This does not appear to be true. Here is the github repo for their open source adblock engine written in rust:
Here is a (somewhat dated) article describing it by the authors:
> Google will take decisions that benefit their advertisement business, like making impossible to use adblockers on any Chromium based browser.
Because the brave adblocker is integrated directly into the browser (ie. not an extension) the Manifest V3 limitations don't apply.
> Rewards is their shitty program that will replace ads displayed on websites with their own.
Brave doesn't replace ads with their own. Brave ads are displayed as desktop pop-ups. They can also be easily disabled (which, surprise, the author doesn't mention because of his bias). And the idea behind Brave ads is to give you tokens which are then distributed to the content creators you engaged with. This is the default setting. Their idea is not to shovel you with ads or offer you "get rich with crypto" schemes. Idea is to block ads but still provide revenue to the content, based on how many users engage with that content.
When I see people saying "Brave replaces ads with their own" I have to wonder if they have tried using Brave themselves before writing these critique articles.
You watch significantly fewer ads than before, these ads are then supplied to whoever you yourself engage with. That seems like watching these fewer ads directly on the site, just with a few hoops in between.
The difference is that now you watch fewer ads in total, and you have the Brave-browser as an inbetween, which also somehow has to survive. This means that you get potentially even less money, since less ads are watched and the ones that are watched are more diluted (even if brave currently doesn't take a cut at the moment: At some point they have to pay their developers, too).
Also, why do they pay out in BAT? (other than the fact that they cooperate with "uphold" a crypto-exchange and that they also really really want to jump on the crypto-bandwagon)
Somehow there has to be money going into the system that supports its own existance. If brave had something like a subsciption service or other way to get additional funds into the Network, then it might be more understandable, but even then: Why should I support someone by using BATs instead of paypaling/patreoning/whatever-elseing him the money directly?
Per https://brave.com/rewards and https://creators.brave.com, users opt-in to Brave Rewards and begin participating with privacy-preserving Ads. Each ad nets you, the user, 70% of the associated revenue.
Rewards come in the form of BAT, which moves more easily and comes with considerably less friction. The blockchain enables users to effortlessly and anonymously participate. This also means that everybody with attention (and not necessarily disposable income) can support the content they love online.
As for paying out in BAT, creators can choose to have BAT auto-converted into Bitcoin, US Dollars, etc. Users can also have their rewards converted into another type of asset or currency via Uphold too. BAT is simply a utility token, whose utility is currently best demonstrated within the Brave ecosystem.
To your last point, the "money going in" comes from advertisers. They pay in fiat currencies, or via BAT. If they pay us in dollars, we purchase BAT as needed from the market. Users can also self-fund their wallet, if they have disposable income.
You watch fewer ads than before, which means (if the ads pay the same) that each website gets on average (i.e. if the split is the same as before) less money. As you describe it, only 70% of the ad-revenue actually reaches the user, meaning even if you watch the same amount of ads, websites get 30% less money, and that ignores that many people just opt-out of ads. (BTW do you know where that 30% go to?)
> The blockchain enables users to effortlessly and anonymously participate.
That actually makes sense. But if you want to get money out of BAT, don't you have to pay a transaction fee? And if you don't, then how does Uphold make any money to pay their developers?
For me it seems that there's money vanishing at every point and very little or nothing to replace it.
Also, wouldn't brave have a quasi-monopoly on ads in this configuration? Even if brave is an honorable company (and I have no reason to doubt that), it makes me uneasy to know that we are breeding another potential "too-big-to-fail" giant like Facebook/Amazon/Google.
Rereading your comment again and noticing the "users can distributed bought BAT directly" part: Then the monetization system makes a little more sense. Do you have stats on how much people are paying in? Is the ultimate goal to get rid of ads entirely or at least shift over to a "pay for what you use" model? In that case I can understand that. (though the monopoly on website monetization part still makes me kind of uneasy)
You're correct that publishers lose revenue when ads are blocked on their sites, but not blocking ads means users are at an increased risk of being abused by malicious third-party actors. This is one of the main issues with ad and content blockers: they keep users safer, but they take revenue from content creators.
Brave is working on a model that reduces fraud, increases rewards for content creators, and rewards users for their attention. This won't be built overnight, let alone over a few short years. That said, we are making tremendous progress, now settling over 8-figures each month for verified content creators.
As Brave matures and develops, more options will become available for users and content creators to earn more.
As for transaction fees when converting BAT, you are correct. There are often transaction fees involved. But those often depend on how much you're moving around, if you're buying or selling, etc. Uphold and Gemini (our other partner in this space) may also differ between each other.
You're right about heavily centralization around Brave too. This is why we're working on THEMIS (https://brave.com/themis/), a protocol for decentralizing the Brave Ads ecosystem. We recently wrapped-up an effort in that space and blogged about progress: https://brave.com/themis-rfcc-wrap-up/.
We don't have stats to share on how many Brave users are self-funding their wallets vs earning with Rewards. That said, the latter category is naturally going to be much, much larger. It is also not an either-or thing either; many people opt-in to Brave Ads and also buy BAT to supplement their attention-based earnings.
I don't think the goal is to get rid of ads entirely, but rather to yield power to the user. Not everybody has disposable income, and therefore many people would prefer to opt-in to privacy-respecting ads, earn rewards for their attention, and support the Web by those means. For those who wish to self-fund, that is possible. They don't need to opt-in to Brave Ads either.
I.e Brave is bootstrapping on manipulation of the intent of the publisher.
A cleaner aproch may be to approach publishers offer them a "better way" and decuple it from the browser marketing privacy / reduced ad load.
Likewise standards bodies, NGOs and Gov agencies need to protect users in the web and app ecosystems making it a more level in respecting user privacy / reduced harm. To control publisher / advertising / user relationship in a fair way.
But we live in a time of fast pace asymmetrical software mediated warfair and a few eggs are going to be cracked along the way in to trying to build something better.
Brave doesn't inject ads onto webpages; so there is no scenario where you (as a publisher) would have our ads displayed on your page (unless you, yourself displayed them).
Please see this 5-minute overview of the problems facing digital ads, and Brave's proposed model: https://youtu.be/LsrrT502luI
Even if all ads on all websites were made in a privacy-respecting way, people would still use adblockers.
This is because people simply hate ads in their browser. It is because they make browsing experience miserable. They add bloat. They distract from the content. They add cognitive overhead. They slow down browsing. They are literally unwanted guests in our browsers.
So Brave’s model replaces one set of ads with another, basically achieving nothing to mitigate the problem itself - very existance of ads in the first place. What makes Brave’s ad model worse is that it offers people a monetary incentive for doing an activity (watch ads) that we know they are trying to avoid (by using a browser with an ad-blocker). So the very premise of this setup seems to be that people hate ads just because they are not privacy-respecting. But reality is that people normally simply do not want to be exposed to ads.
(btw the only ad based business model that would align all incentives is one in which users would be paying to see the ads)
And the content creator argument has long been debunked as smoke screen planted by companies in the ad business (and Brave qualifies as one), because monetizing any content through ads is the least efficient way to monetize creative work. What this model actually does though is incentivizes the creation of large quantities of low quality content.
The model for profit is around the bat coins gaining popularity. The payouts are extremely low for everyone.
Incorrect. Their revenue is in USD, and their payout is calculated using the revenue in USD. The price of the token does not affect them in any way.
Their model from profit is unbelievably simple. They are an ad network that uses the browser as a distribution vehicle. More people using the browser, more advertisers will be buying ad space, more revenue for them.
They do have a published roadmap about offering more services in the crypto-space (built-in web3 wallet with direct connection with crypto exchanges, use of NFTs to access features and services on different websites, etc) which are very interesting and it might even become a bigger play than the existing ad network. At the end of the day however, they can have a solid and sustainable business just with the ad distribution network.
- Most people won't paypal/patreon/send money directly
- The current system uses ads as a shorthand for attention. If you're able to get attention you get more ad traction and more money.
- Ads suck and are a corrupting influence on everything, if there was a way to directly award attention without ads that would be better.
- Brave replaces ads by tracking attention directly and attempting to reward it directly with BATs. These is done instead of cash because (I'm not really sure why) - I suspect because it's easier to manage and easier to split into tiny amounts.
- Flattr from the late 2000s (2007?) was similar, but with cash (Flattr = Flat Rate) the idea being you'd put in $XX/month and it'd distribute it depending on what pages you viewed. It was created by some of the Pirate Bay founders iirc. It never got much traction.
The issues I have with these services:
- Ads are bad, but the attention economy is the underlying problem. Removing ads is good, but still incentivizing attention for $$ isn't great.
- In the case of 'privacy' Brave has now inserted themselves as the tracker of all attention, this is very high risk and not a lot better than the ad companies. Sure you don't see ads but a lot of the bad slot machine incentives around content remain.
- I don't want to necessarily pay everyone based on what I view, what if what captures my attention is crap? What if I'm reading something for context, but don't support it?
I get what they're trying to do, reward people without ads and without making users pay - but I'd rather the ad model just die and if some businesses can't survive without it we probably don't need them. I recognize this isn't super realistic because companies compete on a global stage.
A business truly operating in the interest of users would make a browser that had ad blocking built in without tracking - and worked on subverting ads full time (what users actually want). This includes real privacy by not being a new middle man tracking attention. Apple is the closest to doing stuff like this with their new onion router VPN, making it easy to block tracking from apps in the store, etc.
Brave pretends its interest is privacy and browser users, but it feels like a rationalization to me. Brave's core business is attention tracking and taking a cut of that, if not now - when they have more power. Its user's attention is what they monetize - those incentives don't lead some place good.
The browser is sent a list of ads, and the browser decides which ads to serve based on its metrics. Brave doesn’t see this data and the user can choose to participate or not.
There are no easy answers, but this is an interesting model and a reasonable compromise for many.
The ads from Brave are completely separate from the website. They are presented as an OS notification pop-up.
> Somehow there has to be money going into the system that supports its own existance.
Yes, of course. Their revenue coming from the advertisers that get to place ads on their notifications. They only pay to the users a share of this revenue. If for some reason they stop getting advertisers, they will stop paying the users. Simple as that.
> This means that you get potentially even less money.
This is making the very bad assumption that they have a fixed revenue. As their user base grows, more advertisers will be interested in placing ads on their network and their revenue will increase.
> Also, why do they pay out in BAT?
Primarily, because it simplifies the logistics and allows them to escape the regulatory hurdles of having to become licensed money transmitters, and lets them outsource all of that crap to the crypto exchanges. A second-order but also important effect is that it attract users who want to speculate on the token.
> Why should I support someone by using BATs instead of paypaling/patreoning/whatever-elseing him the money directly?
Patreon is not bad, but they are not in a business that can fight surveillance capitalism. Patreon does not have a way to block Facebook from tracking my browsing. Brave does. Patreon does not block the Youtube ads from the people that you want to support. Brave does.
On one side, Brave come with an adblocker that will remove any ads from the website you're visiting. On the other, they provide their own ads through the reward program.
So it can be seen as "replacing website ads by its own".
I approve that line of reasoning, but I think that what the author meant.
Brave allows you to do whatever you want. You can see publisher ads without Brave ads. You can see Brave ads without publishers ads. You can see both. Or you can disable both.
Since individual users can achieve any configuration of ads they like, to me it seems that some people are only unhappy with this because they want to push their moral stances on everyone else. Like, for example, stating that the ability to block publisher ads while enabling Brave ads is immoral and shouldn't be allowed.
Brave basically aligns advertising incentives to match with viewer incentives. A Google served ad is not the same thing as a Brave served ad from the perspective of a viewer, because Brave ads are optional and some of their value accrues to the viewer.
Is the alignment perfect? No. But I do view it as a substantially better starting point than the currently centralizing, adversarial model that currently exists.
The notion of getting paid to view a separate stream of ads seems bizarre. It's the 'Ad Buddy' model, but with crypto.
I used brave's android browser a long time ago as well (at that time these claims were true - but they didn't replace the ads on all pages). I cannot speak about whats the current situation however, as I'm not up to date on the topic.
Lie. Brave doesn't track you. Your ad data never leave your machine (a bit like your bookmarks). The ad engine works privately on your computer and not on Brave server.
Every request Brave makes "home" will transfer private data like IP address of the user and browser fingerprint, regardless of the payload. Can you clarify what is done with this data?
Also if it is true what says in the article that some requests "home" can not be disabled, why is that the case?
I'm happy to discuss any requests you like; we also document all of this to the best of our ability on GitHub as well (https://github.com/brave/brave-browser/wiki).
As for disabling requests, this is a valid petition. Our goal is to have no extra requests when and where possible. We've worked hard to keep them to a minimal. There are some requests (e.g. product update requests) that we've been hesitant to make more easily blockable, since this could potentially leave large swaths of Brave users disconnected, and increasingly vulnerable.
> We've worked hard to keep them to a minimal.
How is 80 requests minimal? (source: your own above-mentioned article). It seems to me that 0 requests would be minimal.
What is preventing Brave from being a zero-telemetry browser by default?
I'm not sure where you saw 80 request; my network analysis post (https://brave.com/popular-browsers-first-run/) shows Brave issuing 70 requests over a 10-minute period. Compare with Chrome (91 requests), Firefox (2,799 requests), Edge (367 requests), and Opera (106 requests).
0 requests is not realistic, IMHO. When you launch a browser you want to make sure the user has a fresh local DB of known-malicious URLs (so you don't have to pipe each request through a look-up service, like Opera does) for client-side checking. You also want to make sure the client has an updated list of blocking rules for other types of content. There's quite a bit of setup needed when you launch a web browser.
Zero telemetry is unwise, assuming you want to build a product that works for a diverse set of users, devices, and environments. The main issue here is not whether you collect telemetry, but [how] you do so, and what that looks like. Brave is careful to preclude abuse from the design phase; see https://www.brave.com/p3a for more on how we handle Privacy-Preserving Product Analytics.
>0 requests is not realistic, IMHO. When you launch a browser you want to make sure the user has a fresh local DB of known-malicious URLs (so you don't have to pipe each request through a look-up service, like Opera does) for client-side checking. You also want to make sure the client has an updated list of blocking rules for other types of content. There's quite a bit of setup needed when you launch a web browser.
And maybe I just do not want the browser to send requests home.
And even if both of these are enabled these should be just two requests - what is going on in the remaining 68? It just looks like a very high number even if it is smallest among other test browsers (which doesn't make Brave good, just makes every tested browser broken in this regard).
>Zero telemetry is unwise, assuming you want to build a product that works for a diverse set of users, devices, and environments.
Zero telemetry should be the corner-stone of any privacy respecting product. Only zero telemetry ensures and guarantees that user privacy will be 100% respected. Everything else, even sending just one unwanted request "home" or anywhere else, can and should raise valid questions about what is done with the data including IP address since this will be closed source even in an open-source browser like Brave.
Telemetry is crucial to understanding how your product is used, as well as understanding what works and what doesn't. You cannot have one-on-one conversations with 30M+ users, which is how you learn, develop, and improve.
Brave needed to find privacy-respecting ways to achieve similar "conversational" insights. That's what we've done with Privacy-Preserving Product Analytics (https://www.brave.com/p3a/). P3A doesn't collect any user data, operates on a set of published "questions", and uses vague, range-based "answers". We also split up the requests to avoid developing a "fingerprint" from the answers.
Besides, malicious URLs directory and content blocking hardly qualify as 'security’ features.
Telemetry can be useful, and totally feel free to have as much of it as you want, as long as users opt-in into it. You seem to be making a lot of choices on the behalf of the user, when your default setup has whopping 70 requests “home".
There is a way to achieve everything you want, and for a privacy respecting product (or one claiming to be one) these choices absolutely need to be users' and not yours (by the very definition of the term privacy)
Presumably it would send the same data whenever it checks for software updates too.
I can't really see how zero-knowledge proofs could solve this. There is no cryptographic way to prove that software executing on a clients machine triggered a notification.
Especially on Linux where an open source notification manager could be modified to reject it.
I'm equally not so convinced on this anonymous ad system they claim to have built. The browser claims to generate an adID based on your history but encrypt this info to the advertiser. Maybe someone who has actually interacted with the ad platform can provide more insight on what information is exposed.
Zero-knowledge advertising sounds practically like an oxymoron to me, but hey they claim to have made it work.
A sufficiently-capable attacker could conceivably trick the browser into thinking a native OS ad-notification was displayed, we do rely on the OS to inform us at this point (though preview versions of Brave do not have this dependency), but we have considered this as well.
The main threat here would be an attacker who attempts to automate the confirmation process, and potentially duplicate it across various VMs or OS instances. Fortunately, we've considered this too. For reasons I hope are obvious, I can't go into greater detail here.
But yes, when you view an ad, that gets recorded somewhere (so that you can get rewards, and the advertiser can be billed).
You decide if you’re comfortable with this or not. The feature is easily turned on or off.
Epic's mobile browsers were built on Brave/Chromium, but now that Brave has endpoint and other dependencies as mentioned it doesn't explain, it isn't possible to continue to build on them or even test them since Brave features don't work in outsider builds.
> For example, this allows the removal of specific tags in HTML documents before they are parsed and executed by the browser, something not possible in a reliable manner in other browsers. This feature requires the webRequest.filterResponseData() API, currently only available in Firefox.
I'm going to trust Gorhill on this one. If a significant feature _does not exist_ in Epic then the only way that it couldn't hurt performance is if it was somehow useless. I suspect the Epic people (accidentally?) didn't measure that aspect.
What unexplained endpoints/dependencies does Brave have? I believe I demonstrated otherwise (with links to external resources) here: https://news.ycombinator.com/item?id=27552530.
Brave's Sync v2 works decently well.