Posted on 06/09/2020 6:49:48 AM PDT by rarestia
Chromium-based Brave stumbles in its efforts to shake up the browser business with cryptocurrency and privacy.
Brave, the privacy-focused Chromium browser from Mozilla co-founder and JavaScript creator Brendan Eich, has come under fire for automatically redirecting URLs typed into the browser's address bar to a version of the URL it profits from.
Brave is trying to carve out a new business model by offering users the choice of viewing ads in exchange for Brave's cryptocurrency, the Basic Attention Token (BAT).
Users can also tip websites they regularly visit in BAT credits based on the idea that website visitors want to pay sites based on user attention to content instead of ads served. It now has 15 million users who have chosen it for its privacy promises.
But, as reported by cryptocurrency news site Decrypt, Brave was caught redirecting the typed URL for Binance, a popular crypto exchange, to a different version of the site's URL that Brave earned revenue from. It was doing this without gaining the consent of Brave users.
The redirect was discovered by Yannick Eckl who revealed on Twitter over the weekend that typing in binance[.]us or binance[.]com in Brave redirects the user to the affiliate link 'binance[.]us/en?ref=35089877', which earns Brave money.
Brave promoted a deal it struck with Binance in March to bring the exchange's widget to the browser as part of its effort to create a different business model to other browsers, such as Mozilla's Firefox, which has historically earned most of its revenues from deals with search-engine providers, such as Google. The widget was designed to make it easier for Brave users to trade cryptocurrency.
The practice is a betrayal of trust for Brave users and potentially its affiliates too, which arguably shouldn't be paying Brave for visitors who type the affiliate's URL directly into the browser's address bar.
Eich, Brave's CEO, apologized for the redirects and offered an explanation for the behavior, claiming it was a "mistake".
"It's not great, and sorry again. I'm sad about it, too," he wrote.
"We made a mistake, we're correcting: Brave default autocompletes verbatim 'http://binance.us' in address bar to add an affiliate code," wrote Eich.
"We are a Binance affiliate, we refer users via the opt-in trading widget on the new tab page, but autocomplete should not add any code."
However, other Twitter users challenged the idea that Brave had simply made a mistake. Further research of Brave's GitHub repository revealed it was also redirecting the URLs of Ledger, Trezor and Coinbase to URLs that Brave profits from.
In defense of the apparent error, Eich also explained that Brave is "trying to build a viable business that puts users first by aligning interests via private ads that pay user >= what we make on fixed fee schedule, no browser data in the clear on any of our servers, and so on. But we seek skin-in-game affiliate revenue too".
"The autocomplete default was inspired by search query clientid attribution that all browsers do, but unlike keyword queries, a typed-in URL should go to the domain named, without any additions. Sorry for this mistake – we are clearly not perfect, but we correct course quickly," he wrote.
He stressed that Brave was not rewriting links in webpages and never would. The behavior was limited to autocompletions when users type in a URL in the browser's address bar, according to Eich.
Users who don't want URLs to the crypto sites to be automatically converted to ones that profit Brave can disable the feature 'Show Brave-suggested sites in autocomplete suggestions'. A future update will switch the setting off by default.
So you prefer the Chinese browser. And, Opera runs on Chromium. Have you checked the app store?
Thanks for the ping. Glad to see you survived the riots.
And Vivaldi just did a virtue signal...
What’s “the app store”? For phones?
I’m using an commercial/industrial-grade HP desktop Win-7 pro x64, and an old Samsung flip phone which only makes/takes calls.
It’s gotten very bloated since it first came out.
https://chrome.google.com/webstore/category/extensions?hl=en-US
You can also get there through your browser extensions.
umatrix
How did Brave doing this hurt your privacy/security?
It didn’t. It’s about disclosure, that’s all. That was my point.
Just switched FRom Firefox to CCleaner browser. Very much satisfied with it.
Try the CCleaner Browser and Startpage, The world’s most private search engine!
Try the CCleaner Browser and Startpage, The world’s most private search engine!
Really?
This is what you said “What’s a privacy minded luddite like me to do to protect my privacy and security? It’s damn’ near impossible.”
Was that just sarcasm?
Binance is one of the companies that advertise with Brave. I will load their ads to get the BAT. As long as they don’t send PII, I am not too concerned about it. But it is good to see that the legacy media regards them as a threat. IMO it means that Brave is on the right track.
Partially. If you knew me you'd know I'm far from a luddite and I'm very privacy minded. So it was more of a rhetorical question that didn't need an answer.
Bottom line is if someone like me misses details like those talked about in this thread, the average Joe who wants to move off Windows to something else like Linux is probably going to land in a similar position to the one they're in today.
Have a great day.
I’m way out in the exurbs, and there was no way I was going to counter protest a riot, but thanks!
The problem w/ some of these off beat browsers are a lot of financial orgs you may deal with do not let you use these. So on those Chrome seems to be the only way to go. I am a Pale Moon guy but a lot of videos won't run on it. Love to try one of it's spin offs, but having Multiple Profiles that carried through from Mozilla before they came political is what I need, I have multiple browsers w/ different bookmarks for that interest set.
Can you do Multiple Profiles in CCleaner's browser? BTW, I worry about them, you install CCleaner on your laptop, it won't shut off no matter what you do in sys manager, what anal exam are they giving you that you don't know about, I had to install it, too much..
In my attempt to continue with Brave on win7 I hit a dead end.
The Brave I got now eats memory and will crash my machine within 24 hours of running.
When I try the Brave embedded upgrade or update it fails and won’t perform.
So I close it and use Waterfox.
Gotta pay for those BATs somehow.
So long as the user's privacy isn't compromised by the redirection -- which is the whole idea behind Brave in the first place -- I say no big deal.
I don’t know - I’m not a sophisticated enough internet guy to even understand what “Multiple Profiles” are.
Download it and try, is all I can think of.
Good luck!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.