BTW just noticed that Tor has a rust based client called Arti : https://blog.torproject.org/arti_1_3_0_released/ | https://gitlab.torproject.org/tpo/core/arti/-/blob/main/README.md
But it’s not stable yet.

Nice observation. Does that mean Brave only use the password-manager locally unencrypted on your computer similar to Chromium?
Never used Brave myself, not sure how they implemented it.

On Linux, it will integrate your keyring if you let it. If you don’t, it will store it in a file the same as Chromium. However, the security of the keyring once it is unlocked varies based on your configuration and which keyring backend you are using. For example, when using gnome-keyring the passwords have minimal protection if the keyring is unlocked.

I am not sure how it works on Windows/MacOS.

Of course, you can easily work around this limitation by not letting your browser store your passwords in the first place. IMO, that is what a password manager is for but I know many people disagree.

If that is the funniest thing you have ever read on this forum than your understanding and sense of humor seems a bit… odd. My point still stands: You don’t need money to maintain development. You trying to laugh about that and stating that as the funniest thing in this forum makes me leave this discussion “bro”. Bye.

Really? How so? I’m genuinely curious to know you don’t need money to maintain development and keep things going.

Also, it was funny because it just seems, to me, so extremely counter intuitive and outlandish, I couldn’t help but laugh. If you have an explanation for it, outside of maintainers working out of their good will on maintaining things, around the clock, just so people can use their creation, I will be really interested to know. If I offended you, which seems to be the case, I apologize.

I guess that one point would be that there are many open-source products that are maintained entirely by volunteer contributors.

A counterpoint to that would be that none of those projects are on the size and scale of Firefox. I think it would be difficult to maintain a fully featured browser without a core of paid resources.

You know what? I was really dumb for saying that. I’m sorry for that.

Do not change your ways, speak your peace.

I could have said it in a better, less offensive way.

The counterpoint is what I’m thinking about. Volunteer work and donations can only get so far. You simply can’t actively maintain and be decent to use without paying developers to actively try to keep up with things.

Mainstream browsers and “privacy” is just pretty marketing. If you about run a drug empire, you have to make your own tooling to keep things under the radar. Debating the security of browsers like Brave and Firefox is like comparing Google and Microsoft

This argument would hold water if either Brave or Firefox were actually mainstream.

But mainstream only really applies to Chrome, Edge, and Safari.

Firefox, Vivaldi, and Opera come close but don’t quite fit the definition.

While for “normies”, they would put Brave, Librewolf, and the rest in the buckets of:

• “I don’t see why I would use a browser that focuses on privacy”.
• “I don’t see why I wouldn’t just use mainstream browser X”.

Remember that “mainstream” focuses on what is normal and popular on a global scale.

I see why some people have voiced ethical concerns. What was/is the anti-privacy behaviour though? (is that documented?)

This study’s approaching 5 years old soon, but it’s an interesting read and at least offers a historical comparison if nothing else. It was a study I became aware of some years ago when having similar discussion involving Brave.

Web Browser Privacy: What Do Browsers Say When They Phone Home?

Off the top of my head:

Whitelisting facebook trackers in the code with no way to opt out or any type of notification that it was happening. Then they got caught, blamed the user base and then eventually created a way to opt-out. As far as I know they are still whitelisted by default unless you opt-out.

They were caught transparently injecting affiliate codes into URLS. Above and beyond the unethical side of this, it effectively nullified anything you were doing to hide your browser if you accessed one of those sites.

To be totally clear, I am not saying people should not use Brave. I just think their history of shady behavior should be one of the things people consider when choosing a browser.

Brave has some positive things going for it:

• It has decent privacy protections out of the box with no real tweaking required
• It is probably the only real choice for a browser with decent privacy controls that is Chromium-based

Personally, I do use Brave when I must use a Chromium-based browser for some reason.

Interesting that I don’t see any mention of firedragon which is the default for garuda and derived from floorp and librawolf. From a user perspective it’s been pretty much identical to regular firefox.

My assumption is that the reason for this is that FireDragon’s user base mostly uses Garuda. Mostly gamers use Garuda, and gamers don’t usually care about/focus on privacy. At least not in my experience and not the ones I’ve watched on Twitch or YouTube.

Excluding casual gamers here. I’m specifically talking about hardcore gamers.

Just an assumption, anyway.

I have even heard of this browser until now and it mostly seems to be a fork with tweaks to the defaults. If you like it, that’s good. I’m sure it is fine to good as a browser.

Offtopic: I know many hardcore gamers that play only chess and only on lichess (stream on twitch)
Though I agree gamers don’t care. In this case they choose lichess not because it’s foss, privacy friendly but it has all the features of other competitors and the UX is 100-times better than chess.com.

I think same rule applicable to all products. Most of the general public don’t care if it’s foss-privacy friendly or not. Only good user experience, features, price matter (in browser case security too) and then maybe privacy if possible.

If foss alternatives exist with almost similar feature & UX as the proprietary one then people will migrate to it. Because in that case +privacy will be a feature itself.

Well I guess I break the stereotype because I’m absolutely the total opposite of a gamer. I do like the performance garuda has given me including brtfs w/snapshots. The theme took some getting used to and I’ve installed another theme that keeps the icons but isn’t as much in your face. The description for firedragon states:

FireDragon

About

FireDragon is a browser based on the excellent Floorp browser (also called the Vivaldi of Firefox’s). It was customized to have dr460nized-fitting aestetics as well as many opiniated settings by default. As this browser was originally a Librewolf fork, we are trying to integrate its best patches and tweaks in the new base. The most important features in addition of Floorps own ones can be found below.

• Searx & Whoogle search engines added, with the possibility to run locally if fitting deps are installed
• The default search engine is Garuda’s SearxNG instance
• Dark Reader
• Sweet theme added
• Custom, dr460nized branding
• Keeps privacy-enhancing settings in sync with Librewolfs changes
• Firefox accounts are enabled and profile data is synced to a custom self-hosted sync server (ffsync.garudalinux.org)
• Presets for both profile-sync-daemon (which Garuda Linux ships by default) & Firejail are available
• Faster webpages loading from:
  • Custom Firedragon settings
  • Inclusion of FastFox tweaks
• Hidden Navigation buttons instead of being greyed out when they are inactive
• PBMode Security
• Latest Fingerprinting as an option in firedragon.cfg (you can copy to your own firedragon.overrides.cfg and enable there)