Hacker News new | past | comments | ask | show | jobs | submit login
Brave Improves Its Ad-Blocker Performance with New Engine in Rust (brave.com)
669 points by teovoinea 4 months ago | hide | past | web | favorite | 359 comments

Figured to try Brave as it keeps popping up.

Installed it and then noticed in my firewall that it is

- trying to connect to a number of IPs owned by google, umm OK

- sending a multicast SSDP UDP request on port 1900 to

So googled that and got this page: https://community.brave.com/t/why-is-brave-issuing-upnp-disc...

Which basically tells you that the first thing Brave does is to try and detect what devices are in your local network.

... and that's where my Brave experiment ends.


Also note that uninstall is completely silent, no confirmation that it actually completed.

The uninstaller also leaves behind the updater utility AND the Windows Task scheduler tasks that run the updater.

Hi, we have logging-based auditing but missed UPnP -- it won't happen again, sorry for this oversight and thanks for pointing it out. What "number of IPs owned by google" did you see? We do not see but you may be in a different region. Thanks for any info.

Just tell them to fix that since it doesnt need to be looking for Chromecast devices

The end

What kind of a Mickey Mouse (tm) operation providing a private and secure web browser wouldn't have fixed such issues from the start? Doesn't help me trust them.

They just pull from the Chrome repository before adding their own things, I dont know what you are expecting

Its like you never heard of Brave

You can just ask them to disable it and now you have your fictional higher standard team shrug emoji

I guess you did mention that you dont use Chrome, so this level of distrust is going to be foreign for most of us to relate to

I think your comment is a bit misleading as they aren't doing anything nefarious as you suggest. My guess is this is a carryover from Chrome and not something Brave decided to build; if that's the case your not getting more secure by staying with Chrome.

In evaluating Brave, you have to give it apples to apple comparison anyway. Brave vs. Chrome as its directly built on chromium. For compatibility, it shares the chrome app store too. I like to think of Brave as Chrome without most of Google but with all the benefits.

Anecdotally, I switched a colleague to Brave about 3 months ago. He decided to switch back to Chrome. Chrome was so much slower than Brave and added battery drain that he came back. I assume it was all the additional requests cut out (Google) or blocked by Brave (Adblocker).

I'm not claiming they are doing something nefarious.

Trust is something you have to earn. I do not install Chrome as I do not trust google. They have too much of my data already.

Brave claims at their main page:

"Brave is open source and built by a team of privacy focused, performance oriented pioneers of the web."

OK well they failed my 5 minute test.

Not having removed the SSDP parts is one thing.

Not uninstalling your updater after running uninstall is straight out sloppy.

You are implying that they are doing something nefarious by omission. Because it’s implied, you also gave yourself the escape hatch to say “Where did I say that?” When called out on it.

A reasonable person reading your comment would think you are claiming the Brave team added code to surveil your network. If they dig deeper through the link you provided, they learn that the reality is that they inherited code from the Chrome team that exists only to support Chromecast. The problem has been found, a bug has been filed and the feature will be removed.

But, most people won’t dig. They’ll take your comment at face value and walk away with a very different story than the reality.

Now I sound like I’m accusing you of being nefarious :p But, I don’t think you planned out spreading FUD. I think you were dissatisfied and wanted to share a strong version of your user story. Unfortunately, your story is so strongly worded that is ended up resembling techniques used by trolls.

You are trying to make me say things I never said.

What I did was try Brave out. I _want_ to like the product. On top of that I have a lot of respect for most of the people behind the project. As a security conscious person I looked at what kind of network activity there was on start.

After installing Brave, I notice things that IMO should not be there. After that I even spent the time to search what it was. The link mentioned by me in my post looks to me like it is a post at a forum from Brave. As someone who is not familiar to the project it is not clear that there is any bug report or bug filed, where do you see that?

There is also no indication to me that somebody from the Brave team replied to the post. There's 1 reply 6 days later, by an anonymous user, which explains what is going on, then 24 days later the thread is closed.

The reason I did not reproduce the text from the link is that it is pretty clearly stated down there. If I wanted to spread FUD I would not have provided the link.

You never said it. A reasonable person would infer it.

I spend too much time arguing with trolls on the internet for fun. I don't think you intended to, but your post uses a lot of techniques widely used by trolls such as: linking to the complicated, full explanation while telling an edited, "technically true" version that can be misinterpreted by a low-effort reader. Having an escape hatch is very important to them.

Again, I don't think you are trolling. You just ticked off the checklist of a troll by accident. I'm only being a pest in the hopes that in the future you'll put more consideration into how your writing is interpreted by low-effort readers.

Text is such a crappy medium for casual conversation. It's amazing the internet hasn't burned itself down.

This is preposterous. This kind of tone-policing doesn't belong here. A charitable read of what he said doesn't "tick off a checklist of a troll". The time to back down was a few posts ago.

I was over-sensitive. Dancing with highly refined trolls on other platforms does that to a person.

They're the ones who are spamming with their marketing blogposts about just how great their product is. Calling them out with a strongly worded reply in the comments (after actually trying out the product might I add) is about the only counterattack for this spam.

>most people won’t dig

Calling out us HNers as mindless with your 4 month old account is a bad look.

Most of us that do not use Brave at this point do not necessarily use Chrome. In fact, those of us that care about the issues raised by the OP probably use Firefox and/or Chromium.

It doesn't matter if Brave is nefarious or not. Extra data transmission means extra possibility for third parties to gain access to it... hackers, governments, etc.

I'm impressed with Brave. I've started using it as my primary browser (after a couple false starts a year or so ago) and it has all the best of Chrome without the worst.

There is controversy about how Brave does stuff, and I agree there is some sketchy stuff they are doing (replacing ads with their own). I'm glad they are giving us a choice, though, and exploring different options for sites being able to makes some money.

Switched from Firefox to Brave in the last year across devices and not looking back (though I do miss containers!).

Blocking ads and trackers by default is pretty much essential in 2019.

The myth about ad replacement doesn't seem to want to die though!

There is no ad replacement, though the roadmap says at some time in the future publishers who opt-in will have the option to have their ad-slots filled by Brave's privacy-respecting approach.

For now I think the only ad trials running are pop-up notifications if users opt-in, and that's only in a few markets at this stage.

Not something I plan to opt-in to, but looking forward to the Github / Reddit / Twitter tipping and integrated crypto wallet.

That's all rolling through in the next few months.

I just use Firefox with uBlock Origin on all my devices. Better blocking than Brave and no concerns about future monetization.

I'm currently using Firefox on all devices as my primary browser, but there is a single feature that I've gotten used to in Chrom* browsers on mobile - 'pull down to refresh' - that looks indispensable to me, and I'm planning to move to Brave on mobile just because of that (already replaced Chrome with Brave on Desktop as my secondary browser). Yes, there are add-ons to do that on mobile too, but they are all inconsistent and half-baked. Chrom*'s built-in pull to refresh is very smooth.

There's also Reload in Address Bar, which I prefer.


Or you can use the "double tap the dots menu" trick.

Thanks. The 'Double tapping dots menu' trick is neat indeed, sometimes we don't figure these things on our own :).

I primarily use Firefox on my desktop, but I use Brave on mobile. It seems somewhat easier on the battery than Chrome, which would make sense being as it's blocking content that can be CPU intensive.

You might like it, though. I've used Brave's mobile sync and it works for bookmarks across devices quite well. It's surprisingly simple to set up, too. I don't fret much about forgetting whether I opened a tab on my phone or desktop if I remember to bookmark it.

That said, I still use KDE connect to send links to my primary Firefox instance and vice-versa, but the bookmark sync is in some ways more convenient. I'd imagine they'll eventually synchronize more things, like tabs.

That's because bad developers focused on WebKit-only experience, forgetting about other browsers.

The same happens when some sites require Chrome to work, blocking all the rest. In 2019 it's unacceptable

Am I misunderstanding your comment or are you implying that the missing "pull to refresh" feature is somehow the website developers' fault?

Because it's 100% just a missing feature in Firefox mobile, there's nothing website developers should add to "make it work" on it.

Try Kiwi Browser for Android. Its a Chromium-based browser with built-in ad-block. If you want, you can even install uBlock Origin or any other extensions as it natively supports extensions.

I use this, though disclaimer, its not "really" open source.

I'm not a mobile dev so maybe this is a naive question, but wouldn't this be pretty easy for FF to add?

Also, for developers, you can't inspect web-socket frames natively in FF yet, you have to use an extension.

That was my setup, and much prefer integrated blocking and the additional polish and features. The yubikey integration coming is particularly interesting: https://brave.com/ios-yubikey-support/.

Future monetization: that was actually an incentive for me. Having been in the belly of the beast on ad-tech I'm cheering the new ad model Brave proposes for the industry.

If you're not aware how messed up the industry currently is, keep an eye on Ad Fraud Historian on Twitter: https://twitter.com/acfou.

On the crypto front, proposing ideas like staking / slashing on their extension store for extension authors is also very interesting: https://twitter.com/BrendanEich/status/1143630584310202369

The new browser wars are certainly spurring innovation again: good for everyone regardless of personal browser preferences.

Firefox needs to respect the OS certificate store instead of using its own. Without it client-cert authenticated sites cannot be accessed. IT admins usually have policies on Windows and MacOS that prevent export of client cert+priv key.

I disagree.

OS certificate stores often come with the political baggage of the OS manufacturer. When a Chinese Gov't CA was found to have engaged in fraudulent behavior [0] Google and Firefox were quick to revoke/remove the CA cert from their products. Apple and Microsoft did not do the same, likely because they do not want to upset the Chinese Gov't. (IIRC Iphone users cannot even manually revoke CA's on their own phones.)

[0] https://en.wikipedia.org/wiki/China_Internet_Network_Informa...

Then FireFox has made the deliberate choice of excluding millions of users. There are millions of users who use identity management solutions where user-certs and priv-keys are put into the OS store of their devices.

Using the OS secure-store should be a preference option. The folks who don't want to use the "political baggage" of the OS manufacturer - as you put it - can continue to use their pristine gardens.

I've never used this personally, but it is a preference option?


Or am I totally misunderstanding this and that's something totally different?

I didn't know about this option - thanks. This option basically uses the OS cert store for server certificates, which is one part of the story.

Now, if they also did this for client-certificates then all the folks in companies that use corporate certificate-based single-sign-on can use FireFox!

I’m actually happy that Firefox uses its own store. This means that I can use it for browsing through the corporate proxy without having the corporate CAs installed in my OS. This way I’m always aware which data is inspectable by the company.

It would be nice however if Firefox had an option to use the OS store, including devices like yubikey.

Doing that gives me a weird, inexplicable feeling. I know Firefox blocks stuff, especially if you set tracker blocking to "Strict". It doesn't block all ads so I still want to use uBO... but do I disable Firefox's blocking to avoid doing the same thing twice? Or are there things Firefox handles better than uBO? It's really too much thinking so for now I'm using Edge Chromium with uBO, and that's not a solution :D

"Blocking ads and trackers by default is pretty much essential in 2019."

How is it better than a choice of plug-ins to block them?

I've never understood this either. I think a deep dive into add blocking as we enter web3.0 makes sense. Granularity is missing in the new "browser wars"

The article does briefly mention some reasons they perform better than plugins.

It's not as good as containers, but as a replacement I use SessionBox chrome extension in Brave.. it mostly accomplishes the same purpose.

> The myth about ad replacement doesn't seem to want to die though!

Just want to reinforce this from my experience. I've been using Brave since before they were based on Chromium. And a lot of comments were saying that Brave replaces adds with their own. But I never saw that.

Now they have a feature you can opt-in, to see adds and get BATs for that. I actually wanted to test this and opted in, but still never seen an add. I guess my location is not yet included.

So at least based on my experience from using Brave for a long time - it's hard to get adds even if you want to.

I'm going to plug 'ungoogled-chromium' here as well as I personally found it better and more stable than Brave.

Problem with both is that they are still Chrome at the core. Currently Google has way too much power dictating how browsers render the web for users and things don't get any better by using any Chrome(ium) forks.

Only real hold out is Firefox even Microsoft buckled under the pressure. If we lose Firefox then in the future don't be surprised when Chromium support suddenly stops and only game left in town is Chrome.

Now all the nay sayers will come in defense of open source and my only response is: don't be so fast to forget "embrace, extend, and extinguish"

Apple will keep developing Safari, luckily, so there's still a 3-way race in many ways.

Safari is only ~4% of desktop/laptop browsing but over 20% of mobile and with mainstream users slowly moving to tablets over laptops this presents an important and large user base.

If it comes down to Chrome or Safari, I will gladly use Chrome. Safari is far too wonky for me, and whenever I tried using it, I always had bad experiences. Google might be evil-ish, but I find their ecosystem far more pleasant than Apple's. And while Google might try to collect lots of data about my online behavior, I can always use something like a Pihole or other kinds of ad-block to stop them from getting that data.

>There is controversy about how Brave does stuff, and I agree there is some sketchy stuff they are doing

I would be more open to trying/using brave if someone respectable packaged it. As of writing, not a single distro packages it. It would lower my barrier to entry a lot if it were packaged by debian/fedora/f-droid. It doesn't imply anything serious, just that it can be built from source and that it passed the distro's basic diligence and guidelines. This seems like low-hanging fruit from brave's standpoint, and yet multiple issues on their github tracker about packaging downstream have remained open for a while.

Nix packages it: https://nixos.org/nixos/packages.html#brave , which means you could use the Nix stand-alone package manager to install it on top of any distro. (I just tried this and am typing this from Brave, installed via the Nix stand-alone package manager running in Void Linux.)

It's fetching brave's binary. That's not what I meant by packaging.

src = fetchurl { url = "https://github.com/brave/brave-browser/releases/download/v${... sha256 = "1lbajxnxqkd422rckfjm65pwwzl66v7anq4jrzxi29d5x7abl3c1"; };

Also, bad look for nixos. I was curious about nixos too, but it'll have to be debian and fedora for now.

Fair point, though I don't know what would go into properly packaging Brave.

They certainly don't package Brave in any fashion, but if you were curious about NixOS, you might look at Guix System.

If they care about both a fast development cycle and rapid adoption then spending time getting an official package for Debian/etc. makes no sense.

> It doesn't imply anything serious, just that it can be built from source and that it passed the distro's basic diligence and guidelines.

For a modern web browser it probably doesn't achieve the latter. Both Chromium and Firefox are too complex for Debian's meager backporting resources. So they make an exception to their guidelines and ship the LTS release. I suppose the userbase just hopes that bad things don't if the browser LTS upgrade happens before the OS's LTS upgrade is ready.

Firefox has an LTS release, but chromium doesn't. So distros just ship the update every month whenever chromium is tagged. In practice, it follows chrome's release cycle very closely. Since brave is based on chromium, I don't see why this model can't work for brave given that distos are able to build and ship chromium already. (Android is a more complicated story )

Then make a Flatpak.

Hi, in my sparetime I help some of the linux packaging for Brave. We are looking for people to help us do this very thing. We provide packaged for deb, rpm, and snap. I maintain the snaps for brave but have been disappointed with the performance. If you are willing to test an maintain distros we'd be more than happy to get you involved.

Brave is a private, for-profit company that has raised $42 million in venture funding—out of curiosity why do you bother doing free work for them in your spare time?

This same argument is true of nearly all companies, including "not for profit." For instance the chair at Mozilla/FireFox pays himself $1.1 million a year, the treasurer $1 million. [1] And those numbers are probably higher now. That's from 2016, the most recent published data on their site. Since 2013 [2] their CEO has increased his yearly compensation by more than $300k, and the treasurer increased his pay by more than $400k a year. And now with Mozilla planning to release a pay-per-month browser (because their half a billion dollars in revenue just isn't enough!), we can expect to see that executive compensation skyrocket even further.

What people like to imagine "not for profit" means is not what it means in practice.

[1] - https://assets.mozilla.net/annualreport/2016/2016_Mozilla_Fo...

[2] - https://news.ycombinator.com/item?id=10101637

And ?

The Linux foundation heads have a similar salary range, like many other foundations and it is not an issue.

"Not for profit" means with a public stated goal, means that your share holder will not suddenly overcome your company strategy and make you sell all your client data, or make you sell bananas, because "it's more profitable on short term".

That is not an hypothetical scenario, many IT companies already felt into this trap. The foundation model of Mozilla protect you against that. This is something that Brave company does not... And the position of its CEO on publicity does not reinforce my trust into that.

Being non-profit does not somehow protect companies or their customers from making bad decisions. For instance Mozilla lately has been trying to take a position on privacy. They do this at the same time that they direct their users to Google search by default which is about as anti-privacy as you could possibly get. The reason is because they make a ton of money doing it.

Other recent bad decisions from them would include the decision to forcefully install a Mr. Robot related promo into the browser. And now most recently they plan to transition to a freemium model for FireFox where the regular FireFox will be free but "premium" features will now require a monthly fee. If you find these behaviors to those of a company who put mission ahead of profit, then we will have to simply agree to disagree.

And still I prefer all these decisions to a pseudo-compagny that try to create a monopoly on publicity by rebranding Google-chrome (WebKit). Brave could almost be qualified of a scam.

They have all ingredients of a scam, including an ICO.

> The Linux foundation heads have a similar salary range, like many other foundations and it is not an issue.

Being common doesn't mean it's not an issue.

A day job without hazard pay should never be making more than 5x median income.

What is the difference between having the share holders taking decisions for the users against user wishes, or having the heads of a non profit organization doing the same (like Mozzila did quite some times)?

On the flip side, what people seem to want “not for profit” to mean is “employees work for below market rate for some reason”.

I don't get it. I would expect employees at a non-profit to be compensated along the same lines as those at a for-profit. It's a constant easy story for shitty journalism in the UK – "oh my god this head of a charity makes far less than the head of an equivalently–sized private company! what a bastard!"

Take the ideological (and incorrect) definition of not-for-profit vs for-profit companies. The for-profit company is supposed to be willing to utilize any sort of money-making opportunity to improve their bottom line which is supposed to be their goal. The not-for-profit company is supposed to sidestep opportunities that do not necessarily align with their mission, resulting in less profit but greater integrity, as maintaining their mission is supposed to be their goal. If this were the case, not-for-profit business would invariably end up with substantially less funding than comparable for-profit businesses. As a consequence of this, it would be fiscally impossible for them provide the same sort of compensation.

This is of course fallacious. But the reason for this is that not-for-profit and for-profit companies operate in mostly the same way. This is something that most people do not understand. This is precisely what I was aiming to point out to the person who initially said 'why would you ever contribute your time for free to a for-profit?' It's an intuitive, but incorrect understanding of the differences between the sort of a companies.

I guess it's more like how many devs could be paid a decent salary from the millions that he Mozilla "leadership" pays itself.

You’re saying the same thing but wrapping it up in scare quotes.

You’re suggesting it would be better if Mozilla did… what? Had no leadership team, perhaps using some kind of non traditional management structure? Paid their leadership team below-market rate? Or is it just the general idea that high-level leaders are paid too much throughout society, and that this needs to be fixed? (Which is totally true, but not at all specific to Mozilla).

Maybe the effort isn't for the company, but for the distros and their users. Is nvidia packaging its proprietary drivers for Ubuntu?

No it's for the project.

I also contribute to linux kernel, and tons of open source projects. In this case, I am pushing that users should manage the packages as it gives the distro a bit of independence. this is also the apache way which i am a member of.

Maybe to help insure that a mono-browser environment is not in our future?

What is required in terms of testing?

> and it has all the best of Chrome without the worst

I mean, what is the "worst" stuff it doesn't have? Account sign in?

It seems like there are plenty of other Chromium embedders to get that without the sketchy stuff.

I can't tell that I'm seeing "their" ads. The way I see ads is a notification type prompt where I have to click view and navigate to a sponsored page. Do you have a side by side where Brave replaces a site's ad with their own?

I don't think that's a thing they do, so I'm curious to hear from GP. And in terms of the notification prompts, that's something you have to enable (disabled by default) if you want to "earn" tokens.

As soon as an ad-blocker starts trying to monetize with ads, it's like the death knell.

This is what AdBlock Plus did with the "Acceptable ads" program, which is their main source of revenue. Arguably with some reasonable criteria for what an "acceptable ad" is, but to me entirely unreasonable because the software doesn't by default do what it says on the tin.

That's years ago, I believe, and there are still ad blockers that don't seem to accept compromise.

Can you give Brave your own dir of install in win64? Thats the only thing from stopping me to use it on my streaming #DAW since it has a small SSD, which I refuse to install non-critical software on.

Over here brave just dumps itself on c: in win64

I wonder how that might work in combo with PiHole or similar on my network. Like, if they are replacing ads are those ads then blocked anyway or slip streamed through?

A simple guide to choosing your browser:

Does it make money by showing you ads?

Chrome: Yes Brave: Yes Firefox: No

If yes, then they need to track your behavior in detail. I'm sure you don't deserve to be tracked.

Firefox makes money by its search deal with Google, in other words: by funneling their users towards Google. This pretty much also boils down to "making money by showing you ads". Google's search ads, to be precise. Now you can say: "But I can turn this off", but then you'd also turn off their source of revenue.

Brave's stated goal is to establish an alternative ad-based business model that's long-term viable without the user being tracked. Will this be successful? Who knows, but at least they're trying to find a business model that respects your privacy while being long-term sustainable. Firefox's model doesn't, at least the way it works now.

>Firefox makes money by its search deal with Google

Of course, development costs a lot. They will not need to rely on Google in the future if more people donate to them regularly. Consider donating to Firefox.

Considering most of their jobs are in mountain view, a very expensive col and developer salary area, they should consider moving somewhere more economical if they expect to live on handouts.

Why should we have to support their over priced office space?

This isn't true.

One, Mozilla has multiple offices across the world; see https://www.mozilla.org/en-US/contact/spaces/

Two, a large percentage (perhaps even a majority?) work remotely.

This combination lets Mozilla hire talented people wherever they are.

(Disclosure: I work for Mozilla)

I suspect that if you ask them, they're not in Mountain View for fun, they're there for the access to top tier tech talent. Browser rendering engines and java script engines are serious engineering, needing good engineers. It's not the only place in the world you can find them, but it's a good one.

Because they're still doing important work, and deserve to have nice things? Why does working at a non profit mean that you should have a bad quality of life?

You don't have to support them, but if their product provides value to you, it's worth considering

I think this miss the point. This seems more in the line to "Duolingo to Silicon Valley workers: Move to Pittsburgh, where you can actually afford a home" call[1].

That is, it's not about less good quality of life, just less high salary possible only in places with less high level of misc. inflation.

Plus passed some level, I doubt higher salaries make good corollary with high quality of life. Not that you can't have a sane happy life with a lot of money, of course. But : - it doesn't seem to to be a requirement, see for example the case of Matthieu Ricard[2] - large salary, or more generally acquiring a social status broadly recognized as great success doesn't prevent from terrible quality of life. Arguably, even you go with Camus saying "Un geste comme le suicide se prépare dans le silence du cœur au même titre qu’une grande oeuvre", not all people in [3] committed suicide out of a situation where they felt they had good quality of life.

[1] https://venturebeat.com/2018/03/23/duolingo-to-silicon-valle... [2] https://onbeing.org/programs/matthieu-ricard-happiness-as-hu... [3] https://en.wikipedia.org/wiki/List_of_suicides_in_the_21st_c...

You're not wrong, but to many people, the appearance of a non-profit (notwithstanding the legal status of Mozilla Corp) operating in an extremely high CoL region isn't good.

If SV doesn't trigger that for you, think about, say, a non-profit headquartered in Monaco, that asks for donations so that its employees can have a nice home and QoL in Monaco with salaries several multiples of your own for comparable work.

Firefox is persuing other revenue sources as well, such as a paid premium browser. My last hope against the advertising economy is this model taking off.

Same, I intend to pay for their premium browser. I've been using Firefox for years. Chrome couldn't get me to shift over. I only use Chrome when testing front-end code and I don't do front-end development anymore.

I would pay buckets of money every month for a computing experience devoid of advertising.

I already pay YouTube for no ads, so I agree. I would do the same for TV to an extent, too many Netflix competitors popping up, I don't have time to spend hundreds of dollars on those, I wont be consuming enough content to justify them. I do spend way too much time online, I usually pay for no ads on mobile games / apps.

The Mozilla Foundation has multiple sources of revenue.

To argue from an extreme point of view, neither of those choices are very good because the web in general is a terrible platform. The whole standard they implement (and its velocity of change) seems geared towards minimizing the potential for competition, and is implemented without a hint of concern for what identifying information the browser APIs might divulge by design or how much the attack surface for various malicious activities grows with their inclusion. It's an arms race, and adtech have found where all sides keep their guns.

The difference is any tracking Brave does is 100% local on your device, which eliminates any potential privacy issues that may exist with other advertising models.

yeah and apparently sending stuff to google IPs. So... not?

What are they sending to Google IPs specifically? Also what makes you think that has anything to do with advertising, and isn't, for example, a side-effect of the browser being a Chromium fork?

Brave Ads are opt in and give 70% of gross revenue to the users who opt in. Leaving this out while glossing over other browsers’ default search revenue model is doubly misleading.

As a user of Brave, I'm consciously making this decision, thank you very much. What's your idea as to how content creators should be supported?

Why do you need to be tracked to support content creators?

You don't. Which is why Brave's ads don't do that.

The problem is that if you start paying content creators, then you're giving data to another party, i.e. your bank.

Alternatives based on peer-to-peer (micro)payments are already staring to emerge, e.g. this guys is building patreon alternative based on Lightning Network (Bitcoin's second layer able to handle millions of tx per seconds for negligible fee):


depends.. Brave has actually got it's own token that could be used to pay creators, not sure how the transactions are logged though but i'd imagine that you can privately pay without being tracked

Yes, but there's always a third party that can in theory collect all your data.

Who? I'm not really familiar with how Brave does it, but there are plenty of cryptocurrencies where that's definitely _not_ the case.

It's still not clear whether untrackable cryptocurrencies will be allowed by regulators.

For me, the guide is more like:

Does it render text in an ugly manner?

Chrome: No

Safari: No

Firefox: Yes

The unfortunate thing is that many Firefox users prefer the Firefox text rendering.

There’s no solution to fix this (I’ve researched a lot). It’s just a divide in the users based upon preferences.

What do you mean by ugly? That GDI text rendering is used on Windows instead of DirectWrite for some font families? This can be disabled in about:config by assigning `gfx.font_rendering.cleartype_params.force_gdi_classic_for_families` an empty value. Or do you mean that there's no subpixel positioning on non-Windows/macOS? That one has no fix, except when the text rendering part of WebRender goes into production.

I'm confused. Doesn't Firefox use Freetype on Linux? Freetype has subpixel rendering.

Subpixel rendering is different from subpixel positioning.

See e.g. https://bugs.chromium.org/p/chromium/issues/detail?id=824153 for some gory details.

AFAICT Firefox text rendering has always been fine on Linux. Chrome until a year or two ago had no subpixel antialiasing, different gamma for antialiasing, or whatever - its text rendering used to look ugly, or more neutrally: different from everything else.

Firefox follows my system font renderer settings. Am I missing something else?

What platform do you see this on? Other than subpixel positioning on Linux/Android, Firefox should render text the same as Chrome.

I don't know why parent was downvoted. This is on top of the list of things that kept me from switching back to FF.

This is how every thread on this topic goes. 99% downvoted and hate directed towards me. A couple of people chime with “yeah I agree with you”. And nothing changes because it cannot. Because it’s based on preference.

> was already implemented in heavily optimized C++ handling requests with sub-millisecond overhead, we found that we can further optimise it for a 69x average improvement

Seems like an unnecessary optimization, though I'm sure it was fun. I wrote one a little while back in C++ also[0]. It's not documented the best, but uses a kind of custom tree to match.

0 - https://github.com/cretz/doogie/blob/master/src/blocker_rule...

They're presumably gaining the other non-performance advantages of Rust over C++ (i.e. the borrow checker etc.) though, so safer and faster is a win. As you say though, they seem to focus on performance but that might just be the audience they see themselves talking to.

I think "Chrome but faster" would convince a mainstream audience pretty well, even though they might not be aware that they're not going to notice the milliseconds.

if you're moving from Firefox to brave you do notice the speed increase. FF on my work laptop (i5, 16GB of ram) and my s8 is significantly slower that brave.

It's been a gift to me, since I really just can't help but install extension after extension and FF is just not good at that in my experience (plus the selection is narrower but I don't put that on FF). Another thing is that Brave has the Chrome url search which I've come to realize is actually pretty central to me, I just can't stand the 'prepending a letter' type search. Overall it's the closest I've felt to chrome with the stated goal of addressing the the primary reason I feel uncomfortable with chrome, so I'm happy for now.

Brave isn't a choice for me 'cause Google can easily kill all Chrome clones in one funny day. Also Brave monetization looks very tricky.

Second point I agree on, first point--how? Chromium is opensource. What can google do?

People need to stop with this argument. Chromium might be open source, but it's still Google who decides what get merged. And yes, people can fork, do their own patches, fixes, but if it deviates too much from Google, you'll end up with a new browser to maintain on your end without a team the size of Google. If all theses teams choose to not implement their own browser, it's for a reason: a web browser is a complex piece of software. And the best example of this is the Edge team who forfeited implementing their own and just went with Chromium.

I don't understand why you think this means that Google can easily kill all Chrome clones in one funny day.

They definitely can't reasonably do that but in the long run I don't think Brave has the resources to maintain a hard fork from Chromium. That's the main reason I don't really get the Brave hype when Firefox does the job just fine and is actually a fully independent codebase instead of a relatively shallow customization of Chromium.

The only argument that keeps coming up is that Brave has a built-in adblocker but it's not like installing ublock origin is very challenging in Firefox (and on top of that your extensions are automatically synchronized if you use the Sync feature) and the relatively blurry monetization scheme of Brave makes me think that in the long run this built-in ad-blocker might prove a liability more than a strength. I'll take my ad-blocking independent, third-party and non-profit, thank you.

Brave, Opera, Vivaldi, Epic, Blisk, (and Edge?) can pool development resources. I dont think all the forks would have as much problem as people believe they would. A ton of webkit users switched to blink nearly overnight.

I think the bigger issue is chrome implementing an new web feature that blink-fork2 and firefox dont agree with, that web devs start implementing anyway. Google controls web development more than they control browser development.

Theres also the WideVine argument, but for me personally I dont see why i need my primary browser to also play netflix. Its not that hard to open a separate netflix app/browser. The amount of drm encapsulated video I watch in my browser is minimal to none.

Blacklist their user agents/fingerprints from all Google services (usually by citing some security concern).

Edit: sure, there's perhaps 1% of alt-browser users who actively avoid all Google's services, but rest actually depend on them...

This could happen with literally any browser and has absolutely no relation to whether or not they are based on the chromium source.

I think Edge is good for Chromium. That puts Microsoft as a stakeholder there too, which takes power away from Google. If Apple were to move to a chromium-backed Safari, that would mean that three major players would be stakeholders in Chromium having a sane future.

This means that if you send a meaningful patch, Google doesn't like it, but Microsoft and Apple do, it might get merged.

Google owns and controls the chromium project, if they don't like a patch, its not getting merged.

I kinda agree that we don't need myriad of browsers. OS and CPU duopoly seems to be kinda ok. But for something that's _supposed to_ be universal it makes no sense to encourage fragmentation...

> chromium-backed Safari

Double whammy. Chromium runs on fork of WebKit which is Safari's engine.

Google can make forks of Chromium unusable in practice by refusing to license their WideVine DRM module.

This has already happened: https://www.theregister.co.uk/2019/04/03/googles_widevine_dr...

> Developer Samuel Maddock found this out to his cost. He's been working on an open source Electron-based (Chromium) browser called Metastream that allows users to stream videos in sync with one another. It's designed to be a way for friends to watch shows together even when they're apart.

> But Google's Widevine DRM business doesn't want to work with him. After four months of waiting, the firm responded to his request to license their proprietary DRM code, in conjunction with the castLabs API, with a denial.

(edited: formatting)

unless they fork from original open source. google can stop developing it but they can not stop others from continuing from where they left off from that point. i don't know any thing about brave but, chromium is differrent from chrome.

It's interesting to see block list creators more or less reinventing all the tricks that network-security regex implementation people invented 10-20 years ago. One wonders whether they might do better picking up an off-the-shelf regex implementation (e.g. our own Hyperscan, or for those who must must must have something in Rust, the engine from ripgrep, which I believe is just called "regex" :-) ).

As far as I know the « regex » crate is used in some places. But interpreting block rules has a lot to do with specific options and behaviors which are pretty tailored to the task and it would not be easy to use off the shelf regex implementations for this. Although I myself looked at Hyperscan in the past for the purpose of blocking ads (the performance looks amazing!).

Hey, some of those block list creators are also network-security people from 10-20 years ago. :)

Here the specificity is it tries to match against multiple regex, in rust there is RegexSet from the regex engine, it performs a single pass, but I'm not sure it optimize a lot graph for matching. It seems HyperScan can do a lot of optimization by extracting commonalities between regexes.



Brave is doing some of the best anti-Corporatist work in the community right now.

They replace other ad network ads with their own ~ads~ crypto currency. They monetize the content of others and don't tell them. If you have a youtube channel, they will swap out ads and collect the ad revenue without telling the channel that they're doing so.

I'm not particularly impressed with their business. In fact I'm pretty disgusted with it.

This is untrue, as far as I'm aware. Brave blocks ads and trackers by default, and you can opt into a separate "Brave Rewards" program which pays you in crypto-currency tokens in exchange for receiving ads via push notifications and the New Tab page (not inline with web content).


Users can then choose to contribute some or all of those funds back to the publishers/creators they visit that have signed up to Brave's platform. They try to do this all in as privacy-preserving a manner as possible.


I’ve been around the ad ecosystem for a decade, and for the better part of it I’ve been convinced that the audience needs a full seat at the table and a piece of the ad transaction if advertising is going to have a future at all on the web.

Brave and BAT is the most credible solution to this problem I’ve ever seen.

No, the Brave browser does not try to verify that the page that it's replacing ads on has opted into Brave's "rewards" thing. They'll s/page_ads/brave_ads/ and collect a check regardless of if that revenue is going to the page owner or not.


> replacing ads

> They'll s/page_ads/brave_ads/

My point was that this literally does not happen. Brave does not insert ads into pages, ever, it only removes them. I'll admit I'm skeptical of the whole cryto-currency model, too, but I try to keep my points factually accurate.

They got a ton of attention when they first launched for their idea of replacing ads. See point two on this archive from early 2017: https://web.archive.org/web/20170129165028/https://www.brave... Now they have a disclaimer at the top https://www.brave.com/about_ad_replacement.html but honestly, until today I thought they were still doing it.

They aren't. The brave ads appear as a system notification at fixed intervals whether or not you're browsing. They're as disconnected from your browsing activity as they could possibly be.

The only connection is that your browsing activity determines how much each content provider is owed.

Could you please stop spreading misinformation? As the surrounding commentors have mentioned, Brave Rewards is completely opt-in for users _and_ they do verify whether the page is a part of the program _and_ they don't replace ads with their own.

Why would they have to? The user has opted in. From your link: "Starting today, users of Brave’s latest release of the desktop browser for macOS, Windows, and Linux can choose to view privacy-preserving Brave Ads by opting into Brave Rewards" [emphasis mine]

Stop spreading FUD.

Does the content creator get a cut from Brave?

Like everything on Brave it's all up to the user. First the user has to opt-in to this ad program. By default Brave simply blocks everything. If they opt-in then they will be able to see a number of ads per hour that they specify. Of these ads, 70% of the revenue will go straight to the user and 30% will go to brave. The user then decides how their coins will be spent. There are straight forward ways for users to support their favorite sites or content creators. So imagine you want to support site.com, you could choose to automatically donate some chunk of your tokens to it per month. From then on everything would be automatic, the user would just browse as normal, accumulate tokens, and the site would be compensated.

In my opinion this is also the ideal system since it removes the fundamental problem of advertising. And that is that when a company relies on advertising, their customer is no longer the people visiting their site - but the advertisers they make money from. This can lead to advertiser influence slowly creeping into every aspect of the site, including the content that is created. By directing the ad revenue to the user who then directs it to sites (at their discretion) it keeps the benefits of "free" sites, while removing all the nastiness that generally comes with ad-based revenue systems by untangling the relationship between advertiser and content creator.

That has long been resolved, and you probably know that. Your own link contains evidence that it has been resolved, so this is kind of absurd.

There is always tons of venom of this exact sort thrown at Brave on HN, yet I've used Brave and have not seen any ads that have been spoken of. Even if they did replace, to be frank, the advertising industry already is disgusting and I'd have no problem with it (well at least no more problem than I already do)

In any case it's a great browser, at least better than Chrome when it comes to privacy, and I personally won't fall for the propaganda. Just like Tesla, there is a lot of "old" money that is threatened by the upstart so there is also a lot of negative sentiment.

Brave Ads are opt-in, you have to click on the triangle in the right end of the url bar and enable Brave Rewards, which includes Ads. You can turn off Ads but keep Rewards on and send tokens you buy, or direct tokens we have in a granting pool, toward your favorite creators. Ads pay 70% of the gross revenue to the user who opts in, and by default these tokens flow back to your creators, anonymously. Neither Brave nor any partners see linkable automated contributions thanks to a ZKP protocol (anonize.org based). No user browsing data in the clear goes to our servers or partners’ servers (or of course on a blockchain) for any part of Brave Rewards. Which is off by default, to return to my first point. I hope you give it a try. Thanks for your support.

What’s wrong with Firefox?

Just last week, we found out that they sat on a severe vulnerability for 2 months, only bothering to patch it after someone used it to try to pwn Coinbase[1].

[1] https://news.ycombinator.com/item?id=20233952

They had reason for that, as mentioned in the thread you linked.

And what’s wrong with Safari?

I don't want to pay 2k for my browser.

I don't want to pay 2k to run a proprietary browser.

I do a lot of web development and need the tools.

Which tools specifically that aren't available in Firefox?

It's more about the clunky UX than the tool itself. Eclipse support everything other IDEs support but who wants to use that?

You can use Firefox for browsing and Chrome for development. No need to settle on a single egg.

Too freaking slow.

Have you tried it recently? It has gotten a lot faster, so much so that some people say it's faster than Chrome in many cases.

Personally, I find it more than adequate, and I agree with their mission a lot more than the other browser vendors.

I use Firefox everywhere. I tried Chrome recently and it feels a lot faster, but in the end the ability to block ads and trackers (everywhere, including mobile which is where I do most of my browsing) is more important than a bit of speed. If Firefox is fast enough, then faster is pointless. But as can be seen in this thread, some people believe it's their duty to look at ads so for them the extra speed is probably a nice bonus (and perhaps partially compensates for the extra work their browser is doing).

It's been years people suggest the same "have you tried recently", but it doesn't come even close to the snappiness of any chromium based browser when I use it.

Have you tried using it recently? The quantum rewrite they released last year is incomparable to the previous releases. I use FF at home and Chrome at work and I can tell you that there is no noticeable difference in performance. The only time you'll notice the difference is when you use google apps that are written specifically for Chrome, but I personally prefer to avoid trusting the biggest adtech company in the world with my personal data. Plus, FF supports vertical tabs, Chrome doesn't.

I use both and in my case, new Firefox is snappier than Chrome.

See https://brave.com/faq/#unclaimed-funds for a description of their current and past policy. Currently:

"If a publisher has not verified ownership, then a user’s contributions will be held in reserve inside the browser for 90 days. The browser routinely updates an internal list of all verified publishers to determine whether a property can receive contributions. At the end of the 90 day period, any contributions marked for unverified publishers will be released back to the wallet. No funds leave the browser except to go to verified creators."


"Previous versions ... would then hold contributed funds for those publishers in escrow until they’d verified. [And] Funds that were contributed from user-funded wallets will be held indefinitely, until the publisher verifies and transfers them to their own wallet."

That sounds like they had a suboptimal policy, realized it, and fixed it. If they _keep_ their 5% cut, or the interest on it, from contributions to unverified creators, I'll share your criticism.

That's still terrible. If I'm a Youtube content creator who doesn't want anything to do with Brave, they're still going to remove the ads that I want on my videos to monetize my content, and hold any of the BAT that Brave users contribute to me hostage.

The user owns their computer. You own yours or at least the party you have entrusted your content does.

If people don't want to look at your ads they wont. Don't like it charge money.

When file sharing first came along it was pretty clear that the status quo of dropping $20 on a CD for some music was not going to last. Regardless the music industry refused to accept this and fought tooth and nail to try to keep CDs as the norm instead of adopting to changing times. Unsurprisingly that's a battle they eventually lost.

A decade or so ago ad-blocking was extremely esoteric. Today it's reaching a majority on all devices excluding mobile. Though mobile will also likely follow a similar esoteric->majority trajectory. In any case it should be clear that the status quo of advertisements isn't going to last. Google trying to break ad-blocking in Chrome feels very much analogous to the old dinosaurs in the music industry trying to cling onto CDs. Users hate unsolicited ads and, in the end, it's a losing battle to try to force everybody to keep watching them.

The point of this is that that money you're being offered is money that would not exist otherwise. These people are not going to watch your ads, period. You're free to take it, and you're free to not take it - it'll eventually be returned to the people that wanted to give it to you. But complaining about it's very existence is peculiar. It's like if you only accept PayPal and I said I don't use PayPal but I'd be happy to send you money through e.g. Stripe. If you don't want to setup a Stripe account to accept my money then that's completely your choice, but to complain about it just seems petulant.

Is uBlock terrible?

Are you a content creator, with your income stream at least partly gained through advertisements?

Yes? Generating and serving content isn't free. If you don't want the ads, don't visit the page or pay for an ad-free version.

This ignores the actual issue with ads, which is tracking. Advertising has this huge system around it where your information is the commodity.

This means that advertising inherently is not something you "opt into" when you visit a page. You are being tracked everywhere you go.

That's the problem brave solves, but it accepts that removing ads without another system to reward content creators is important - hence BAT.

Agreed - the only reason ad-blocking is even a thing is because:

- Overuse of tracking, including nefarious attempts to de-anonymise users through excessive fingerprinting

- Crappy, distracting, in-your-face ads

- Ad networks serving malware (rare, obv)

If ad networks focussed on ridding the world of these issues, more people would be happy to let the ads through and help support content creators through ads.

I partially disagree.

All adds are subconscious manipulation.

I hate them, no matter if they track me or are in-your-face. I will always use an ad-blocker, but allow ads if a site asks me to do so, and I enjoy the content.

But I realize I'm probably in a minority here. Most users would not bother with adblockers if ads would not degrade the web experience so much.

Then block tracking, but don't remove the advertising content. Or propose a solution that doesn't involve paying them with a worthless cryptocurrency, unless you'd like your salary to be paid in BAT.

Advertising is literally an attempt to manipulate people in a way that subverts their interests. It's like you are making money by giving a "free" concert wherein you are paid to kick the audience in the nuts and now you are shocked that people are starting to wear a cup.

Then if you object to advertising, don't view content backed by advertising.

However much you might wish it to be so clicking a link doesn't create an enforceable contract between me and you.

So why when my maximum benefit is blocking ads AND viewing content should I change my behavior.

Blocking ads has been a thing for 17 years and will probably be a thing for the next 17.

If you could force me to watch your ads you wouldn't have to ask

It's not just that I choose option C to continue watching and not pay. I in fact opt out of the entire decision making process. I'm not going to figure out what sort of ads you have or whether I should or shouldn't block them because life is short and I have other better things to do. I'm just going to turn on ublock and just keep swimming.

If you don't put out videos tomorrow because of this I will watch someone else's content. If you produce something truly unique put it out there for money and I will make an informed choice on whether I want to pay for it.

It's really weird to see ad-tech defenders on Hacker News in 2019. Create a Patreon. Take the few minutes to create a Brave Creator account. Use a non-invasive ad network on AdBlock's "Acceptable Ads" list. Read an Orwellian novel.

Not that weird, since there are many here who work for ad-tech companies and are actively building these systems.

The presented solutions are honestly quite silly.

Anything available on the web, an open platform, is free to view by design. To make it not free, you as a publisher are required to take extra steps which do not presume control over the client computer. If you don't like this, perhaps the web platform is not the one you intended to use.

You want to earn money with your content?

Charge for it instead of uploading it to a platform that shows ads, OR upload it to a platform that can't be used with adblockers!

Is it unethical to avoid looking at billboards?

If not, what if I had a special pair of glasses that obscured such billboards or other physical advertising? It's not possible today, but not that hard to imagine in the near future.

How are these situations different from blocking ads on the web?

To my knowledge, billboards don't fund roads. Unless they are the exclusive source of revenue for roads, the situations aren't really comparable.

Ads don't fund the communication networks as far as I am aware. Last time I checked, my internet bill wasn't paid by me looking at ads.

Ah, that is a good point. They aren't comparable on that aspect.

I would argue they are still comparable in terms of "autonomy of attention".

You can turn that around, if you don't want me skipping the ads don't serve me content through a medium that allows me to do so.

Was it immoral to tape a show and fast forward through the ads?

The majority of ad revenue goes to the site, not to Brave[1]. The user gets a cut for having to see the ad, and Brave gets a cut as well.

But even if you're right, why is it unethical for me to install software on my own computer to render websites differently than the creator intended? For example, by removing ads? Or replacing ads with different ads? Or rendering all ads upside down?

[1] https://brave.com/how-brave-works-for-you/

Because it's monetizing other peoples content. In my view, it's the same as cutting and pasting somebody else's content onto my own site with my own ads.

Even if I promise to give most of the money I make back to the original content creator, I really have no right to the small part I skim.

Update: Sorry didn't mean to suggest it was unethical for you to view a page any way you want, but I think the creators of the Brave browsers are scuzzy.

Update Two: I see now that Brave have updated the policy and will only collect funds for creators that have opted in.

Also, as others have pointed out in this thread, they don't replace ads on websites with their own. It blocks ads, and if you want you can view Brave ads in exchange for their cryptocurrency and optionally donate them to participating publishers. I'd say this is no worse than a regular ad blocker, but you at least have the choice to attempt to remunerate the publisher for the lost revenue.

That's right -- user first. Users will do right by their favorite publishers.

> But even if you're right, why is it unethical for me to install software on my own computer to render websites differently than the creator intended?

It's not unethical for you to run that program, but what is being argued is that Brave (the company) is acting unethically, for example by taking donations on behalf of other people without their consent[0].

[0]: https://news.ycombinator.com/item?id=18734999

Except they don't. See above.

Well, that's good! Might give Brave a spin then.

Just curious, what exact sentence(s) from the above links to the Brave website do you see contradicting this claim about "shadow wallets"? (if that's the correct wording)

When I read something like this, it almost sound like they're making wallets (without necessarily asking beforehand):

> If you own a website, or even just a blog or other sub-domain on a hosting site, we’ll create a site wallet for you.[0]

Am I reading that wrong?

[0]: https://brave.com/how-brave-works-for-you/

Yes, they created wallets without asking beforehand, replaced the ads you monetize your site with with their own BAT system, and held funds hostage unless you buy into their system.

If I feel you're owed a token, but you don't have a wallet in they currency, what should I do:

- make you a wallet and let you claim it later?

- keep the token?

Neither of these constitute a hostage situation. There's no buying in except the time it takes to move that token to an exchange and turn it into dollars or kgs of cocaine or whatever.

> - make you a wallet and let you claim it later?

> - keep the token?

The problem is pretending to do the first while actually doing the latter (when the token isn't claimed after X days, etc...)

Yeah, I suppose it would be better to just let the tokens pile up in the wallet, the better to later inventivize adoption later.

I still think it's less shady than the concept of advertising in the first place. I have yet to come across a satisfying definition of malware that doesn't also describe web advertising.

It's potentially even worse than that.

Exploiting this grey area in the law will lead to a response from the courts and lawmakers. That response might well require that browsers display pages exactly as the publisher intends.

In other words, the end of ad blockers and other tools, thanks to Brave.

(Not at all unlikely given that Google seems to want that too.)

It feels to me like this could be legislated based on profiting on others' copyright.

The issue here is one party making money, without consent of any form, based on another party's published materials.

> The issue here is one party making money, without consent of any form, based on another party's published materials.

So, google’s search engine business?

That's an unfair comparison. A three line snippet is hardly the same thing as taking an entire page. Not to mention that all search engines do this.

There is at least an opt out to Google, there is some benefit to showing up on Google search, and there is a significant transformative action both in aggregating and summarizing, and in providing web-pages based on a keyword search.

That said, there is an argument to be made here. One that's included in the disputed EU copyright directive in the 'link tax'.

The web server freely provides that content, it's not like the browser is stealing it. If they really want to protect their content, they can put it behind a paywall.

It shouldn't be illegal to not request certain parts of a site, and it shouldn't be illegal to choose not to render parts of a page. What should be illegal is taking credit for copyrighted material, and that's not what going on.

I think it should be illegal to profit from showing other people's work neigh verbatim. For example, taking their content, stripping out some stuff, and placing ads there.

The issue here, as opposed to just stripping ads, is that a totally unrelated party is making money with ads.

> That response might well require that browsers display pages exactly as the publisher intends.

IANAL, but I highly doubt that the government will mandate what browsers people run on their computers. Outside of North Korea, of course.

Wait for it; there will be mandated software on 1st-world machines in our lifetimes. Root on your machine is already a bit of a fiction because of government action (the cpu management engine); look for that to become more explicit after the first really big blackout/other catastrophe caused by a computer security failure.

Unrestricted mathematics are too dangerous to be allowed to normal people.

They won’t mandate a specific browser, but they can regulate functionality.

Piracy is already considered theft. Viewing webpages without ads is basically “stealing” web content. I would not be surprised in the slightest if some big advertiser runs with this idea and lobbies for strict legislation. And they likely would succeed, quite honestly. Congress doesn’t understand adblocking or the internet, but they have a vague idea of digital piracy.

Yes. I want a citation for this. As far as I'm aware this is completely untrue.

That isn't what he is claiming though. He's claiming that they do this without the users consent. If I want a page re-skinned in purple to hell with what the content provider wants. It is also reasonable, as Eich pointed out, to act as a mediator for unrequested donations. Which is what Brave does.

Would it be nice to reject these donations? Sure. But we don't demand that with any other transmission service. If Eich and the user concede to the terms and if you accept the money, what is the problem moral or otherwise?

Your second link is to our blog post about user ads, which do not go in slots on publisher pages.

Your first link is to a tech journalist who misreports what we actually do, for reasons I cannot fathom and won't guess at.

Anyway, we do not replace publisher ads we block. Check it out for yourself.

For at least one of those claims,

>They monetize the content of others and don't tell them.


It depends. Are Brave's ads more similar to the banner ads of the old days? If they are not so intrusive and privacy violating like modern ad-networks, that would still be a net win in my opinion.

As for the hypothetical youtuber, they are always free to put product ads directly in their videos if they can/want to. However, if they can only make money via abusive 3rd party trackers, that's on them.

I've had Brave as my mobile browser since early 2017 and the only ads I've ever seen on it are the random Google Adsense ad that slipped through. These instances are in the single digits, in 2.5 years. im in Canada, so that might have an effect.

Are you saying that I should be required to execute all code on a web page? That's the eventual point this train of thought will lead you to.

This seems like an unreasonable interpretation; it’s much more likely that ‘dymk wants to execute the bare minimum amount of arbitrary code on a web page.

Citation please.

The link provided does not address your claims. Full stop.


Tom Scott was not happy with Brave. They were collecting ad revenue for Youtubers who had never opted into their platform.

He had to go make a stink to their CEO, and finally after lots of pushing back, the CEO ceded that maybe this is not the best thing to do!


Actually I followed that whole episode as it unfolded and your comments across this thread are all sorts of wrong.

Tom Scott ended up being happy with Brave resolving an early product misstep.

You should really be across an issue - and its resolution - before deciding to use it to cast shade on a software project.

For more reasonable-minded developer folk Eich addressed this again recently on Twitter: https://twitter.com/BrendanEich/status/1139384765700685824

None of what you said is true. I'm puzzled by the constant lies and FUD spread here against Brave. What exactly is the agenda?

There's no agenda, just proper reasoning. Think about it in terms of Bayesian probability: it's a cryptocurrency product, and pretty much everything in the crypto space is a scam, so right off the bat when you hear about Brave, before you even know anything your prior probability that it's a scam is 95%. Then they got busted 'keeping the money' and not telling the creators, and the posterior jumps to 99.5%. I know they mostly fixed that, but at that point the trust was gone and it's not worth anyone's time to give a second chance.

It sucks, but at the same time, if you're going to be an honest actor in crypto, you better cross every t and dot every i, because bad actors are everywhere and so smart people just assume bad faith and are arguably correct to do so.

If your proper reasoning involves the premise: "it's a cryptocurrency product, and pretty much everything in the crypto space is a scam," you might want to adjust want you call "proper reasoning."

Sure! But one product doesn't adjust it very far. So next time I hear something is a "cryptocurrency product", instead of 95% scam alert I'll be at 93-94% scam alert.

What they had to fix was not "keeping the money", it was a bad UI that implied creators had accounts.

The reason that Brave doesn’t get a great rap around here is because it trips the sketchy detector. They make a marketing image of themselves as the protectors of privacy and whatnot and then the browser includes (or included) a lot of features that seem to go contrary to the stated mission.

How is that any different from Google? They're both monetizing the content others placed on the internet.

The content producers who distributed their videos on YouTube agreed to Google's monetization terms. They did not agree to Brave's. I cannot unilaterally make copies of Harry Potter books, sell them for a dollar, and give a cut (even a 50% cut to make the Brave analogy complete — they like to say they give a larger cut to publishers without mentioning that it is a larger cut of a much smaller pie) to JK Rowling. Even Brave eventually understood why this was wrong.

But Google should be allowed to unilaterally copy snippets of data from all the websites on the internet into their search results?

People bending themselves backwards to hate Brave for doing things that are really not that different from what the big boys do.

> But Google should be allowed to unilaterally copy snippets of data from all the websites on the internet into their search results?

No, and they don't. See meta nosnippet and robots.txt.

If the big boys did what Brave did, they would be sued to oblivion.

Google pays for the YouTube servers that content creators upload their content to. What does Brave pay for?

Does Google pay for all the servers on all the websites that Google's search engine indexes and makes money selling ads against?

Does Brave still whitelist Facebook trackers? Is there a way to opt-out of Facebook tracking on Brave for iOS?


Did you read the link you posted? They block many facebook tracking components but there are some things they aren't touching right now because some website depend on facebook for logins.

How can people, who are not using those websites, avoid Facebook tracking on the rest of the web?

Install one of the many chromium extensions that block/obfuscate such tracking.

Sadly not an option on iOS, which is the reason for using Brave in the first place.

Honestly, blocking ads/trackers on mobile has always been a tricky business. You could set up Pi-Hole on your home network. Or see if there's something similar to this on iOS: https://f-droid.org/en/packages/dnsfilter.android/

It's actually one of the reasons I use Android and why I'm looking at alternatives, like Librem 5 and PinePhone. I don't like how Apple doesn't allow competing browser engines on their phones and tablets (only skins that use Safari underneath), and I don't like Google's privacy issues on their phones.

Yeah, I've pre-ordered the Librem 5 for those same reasons. It will likely absolutely pale in comparison to Android/iOS features, but I'm wanting to go full "Off To Be The Wizard" and help develop the lacking apps.

Ad blockers have existed on iOS for years.


Thanks, it seems much faster than 1BlockerX with Safari. Is there a way to whitelist sites?

Brave allows granular blocking on a per-site basis, with a simple in-browser UI on iOS. Do Safari content blockers work with Brave on iOS?

1Blocker X is probably best in class.

Yes, trackers are blocked by default, and the Google / Twitter / Facebook login options are in the Brave preferences section.

Not seeing "login options" in Settings on Brave for iOS, Version 1.9.3 (

Ah sorry those options are on the desktop build.

Perhaps there are tickets in the github repo to add this to mobile builds?

I don't see them on the desktop build either.

Preferences -> Social Media Blocking.

If you don't see them I could only guess that maybe you have an old version of the browser installed?

Brave is going big. It will overtake Firefox in the near future. That will be a good day for Brendan Eich.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact