I’ve been using Brave for the past three or so years but I do know that Linux/privacy enthusiasts tend to swear by Firefox. Wanted to get people’s thoughts on this topic to see if I should be making a potential switch. Thanks!

  • @[email protected]
    link
    fedilink
    English
    321 year ago

    I haven’t done an audit of either but here are some points to consider:

    1. Brave is built on top of chromium, so it “by default” exposes lots of new APIs that Google is introducing that make fingerprinting easier if not outright invade your privacy. For example see https://mozilla.github.io/standards-positions/ and look at the “negative” items. Many of them such as Web NFC, Web Bluetooth and WebUSB API are against because they don’t have adequate protections against fingerprinting or other privacy or security concerns. Brave seems to do a pretty good job removing or disarming these APIs but they are basically trying to keep their balance on a shaky and antagonistic foundation.
    2. On a similar note Google pushing these APIs work because of the greater market share. Again, derivatives can provide some resistance by disabling these APIs but unless all of them block the same APIs they will still be available widespread. So using a Chromium-based browser harms the entire web over time by allowing Google to have control. Right now Firefox (and derivatives) and Safari are the only browsers that you can use to truly oppose Google’s control over the web platform.
    • Artemis Colour
      link
      fedilink
      English
      6
      edit-2
      1 year ago

      Agreed! Many times I faced the fact that the Chrome developers don’t follow the W3C standards, but they require it from Mozilla. Therefore, some functionality will only work in Chrome, but not in Mozilla (it’s not their bad!).

  • @[email protected]
    link
    fedilink
    English
    261 year ago

    Brave has tried one scam after another before. I wouldn’t trust it for a second for any use.

    • Voxel
      link
      fedilink
      English
      -12
      edit-2
      1 year ago

      Please provide any evidence for your false claim.

      • @[email protected]
        link
        fedilink
        English
        131 year ago

        Not OP, and these aren’t scams as such, but there was some controversy with Brave inserting affiliate links within web pages and also hijacking links to redirect to other URLs that would earn them money.

        The CEO also has some controversial views on the Corona virus and LGBTQ rights.

        • Voxel
          link
          fedilink
          English
          21 year ago

          The CEO was before CEO of Mozilla lmao, but stepped back, because the entire Internet hated Firefox, because of his political opinion.

        • @[email protected]
          link
          fedilink
          English
          -61 year ago

          The CEO also has some controversial views on the Corona virus and LGBTQ rights.

          Completely unrelated to “security” or “privacy”.

          • @[email protected]
            link
            fedilink
            English
            131 year ago

            I disagree, especially from a privacy perspective. Just as an example, if the CEO of the company goes on a full power trip (Elon, for example with banning users/censoring content that doesn’t align with his views), whose to say they won’t include nefarious changes to their product or service that could jeopardise users they don’t agree with, or start handing over data of their users?,

            I’ll need to find the article again, but if I’m not mistaken in my recollection, I recall reading about an app collecting and handling over data to anti-abortion organisation.

            • @[email protected]
              link
              fedilink
              English
              -7
              edit-2
              1 year ago

              Again, this has nothing to do with technical issue regarding privacy or security. People are just making excuses. Don’t use it if you prefer something else, but don’t mix non-relevant stuff or paranoia in a semi-technical discussion.

              By the way, that’s funny. In a similar way, I hope that you or other virtue-signaling people, don’t buy stuff on Amazon (i.e., support them) as the are notoriously mistreating their warehouse workers. Yes, it’s unrelated. I’m just point out a blatant hypocrisy.

              • @[email protected]
                link
                fedilink
                English
                81 year ago

                Where was it mentioned by OP or yourself this is limited to a purely technical discussion? You’re in the Privacy community, if you read the sidebar it states it’s for discussion for digital privacy, including abuse of power, which is what I and others are discussing with this topic.

                • @[email protected]
                  link
                  fedilink
                  English
                  -5
                  edit-2
                  1 year ago

                  “Private/secure” is in the title and has nothing to do with the political/social view of the CEO. Until abuse of power happens/is proven, there’s no point in spreading FUD, fear-mongering and manipulation. As if FF and Mozilla didn’t have their fair share of controversies as well…

                  Don’t even bother replying, this is going to be my last comment in this thread (and probably in this sub, as I’m tired of discussion on “privacy-oriented” subs becoming paranoid every-fucking-time).

                  Good luck.

          • deejay4am
            link
            English
            61 year ago

            Yeah but it’s a great reason not to support them

            • @[email protected]
              link
              fedilink
              English
              -4
              edit-2
              1 year ago

              Again, this has nothing to do with technical issue regarding privacy or security. People are just making excuses. Don’t use it if you prefer something else, but don’t mix non-relevant stuff in a semi-technical discussion.

              By the way, that’s funny. In a similar way, I hope that you or other virtue-signaling people, don’t buy stuff on Amazon (i.e., support them) as the are notoriously mistreating their warehouse workers. Yes, it’s unrelated. I’m just point out a blatant hypocrisy.

      • 133arc585
        link
        fedilink
        English
        6
        edit-2
        1 year ago

        Depends on what you call a scam. I am not sure it’s the right word, but duplicitous behavior and definite privacy violations (even if by negligence) are absolutely true.

        They have sent out direct mailers that basically equated to a customer list leak; also I’d take a peek at the wikipedia entry about their business model, which mentions some stuff that isn’t the most savory:

        … Brave earns revenue from ads by taking a 15% cut of publisher ads and a 30% cut of user ads. User ads are notification-style pop-ups, while publisher ads are viewed on or in association with publisher content.

        On 6 June 2020, a Twitter user pointed out that Brave inserts affiliate referral codes when users navigate to Binance

        In regards to the mailers, they messed up and passed blame,

        In this process, our EDDM vendor made a significant mistake by not excluding names, but instead including names before addresses, resulting in the distribution of personalized mailers.

        With regards to the CEO, he made a donation to an anti-LGBT cause when he was CEO of Mozilla in 2008. He lost his job at Mozilla due to his anti-LGBT stance.

        He also spreads COVID misinformation.

        • Voxel
          link
          fedilink
          English
          11 year ago

          Tbh. Mozilla wasn’t better in the past and as long it doesn’t affect the product I don’t mind the political views of the owner (it’s still concerning). As long Brave can provide me better privacy and security for my daily browsing I will continue using and recommending it. And listening to Wikipedia he stepped back, by himself.

        • @Unlucky_Boot3467
          link
          English
          -121 year ago

          Really loving how a CEO’s political views somehow fucking matter the security of a browser lmao. God I fucking hate this generation

          • @[email protected]
            link
            fedilink
            English
            81 year ago

            It’s just a conversation dude, you can make your point without the need for Reddit style aggression.

            The views of those CEO can in some instances be important, those in charge shape the direction of the company and ultimately the product. Look at Twitter for example, once a place of relative free speech, but now controlled by a CEO who bans users he personally doesn’t like, demotes content that doesn’t fit his beliefs, and prevents linking to other services like Mastodon/Lemmy/Instagram.

            I’m not claiming it would, but whose to say similar censorship wouldn’t happen with Brave? The CEO has already injected content into webpages and redirected links for monetisation purposes, what if more nefarious actions were taken for content he doesn’t agree with?

  • @[email protected]
    link
    fedilink
    English
    17
    edit-2
    1 year ago

    Is it more private than brave? Normal Firefox: no Librewolf (Firefox Fork): yes Hardened Firefox: yes

    • FarLine99
      link
      fedilink
      English
      21 year ago

      Good answer. Hardened Firefox or LibreWolf with some extensions are awesome options for privacy!

    • Voxel
      link
      fedilink
      English
      11 year ago

      LibreWolf nd Brave are on the same Level if both are hardened.

  • @[email protected]
    link
    fedilink
    English
    141 year ago

    Hardened Firefox with Multiaccount Containers is the most private daily driver browser you can have

    • @Cannabisms
      link
      English
      21 year ago

      Mull on android too, hardened firefox

      • FarLine99
        link
        fedilink
        English
        11 year ago

        Mull is awesome! And you can install normal desktop extensions with it. Killer feature 🔥

  • @[email protected]
    link
    fedilink
    English
    111 year ago

    As hard as it is for me to admit, and based on some tests, Brave had better fingerprinting resistance than Firefox. I don’t trust the guys behind Brave, but their product is good.

    • @[email protected]
      link
      fedilink
      English
      41 year ago

      Iirc isn’t it more like Brave is better out of the box, but given sufficient configuration, both are more or less equal?

      • FarLine99
        link
        fedilink
        English
        11 year ago

        Out of the box - yes, maybe. But I think that with some extensions (uBlock Origin, CanvasBlocker, Chameleon) and tweaking hardened Firefox (LibreWolf, Mull) would be way better!

  • flatbield
    link
    fedilink
    English
    101 year ago

    Not the point. Using a chromium browser is a vote for Google domination of the web. Just no.

  • @heimlichmanure
    link
    English
    101 year ago

    Brave isn’t more private than Firefox but depending on the platform that Firefox is on, Firefox might be less secure than Brave.

    • FarLine99
      link
      fedilink
      English
      21 year ago

      For security - yes, chromium-based. But for privacy Mull (Fennec) with extension support would be superior!

    • @doofiss
      link
      English
      1
      edit-2
      1 year ago

      deleted by creator

    • @[email protected]
      link
      fedilink
      English
      11 year ago

      No sync that way though, so I’m not sure how someone would access bookmarks, history, and open tabs that way.

      • @[email protected]
        link
        fedilink
        English
        21 year ago

        Up to you if you think that feature is worth the security/privacy loss. Personally I’ve not missed syncing tabs across devices, I do most things on the one device anyway.

        • @[email protected]
          link
          fedilink
          English
          21 year ago

          I don’t think there would be any privacy loss, Firefox sync is encrypted and all that. I work on multiple devices so I absolutely need it.

    • @[email protected]
      link
      fedilink
      English
      91 year ago

      At least Librewolf is a thing. I use both, really, mainly Librewolf, and for anything I can’t open with it that is absolutely necessary, Brave. Librewolf is still my main choice more out of principle, both are equally good feature-wise in my opinion.

  • Voxel
    link
    fedilink
    English
    2
    edit-2
    1 year ago

    Brave is more secure, in terms of safety, because it’s base on chromium and has unique Privacy Features. If you won’t use Brave, LibreWolf or hardened Firefox is ur best choice.

    • @[email protected]M
      link
      fedilink
      English
      91 year ago

      While Chromium itself is a very solid platform, and correspondingly Chrome is a hard exploitation target, it’s quite easy to screw up a fork of it. Comodo Secure Browser was a chromium fork that was fixed to an old version of the renderer with known security issues and was built to disable the sandbox. It also added libraries that were compiled without ASLR that worsened security for every application that loaded them.

      Chrome has an enormous security team behind it in addition to P0, so bounties on Chrome exploits are around $500k. FF bounties are a fifth of that, which is probably a portion of less security, and a portion of lower target market. Brave could be doing terrible things that without an audit would be unknown. Web3 code is pretty terrible on the whole, so adding that to a secure base may not be great…

    • @[email protected]
      link
      fedilink
      English
      81 year ago

      Brave is so unsecure because it uses chromium. The only unique thing i saw on brave was the crypto miner included. Chrome can easily just change terms so that brave looses his licence for chromium. Firefox is more secure in the way it is more secure, because they are not focused on stealing your data and there is librewolf yeah that one is open source and is the most secure of those 3

      • Voxel
        link
        fedilink
        English
        0
        edit-2
        1 year ago

        Yep. They definitly added a crypto miner into their opensource code. 👍

          • Voxel
            link
            fedilink
            English
            01 year ago

            It would be the stupidiest thing ever.

              • Voxel
                link
                fedilink
                English
                01 year ago

                If you read it, you realize it isn’t bad as it sounds and has nothing to do with there browser and really less with trustworthyness of the company in terms of privacy and security. So instead of trying to find evidence why “Brave is bad” make a Pro and Con List for Brave and compare it with the google infected Firefox and you will see why I prefer Brave as the browser of trust and use LibreWolf as second, because it’s like a real private version of Firefox.

      • @emax_gomax
        link
        English
        -11 year ago

        Unsecure how exactly? Being chromium makes the browser more standard. It blends in with other browsers easier which means it can add protections while still showing itself as chromium compatible. I’d like to learn more about how chromium can just kill forks by updating the license, last I heard it was a BSD compatible one and I wasn’t aware of it retroactively restricting access. Of course google can just fork and deprecate chromium with a more restrictive license given their the key copyright holders but as their project that isn’t surprising. Firefox isn’t interested in harvesting your data but that isn’t security, it’s privacy. Most chromium forks are the same. Brave doesn’t harvest your data. It did once (and it can be argued you should avoid it just for that) but you seem to care less about which browser is best for your online privacy and more for just shilling firefox. For reference I use and love librewolf, but I like to consider myself open minded enough to try the other options… such as they are.

        • @[email protected]
          link
          fedilink
          Eʋegbe
          11 year ago

          Every browser that is chromium derived is depending on google. I tried before firefox chrome. But after the v3 manifest. That killed every “real” adblocker and script blocker. And that you cant block scripts is so secure :) ! Firefox IS the other option. F*** chrome browsers is my motto. As they are just poison. Because the fake “Polypol” google is creating with chromium.

          • @emax_gomax
            link
            Eʋegbe
            11 year ago

            Again, I use Firefox, for the most part because of the reasons you’ve described. But none of what you’ve said is really an argument for security or privacy against the browser. If you just wanna say Google = evil, so don’t trust anything they make, that’s fine. The chromium forks aren’t google owned and they don’t need respect what google tries to do. Case in point manifest v3 came and brave still has native ad blockers and intend to support both manifest 2 and 3 going forward. It’s really just a matter of who has the bandwidth and funding to maintain a browser of the scale of chromium or Firefox. Google clearly does, mozilla does a decent job despite the iffy funding situation actively restricting donations purely for the browser. If its just small privacy enhancing tweaks atop chromium smaller vendors like brave can do that. End of the day chromium is a well optimised, standardised and frankly well written browser that is perfectly fine for anyone that wants to use it. Should Google be the entity in charge of chromium given their clear conflict of interest, obviously not. But no one else has stepped upto the plate and mozilla is clearly the inferior in regards to features or browser optimisations (just due to scale of support available). Don’t get me wrong, Firefox is great and everyone should use it for their own sakes, but this just blind fear mongering of anything chromium related isn’t productive.

    • @[email protected]
      link
      fedilink
      English
      71 year ago

      Brave is more secure in terms of security. Security and safety are two entirely different attributes from a technical pov. And privacy and security are also not the same, though privacy is greatly impacted without security as you implied.

      Firefox is more private than Brave but less secure. Neither is necessarily safer than the other, it depends on how much either app tends to misbehave within the constraints of your own use case. Since the use cases are different (privacy vs. security), it’s harder to compare safety on an even playing field.

      • Voxel
        link
        fedilink
        English
        11 year ago

        I would like to see evidence for your claim that Firefox is more private.

        • @[email protected]
          link
          fedilink
          English
          41 year ago

          Exhibit A: The Tor Browser, which focuses on maximizing privacy, is based on Firefox rather than Chromium. They upstream a lot of their major stuff to regular Firefox.

          Exhibit B: Firefox therefore has privacy features that Chromium-based browsers just do not have, like first-party isolation or letterboxing for example.

          Brave’s preconfiguration is a lot more private than Firefox out of the box, but hardened* Firefox is more private than Brave even with extra work put in.

          *: Not just configuration (Arkenfox) but also patches. Like Librewolf (better) or Mullvad Browser (even better) or straight up Tor Browser (best).

          • Voxel
            link
            fedilink
            English
            01 year ago

            Brave and Chromium itself has same good firstparty isolution as Firefox. If you check https://privacytests.org/ you can compare it with LibreWolf which is prehardened Firefox and hardened Brave is stronger then hardened Firefox, due the fact it don’t need to have a lot of users to function + it uses the hide in the crowd effect + randomization at the same time which is stronger then only trying to make everyone looking the same.

            • @[email protected]
              link
              fedilink
              English
              11 year ago

              Librewolf is not really prehardened Firefox, Librewolf is Firefox with the Mozilla stuff torn out. It’s more private than regular FF but a long way out from Tor or Mullvad browser. You’re right that out of the box Brave will provide better privacy than Librewolf, but everything else you said doesn’t really make much sense.

              • Voxel
                link
                fedilink
                English
                11 year ago

                You can’t say that Mullvad or Tor are hardened Firefox Browser, that are completly different things and do have any arguments and evidence for what you say? That it doesn’t make rly much sense? I mean it do. It seems more like your knowledge about Brave is pretty small while I do know a lot about both.

                • @[email protected]
                  link
                  fedilink
                  English
                  1
                  edit-2
                  1 year ago

                  All right, here goes nothing.

                  I came to the conclusion that what you said didn’t make much sense after you called Librewolf prehardened Firefox, which—while not a completely alien assertion—is not exactly very accurate as I explained in my previous comment.

                  What’s worse though is that you continue making exotic assertions like the hide in the crowd + randomization theory without backing them up with anything, while simultaneously asking for arguments(?) and evidence supporting my relatively straightforward and popular position–both of which I have presented very clearly in my previous comments by the way.

                  What you fail to deliver in the meantime are explanations as to A) how Brave’s approach is different or unique compared to anything that any hardened/forked/otherwise enhanced readily available Firefox could offer and B) why Brave’s particular approach to privacy is then also objectively better than the multiple different approaches that various Firefox configs and forks offer.

                  But wait, I’m not done yet. You also fail to explain why you consider Mullvad Browser or Tor to be “completely different things” as you suggested just now. Brave is the best Chromium based thing out there in terms of privacy, shouldn’t it then be fair to match it against the best of Firefox’ class? Or is it because Tor Browser targets a very specific user base and is less fit for your average every-day surfing and that’s why you think the comparison isn’t sound. In that case I bear bad news about your deep well of knowledge on web browsers, because Mullvad Browser is based on Tor Browser but doesn’t require any overlay network of any kind in order to function properly.

                  And since engaging with you has not yet led to anything of value, I will refrain from partaking in this discussion any further unless this changes.

    • @[email protected]M
      link
      fedilink
      English
      01 year ago

      While Chromium itself is a very solid platform, and correspondingly Chrome is a hard exploitation target, it’s quite easy to screw up a fork of it. Comodo Secure Browser was a chromium fork that was fixed to an old version of the renderer with known security issues and was built to disable the sandbox. It also added libraries that were compiled without ASLR that worsened security for every application that loaded them.

      Chrome has an enormous security team behind it in addition to P0, so bounties on Chrome exploits are around $500k. FF bounties are a fifth of that, which is probably a portion of less security, and a portion of lower target market. Brave could be doing terrible things that without an audit would be unknown. Web3 code is pretty terrible on the whole, so adding that to a secure base may not be great…

      • Dark Arc
        link
        English
        11 year ago

        Just an FYI, looks like you double commented

  • @[email protected]
    link
    fedilink
    English
    1
    edit-2
    1 year ago

    By default? I think so.

    https://privacytests.org/

    (these test are done with browsers at their defaults). Librewolf is on par with Brave, but I vehemently hate its interface and refuse to unfuck it wasting my time on CSS.

    I’m on Brave as well since 2021, after almost 20 years of being an avid FF user and supporter. I don’t like how FF is evolving and what Mozilla is doing and I don’t buy the “Chromium domination” argument. If the sole reason to use FF is that “it is not Chromium”, well, the developers aren’t doing a great job.

    However, let’s be real: privacy on a browser matters until you go to whatever website that track you on the server side (Google/Facebook/Youtube/Whatever), or when you write an email from from you Gmail account, or when you buy stuff on Amazon… And so on. Just use the browser that works best for you and don’t be paranoid.

      • Voxel
        link
        fedilink
        English
        31 year ago

        That hasn’t do anything with the results. You can test everything yourself. Techlore also made a interview with him.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          As I said in another comment, if you work for Brave you’re probably going to write tests that play to Brave’s strengths

          • Voxel
            link
            fedilink
            English
            21 year ago

            There is enough evidwnce that this is wrong. I would recommend to watch Techlores Interview too.

            • @[email protected]
              link
              fedilink
              English
              11 year ago

              Are you telling me that you don’t think a Brave employee would write tests based on the areas of expertise they have, that they may well already have implemented fixes for? Or, on a more sinister level, do you think Brave would allow their employee to have a web page up that made their browser look bad?

              I’m not trying to be agro here, I’m just pointing out that you can’t really consider this an unbiased source even if you are happy with all the tests!

              • Voxel
                link
                fedilink
                English
                11 year ago

                I would suggest checking the Interview that Techlore made, he ask the owner of the site similar questions.

      • @[email protected]
        link
        fedilink
        English
        0
        edit-2
        1 year ago

        It discloses that on the front page, below the test table. Anyway, the tests are open source and they check pretty common stuff. I can’t see the problem there if Firefox comes out having actually worse defaults.

        It is how it is, there isn’t much more to say. As a matter of fact, Librewolf gets a lot more green ticks, same or more than Brave. Thus, I can hardly see bad faith on what the website does.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          It’s not necessarily bad, and I assume all the tests are legit, it’s just that someone working for Brave will have a bias towards writing tests for things that Brave does well (and on the flip side, Brave will make them take the site down if it makes them look bad)

          • @[email protected]
            link
            fedilink
            English
            1
            edit-2
            1 year ago

            I understand that, and what you say is entirely possible, in theory. On the other hand, I see that the tests performed there are pretty standard. I mean, there is nothing exotic that only Brave does well there and Librewolf shines as well. Then, c’mon, Brave surely had missteps in the past, but is generally know to be a solid choice with regard to privacy.

            That said, there’s an open issue with the same concerns. Even if I’d say that nobody would complain about the employer of the author if Firefox came out with better score from those test…

    • A_ball
      link
      fedilink
      41 year ago

      @Engywuck do you mind expanding on this? Genuinely curious: “I don’t like how FF is evolving and what Mozilla is doing”

      • @[email protected]
        link
        fedilink
        -71 year ago

        No, sorry. I have had endless arguments and discussion about this topic. I’m tired of talking about it. I’m just using a browser that works better than FF for me and I don’t want to support Mozilla anymore (after 20 years). That’s it.