From article:

If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

More reason to ditch the crypto bro browser.

    • funkajunk@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Not that I’m defending anybody but how is this touching your “network stack” any more than any other application?

      • t3rmit3@beehaw.org
        link
        fedilink
        arrow-up
        12
        ·
        1 year ago

        because a VPN is both a new network interface, and it has the ability to change how your traffic routes. Most applications don’t do that.

        • funkajunk@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I see now that it was adding a wireguard interface, but without seeing the configuration being used, there’s no telling if they are routing anything more than the traffic from the browser.

          As an aside, are you serving applications from your workstation?

          • t3rmit3@beehaw.org
            link
            fedilink
            arrow-up
            3
            ·
            edit-2
            1 year ago

            Whether they route only the browser or traffic or not, that is messing with my traffic routing, and that’s dangerous. If they control the VPN exit node (but especially if they control that AND the browser), they can do almost anything they want with/ to your browser traffic.

            Not sure what me serving out applications from my endpoint device has to do with this, but yes, I sometimes do (LAN games, netcat listeners, python servers, etc).

          • abhibeckert@beehaw.org
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            there’s no telling if they are routing anything more than the traffic from the browser

            Yeah that’s the problem “there’s no telling”. Messing with network settings is opening a can of worms and highly likely to cause problems one day.

  • Engywuck@lemm.ee
    link
    fedilink
    arrow-up
    16
    ·
    edit-2
    1 year ago

    https://old.reddit.com/r/brave_browser/comments/17b0pxl/brave_appears_to_install_vpn_services_without/k5kwd97/

    https://github.com/brave/brave-browser/issues/33726

    And crypto are disabled by default.

    No, I wont’ ditch it. It’s the best browser out there, right now, since scummy/corrupt/hypocrite Mozilla (which, remember, is in bed with Google, Amazon and Facebook while criticizing them) decided that Firefox is just a side project for them and they’re deceiving people making them believe that donations fund FF development.

    Don’t even bother to reply. I’m not going to fuel this shitty thread any further.

    • WastedJobe@feddit.de
      link
      fedilink
      arrow-up
      122
      ·
      1 year ago

      “In bed with”=takes their money to have their search engine and lets you change it in 30 seconds while being completely open source

      I don’t see the problem.

          • 30p87@feddit.de
            link
            fedilink
            arrow-up
            14
            ·
            edit-2
            1 year ago

            0.980s by using ydotool key 29:1 20:1 20:0 29:0 -d 0 && ydotool type "about>preferences\n" -d 0 && sleep 0.26 && ydotool type "search engine\t" -d 0 && ydotool key 103:1 103:0 -d 20

      • flora_explora@beehaw.org
        link
        fedilink
        arrow-up
        9
        ·
        1 year ago

        Tbf, changing the default search engine probably has the effect that the vast majority of users will stick with it. So, although it is pretty easy for you and me to change the search engine, it still promotes Google quite a lot and thus undermines the independent character of Firefox as a whole.

        • WastedJobe@feddit.de
          link
          fedilink
          arrow-up
          32
          ·
          1 year ago

          Absolutely. I would prefer they didn’t have google as the default, but I’d rather have Firefox with good funding and google as default than firefox with very little funding.

          • flora_explora@beehaw.org
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            I wasn’t defending chromium or brave, not even commenting on them at all. I was just adding a caveat to what the other commenter said about Firefox.

      • ByteWelder@lemmy.ml
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        1 year ago

        I applaud LibreWolf’s efforts, but the hard-coded timezone makes it unusable for me. Other than that, it’s a great browser. I used it several months until the timezone confusion got the best of me.

          • ByteWelder@lemmy.ml
            link
            fedilink
            arrow-up
            4
            ·
            1 year ago

            If I recall correctly, it was meant as a measure against fingerprinting. It’s basically one less thing to uniquely define a user based on the info that the browser gives to a website. I’m not sure if it’s still like that, cause it’s been easily a year since I used LibreWolf.

          • Baggins@beehaw.org
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Yes, what is the deal? I can’t say that I’ve noticed any issues. Am in UK if that makes a difference. And I usually run it through Proton VPN.

            • Aatube@kbin.social
              link
              fedilink
              arrow-up
              5
              ·
              1 year ago

              While I’ve never used LibreWolf before (I use Waterfox), that probably does make a difference as the UK is UTC+0.

            • abhibeckert@beehaw.org
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              1 year ago

              Two issues.

              First of all a lot of websites show times in your current timezone. Beehaw for example says you wrote your post “2 days ago”. Depending what timezone my browser is in, that could display 3 days or 1 day. When I hover over it, it shows the exact date/time in my timezone. Which is handy.

              Second it doesn’t actually achieve the intended goal. Even if you use a VPN chances are you’ve set it to give you a public IP address close to you to have good performance. And if your IP address is in Proton’s London datacentre but your timezone is UTC+0 when everyone else is UTC+1… well you stand out like a single black sheep in a flock of white ones and ad networks are absolutely fingerprinting you with that.

    • Moonrise2473@feddit.it
      link
      fedilink
      arrow-up
      58
      ·
      1 year ago

      It’s still a behavior like “we are the best software in the world, once we get admin permission we can do whatever we want without additional user consent, people appreciate it”.

      No. You must ask permission to install useless Windows services, even if they’re disabled.

    • lukini@beehaw.org
      link
      fedilink
      arrow-up
      42
      ·
      1 year ago

      Don’t even bother to reply. I’m not going to fuel this shitty thread any further.

      Nah I’m gonna pile on. Firefox is better.

      • bananbreadnomnom@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Brave is chrome

        Chromium, and no. It’s downstream from it and they remove the parts they don’t like. They did some things in the past that makes them highly untrustworthy in my opinion (like replacing affiliate links with their own ones or using user data from their search engine to train AI) but Brave is still far better than Chrome.

    • Mika@beehaw.org
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      I’m considering it, but how does thorium handle Google’s recent Web manifest updates that break true ad blockers like uBlock origin?

      I’ve been pretty happy with the customizability of librefox with the userchrome.css and ublock still works with YouTube.

      • penquin@lemmy.kde.social
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Well, you have two options. The same developer of thorium does have a Firefox one and it’s called mercury. Blazing fast, too. Or you can install adblock detection bypass extension on thorium. It is an extension that’s made to work with chrome alongside ublock origin to bypass YouTube adblock detection. In fact, I literally just ran into that issue today and the other extension fixed it.