down to how much you trust your VPN provider(s).