I'm fairly certain that I was not the only person in the world who thought to himself, "Did they just yoink the entire Internet and bundle it together
From the article:
"I know for a fact that Wikipedia operates under a CC BY-SA 4.0 license, which explicitly states that if you're going to use the data, you must give attribution. As far as search engines go, they can get away with it because linking back to a Wikipedia article on the same page as the search results is considered attribution.
But in the case of Brave, not only are they disregarding the license - they're also charging money for the data and then giving third parties "rights" to that data."
Not only because of this article, but merely an hour ago I have read also this post (numerous links provided in the post) about the dubious Brendan Eich.
I think LW is better out of the box. It has both UBO and Containers built in. Which is just awesome. I still use FF as my daily just because I have customized it beyond belief, but if I were to start over again I think I'd start with LW.
I think Brave did some aggressive marketing, including social media posts and comments. I did buy their narrative at first too - a browser that already tuned to block ads and trackers. But later I've noticed that it constantly connects back to brave server and it looked suspicious. Firefox is the best.
Yeah, exactly. If every browser is chromium based the web will be an unhealthy monoculture. Easy for a single player to dictate standards. Haven't seen this mentioned as much, but its really important
Brave is great for less techy people because it's defaults are good enough. It's not necessary to tweak settings and install add-ons to get basic privacy. I definitely prefer Firefox, but it takes some knowledge to get it to surpass Brave's defaults.
Add-ons give you a lot more choice and control than baked in options.
What's stopping Brave's blocker from just allowing ads from Brave's services? Can you see under the hood to tell if it's blocking everything or just surface level stuff?
A proprietary built in blocker is only as trustworthy as the people that made it, and as the links in this discussion suggest, Brave isn't earning much trust.
Of course, using add-ons also requires diligence, as each add-on from each source requires one to both trust the source and vet each source regularly. An add-on is also as trustworthy as the people that made it, and one must be willing to do the work the verify that those add-ons continue to be safe.
The reason is they have proper build infrastructure managed by the Brave. With Ungoogled Chromium the binaries are produced by third parties, vary in version etc. People claim they would only use "open source software" but they do download binary versions nevertheless and don't compile that code themselves. This increases the risk of a supply chain attack, where a malicious binary is submitted and nobody has really knows until it is too late. The other issue is they disable CRLSets because of "google hate" which we think actually increases the likelihood of a MiTM attack occurring because rogue certificates are not detected and invalidated as quickly as they could have been.
You can try Librewolf. It is a firefox fork with focus on privacy. You do not need to go through many settings when setting it up, as you need to do with firefox standalone.
Previously was using Firefox Developer’s edition which is also decent. But I like a minimalist browser that acts more like a framework to which I can just add what I want, and doesn’t come with a lot of bullshit I don’t need.
The reason we don't recommend Ungoogled Chromium and instead recommend Brave on the privacyguides.org website is because they have proper build infrastructure managed by the Brave. With Ungoogled Chromium the binaries are produced by third parties, vary in version etc. People claim they would only use "open source software" but they do download binary versions nevertheless and don't compile that code themselves. This increases the risk of a supply chain attack, where a malicious binary is submitted and nobody has really knows until it is too late. The other issue is they disable CRLSets because of "google hate" which we think actually increases the likelihood of a MiTM attack occurring because rogue certificates are not detected and invalidated as quickly as they could have been.