- Download a browser with a built-in VPN
- Get browser and VPN services on your computer
Why is this news?
removed by mod
Just imagine: using Windows and being concerned about privacy. Big lol.
removed by mod
They have a point though.
Windows automatically means you don’t have privacy and you cannot have privacy.
On Linux you at least may or may not, depending on configuration.
removed by mod
removed by mod
removed by mod
But you don’t. Because you don’t.
Nobody does. Windows is closed source and its inner working is a trade secret. This means you cannot know how to lock down windows. Of course there are best practices based on info from microsoft or people who know a thing or two about info sec but it’s all guess work and/or trusting the developer by its blue eyes.
removed by mod
Thats something Ive never understood about closed source.
The OS, in its entirety, is on your computer. Why are you not able to open it up and root around within it? Is it just encrypted to a degree it cant be cracked? Or is the legal ramifications of unraveling it just not worth unraveling it?
Why would someone who uses Debian care about Windows?
removed by mod
I don’t, because I have better use of my time than to learn to use someone else’s computer
removed by mod
Imagine claiming to be technically competent and using Windows, being obliged to “lock it down” to made it a “non spyware”. Take your meds, dude.
Imagine being such a dink you know nothing yet you open your mouth.
Oh wait, you don’t need to imagine.
But you don’t. Because you don’t
Exactly, that’s the point he was trying to make.
You can’t harden windows to the point of an acceptable level of security. That is the inherent nature of proprietary software.
removed by mod
Prove to me that your windows system is actually “hardened” and that you have no backdoors or telemetry broadcasting at all. At the very least, Microsoft still knows what you are doing, you cannot trust your 3rd party firewall because windows can still sidestep it.
I don’t even know who the fuck those people are, all I can tell you is that there is a reason that any professional application that requires legitimate security, runs on foss systems, or at the very least source available. If you are too stupid to realize that, then you really don’t have any say in this matter whatsoever. It doesn’t even just include baremetal Linux either.
I don’t know who you’ve been arguing with on this, but I actually make a living working on Linux machines, I’m not even coming at you from a freetard perspective, solely work experience.
removed by mod
How do you harden windows?
It’s good users are now aware that Brave includes redundant features that you have to pay extra for to activate. Users browser will update everytime the browser or the VPN software needs an update.
For example Firefox VPN from Mozilla is separate software. They don’t force millions of users to download it even if they don’t want it.
This is yet another example why people should not be using Brave and should be skeptical of its intentions.
deleted by creator
Whats pocket? And why is it bad that its on the browser?
deleted by creator
But its not active unless you turn it on right? Just preinstalled so if you decide to use it its already there?
Cause that does sound like a little bloatware but if thats the only bloat they have and thats its only issue Im not sure Im bothered by it.
that’s exactly what people are complaining in this thread, just about different browser
removed by mod
brave is basically installing a future minefield with system-wide access waiting to be triggered by them, or an exploitable bug by others, on all brave users’ pcs and not just those who sub to their vpn service.
removed by mod
Because it’s Brave and people like to jump on bandwagons. This is like the 6th time I’ve seen this article posted in lemmybin also.
And since we have the reddit-minded folk here, no, I do not support Brave and never will and I would much rather they disappear from the internet, but using ragebait to complain about the browser installing the necessary files to have one of their advertised services working, like pretty much every other software does, is not the way to move forward.
Yea i don’t get the hate boner for brave. I get it’s sketchy and don’t use it myself, but they aren’t sneakily installing some VPN to redirect all your web traffic without you knowing. They tell you about it right up front because it’s a service they want to sell.
If you don’t like the browser, don’t use it. There isn’t a need to go on some crusade to smear them with bullshit.
It’s a bunch of people upset with the company’s CEO or whatever over personal views. The browser itself wasn’t that bad after you disabled the ad and crypto stuff, which they heavily pushed on you.
I had switched to it from Chrome last year but ended up not caring for it, so I went to Firefox and Librewolf. People can use whatever the hell they want, idgaf. But for those who will eventually end up complaining about YouTube ads and continue to use Chrome, I have no sympathy for if you can’t take the few minutes to download and install a new browser and move your favorites over.
This community has some of the worst biased tech readers.
deleted by creator
please let us make bad choices and don’t talk about why they’re bad
deleted by creator
there’s a term for appropriating the struggle of an oppressed group the way you just did, but I can’t remember what it is. Anyway - I feel like you’re assuming everyone is talking about you when we’re not… If we don’t like something that you like, you can just mind your own business…?
If there’s a post about someone doing something bad, and people talk about how bad it is, but you think it’s good, are we all supposed to stop talking about it because you showed up?
deleted by creator
Just use Firefox. Or LibreWolf if you want a pre-hardened Firefox. Remember to install uBlock Origin.
Thanks for pointing me to LibreWolf. I like to use separate browsers as information silos and have been using Brave as my secondary. Been looking forward to switching it out for a long time, LibreWolf sounds like just the ticket.
Information silos.
You can also use Firefox containers. One of the best features of Firefox.
Paired with the Foxytab plugin to automatically open websites in specific containers or restrict containers to a list of websites. Firefox also has profiles, and a simple extension (with a tiny thing to install in your PC) makes them as easy to use as they’re on Chrome
Question: why would they do that? If you don’t even know it’s there, what good is it doing for them?
It’s also enabled by default.
Edit: Apparently it’s not enabled by default. I tried brave some time ago and remembered that it was enabled, which promoted me to uninstall it immediately. Maybe it was enabled by default then, maybe I misremembered.
Having a VPN basically just means sending your traffic (albeit encrypted) to someone else’s server, before sending it to the wider internet.
That means if you don’t specifically disable it, everything you do in the brave browser could theoretically be logged, processed and analyzed by the owners of brave.
Even if the traffic itself is still encrypted, like with online banking, just knowing how many people in a certain city use which bank for example, could be very interesting to advertisers.
Depending on how evil they are, they could also log extensive amounts of user data, just waiting for the day it becomes legal to sift through it (just like a lot of governments do).
Or maybe they just log and sell your data even though it’s illegal. Like a lot of companies do all the time (see Cambridge Analytical scandal etc.).
Or maybe they don’t. But if I was a browser company I’d sure enjoy having all my users route all their traffic through servers I control.
Holy fuck, well that is a whole other issue…
deleted by creator
the toggle shows up by default, but without a paid subscription the vpn is unusable. even then you need to enable it. you can disable it completely in brave://flags and set “enable experimental brave VPN” to disabled. it’s shitty that they include it by default, but it’s disingenuous to say they’re rerouting traffic of all brave users through their own vpn servers.
Alright, thanks for the correction.
deleted by creator
Opera does this too and nobody bats an eye (anymore).
For some reason people like to clown on Brave specifically.
deleted by creator
DDG did WHAT
deleted by creator
Sounded nasty so I looked out up. Seems it wasn’t intentional.
https://www.reuters.com/article/factcheck-duckduckgo-gates-track-idUSL1N3792HE
When was the last time you read any posts from privacy communities? Firefox is usually what people suggest and noobs talk about Brave.
deleted by creator
Probably because nobody cares about Opera doing that since the ones pointing this out are at least privacy aware people that won’t use Opera. It is also a problem when Brave does it because it is a “privacy focused” browser. They sure have the balls to do this.
Opera was also 100% up front about it and sold it as a feature. They didn’t sneak it into installers and crap. IMO that’s the issue, the lack of communication.
It’s crazy to me that people ever thought brave was “privacy focused” when it was clear that they were trying to jump on the crypto bandwagon with their own in-network crypto and ad network. It was always just a reskinned chrome with ublock built in and then their ad network tacked on top
Brave is doing the same: https://www.ghacks.net/2022/05/29/brave-partners-with-guardian-to-bring-a-paid-vpn-and-firewall-to-its-browser/
Did you do any research at all before making your statement?
I don’t like brave because Brandon Eich (CEO, formerly with Mozilla) doesn’t support gay marriage and was pushing anti-vax stuff on twitter. I don’t look for this shit to titillate my tits like some folks, but when it hits me in the face I can’t ignore it.
When fact checking myself I found even more controversies, but I’m not wasting time reading articles that feed a confirmation bias.
He’s also the creator of JavaScript if that irks you any more.
it does
It’s crazy to me that people ever thought brave was “privacy focused” when it was clear that they were trying to jump on the crypto bandwagon with their own in-network crypto and ad network. It was always just a reskinned chrome with ublock built in and then their crypto and ad network tacked on top
I don’t like Brave because they’ve done dodgy things like this time and time again over the years, and each time Brandon Eich went on a marketing campaign across social media to drum up new users and drown the story out.
Please Brave: cutout the bullshit defaults game. Everybody’s getting smarter and companies are getting stupider
Edit: said this b4, don’t fuck with your own competitive advantage where you haven’t had a joint and duly qualified computer science lawyer who explains how easy it is to lose trust and commercial viabillity for a sketchy, underhanded product (see LastPass). Also FUCK LastPass, may this Pass be their Last
Sick. Thanks brave.
deleted by creator
Installing VPNs without telling the end user isn’t a good thing.
deleted by creator
O.o did you even click the article? That’s exactly what they did.
Yes they did install services.
https://www.ghacks.net/2023/10/18/brave-is-installing-vpn-services-without-user-consent/
And that’s what we call a Trojan horse
Firefox over everything. use Vivaldi if you insists on rendering blink
Just a reminder, any time you see a “tech” youtuber with brave installed, they’re not going to be an excellent source of information
Brodie Robertson is an excellent source of information ☹️
Except in terms of browser choice apparently. Either they’re ignorant or being paid. Either way it’s not a good sign.
What browser signifies an excellent source of information? Ice weasel? w3m?
raw dogging straight html
Haha, my browser is called curl
Lynx
I have Orion (macOS only for the time being) and it’s sooo good.
The amazing part is that it even works as a daily driver if you’re a not-so-techie person/normal user… but then on top there are all these little extra features and optimizations that make it like Safari if Safari was actually good.
I would at this point a) not be able to go back to either Safari or Firefox (edit: nor Ungoogled Chromium) as well as b) immediately trust an Orion user on most of what they have to say about a “tech” related opinion :D
Sounds interesting. I’d thought I’d heard of all the browsers that exist lol. Gonna give it a spin .
Wow, Orion is pretty slick! And Orion+ doesn’t offer any actual features aside from early access and input on the roadmap. So far so good. Custom buttons is really cool, built in tree style tabs is slick. Also!! orion has workspaces that are as good if not better than vivaldi’s! This is really slick, thanks for sharing
Based on your comment, I’ve just downloaded Orion to give it a shake. Very much enjoyed the OS X-esque intro video. Took me right back to installing Snow Leopard for the first time.
I don’t understand when and why Brave became such a household name. It seems so many people use it and swear by it, but its reputation is “suspicious” at best.
Just use Firefox. It’s been around way, way longer and it doesn’t use the Chromium engine. Google doesn’t need more of a monopoly on the internet.
I use it as my YouTube/spotify browser because the ad block just works. Firefox is janky because I have other extensions running that screw up playback on some sites (this has gotten a lot better but I still just use brave out of habit)
The only real problem I ever had with Firefox was this privacy option that would disable auto playback on sites like Twitch and TikTok but that was a setting I wasn’t even aware of. Other than that, I rarely ever have an issue with FF outside of web dev when it doesn’t yet support some cutting-edge web API feature.
Yea, it was something with various extensions I had going. I’m not blaming Firefox at all. I love Firefox. Just easier to use the other browser on the occasions when my configuration causes issues than try to troubleshoot it.
I’ve had issues with add-ons on some sites too. For those times I just use a different Firefox profile (each has its own set of add-ons and settings :D)
That’s a good idea.
I think if Firefox can find a way to have full parity with chrome extensions, that might be a big shift. I’ve talked to more than one person that has a specific extension they rely on that they can’t duplicate with Firefox options. They have many of the big names, but also some holes
Genuinely curious. What extensions are stopping people from moving to Firefox?
Not OP, (and Firefox is still my main), but I keep Chromium-based browsers around for Ichigo, an addon which automatically translates raw manga - which is a godsend for avid manga readers like myself who frequently run out of existing translated manga to read. There’s also Scan Translator which works in a similar way, but sadly Firefox has nothing like them.
In my opinion best bet is ungoogled chromium for any extensions or applications that utilize chromium.
I just spent awhile trying to switch from Vivaldi to Floorp before going back. It just doesn’t work as smoothly, things like tabs wouldn’t save properly between sessions, pinning tabs doesn’t prevent you from closing them, UI elements would disappear, etc.
It’s the other way around in my experience
But what’s wrong with non Chrome Chromium based browsers?
(Just give me downvotes, I don’t care if my question is stupid)
Well Chrome(ium) has almost all of the browser market share and google is trying to push something called web environment integrity which would implement a sort of certification system where web servers evaluate the authenticity of the client. If you extrapolate that idea a bit further it boils down to “we won’t serve you content if we don’t like your browser, device, OS, etc”. Which I would consider as hostile to the open but rapidly closing internet as we know it.
Edit: I forgot to make my point lol. Firefox is a completely different browser engine from the chromium based browsers which is why you see a lot of people recommending firefox because they don’t comply with web integrity. I don’t think it’s working though because this is something only the techbros and the cybersisters care about while everyone else just goes about their day.
Makes sense.
It’s not a stupid question, some people just don’t know.
Mainly it’s because:
- Chromium holds too much market share which is bad for the health of the Web.
- Chromium is controlled by Google which is concerning because they have been known to plant trackers even in software that shouldn’t have them.
- Chromium is inherently less secure, it contains features that might seem nice but are extremely risk to give access to websites i.e. letting websites access Bluetooth.
There are probably plenty more reasons but these are the big ones, and of coarse this is a simplification, in reality things are always a bit more complicated.
Web dev here. Regardless of my opinion, I need to make sure my web projects work on chrome because of market share.
Chromium is still controlled by Google, so having an overwhelming market share of Chromium-based browsers reduces competition and increases Google’s control of the market’s position and future. Using Firefox (and Safari, if it were not locked to a single ecosystem) reduces that threat.
When we say “controlled”, that’s still only accounting for the primary fork, right?
As long as it’s open source, it feels like the idea is that the day Google pushes “feat(): Users now automatically have $1 sent to Google a day” commit, someone creates a “chromium-nongooglefucked” fork repository from the prior commit, and everyone uses that.
K
It just means if they want to do something bad then they can
If Google wanted to they could ban VPNs on all Chromium browsers and all the forks downstream would have to comply
More likely they can make it so only verified websites will load and down the line charge to be verified. It kills the open internet and the ability for anyone to make a website/host it where they want
Damn.
The ol’ bait and switch…classic. Opera used to be good too, then chinese people bought it, then emerged opera vpn. Shaddy af. Same as camscanner
Can you elaborate on CamScanner please?
It’s a Chinese app that lets people “scan” a document using the camera on their phone. It was “free” for a long time, turns out it was dropping injected adware on people’s phones.
To be honest, Microsoft lens has had the same features for a long time, but didn’t have “scanner” in the name and most app searches are piss poor so people just literally searched “camera scanner” and got the adware result. Microsoft has their own long and shady history, but dropping an adware payload wasnt part of that.
I use it a lot during my study. But when CamScanner started serving ads, intrusive ads, “cloud backup”…i tried searching for alternatives and use microsoft lens. TBH, microsoft lens is shit compared to camscanner. The detection is slow, janky, cant do multiple pages scan and a lot more troublesome to use. CamScanner detection algorithm was way better at that time. So i bite the lbullet and just use it until end of my study.
Thank you!
I’m not so sure that’s true anymore with Windows 11.
Showing in app ads is one thing. Installing a Trojan specifically meant to circumvent App Store ad requirements is another. Windows 11, and most MS products at this point are ad delivery platforms, but they still follow the rules of app stores with the basic requirement of “shows in app ads” and “won’t try to inject a Trojan that beats your phone’s app sandboxing”
Camscanner hurt. I used it constantly. Then boom, absolute 180. I guess that’s the goal. Make a legit app that people love. Then sell it to someone who will exploit your loyalty customers. Cool!
Pretty much everybody has a number they will sell out at, for some it’s astronomical, for others it’s basically what you’d expect
Mine is staggeringly low.
At this point that seems to be the case everywhere. The future looks bleak, and so for most, trying to get what they can out of life before the climate wars, or WW3, or whatever happens seems to be the case. I don’t criticize it. I think there’s a high probability that the reason that we see little extraterrestrial life is that they did the same shit we are doing. The universe has a fractal nature. There are likely many species that also had planets that could support intelligent life. However since the competition for resources is baked into existence, they probably did what we are doing and are themselves no longer alive because they ended themselves before they could really end their stupid arguments about their gods, or work for the collective good more than the individual good
deleted by creator
And those devs working at Opera that objected to the sale of Opera started Vivaldi, literally “one of the kings of opera” as a competitive browser. It uses chromium under the hood but they’ve made strides in a power user browser. No crypto, built in ad blocking. The only revenue they get in the actual default browser install is that there are like 20 bookmarks to commonly used sites to start, and they have affiliate tags if you keep those bookmarks and use them. Other than that, they’ve turned off chromium’s new DRM features
Some of the OG devs who made Opera have made Vivaldi. It’s chromium under the hood, but with googles tracking and telemetry turned off. It’s not perfect, but it adds a significant number of power user features, includes its own (limited) ad and tracking blocking. I alternate between that and Firefox dev edition as my daily driver
Why is installing a VPN considered bad? Is it because it is done without user consent? I don’t understand if there is any malicious intent.
It’s “all your mail is now redirected to a third party that makes money by mining it for data without you knowing” level of nastiness. Absolutely deplorable and a reason to never touch anything made by the people behind Brave even with a ten foot pole. Brave is a scam and why people pretend its not is beyond me.
deleted by creator
They’re apprehending ALL of your browsing activity to their lucky vpn provider of choice.
that’s what the new outlook ‘app’ (replacing win 10/11’s mail ‘app’) does with gmail accounts. routes all your mail from gmail through microsoft servers before delivering to the app on your pc.
Because a vpn can monitor all the websites that you visit. Not directly what you’re looking at, but definitely where you’re looking. Just line your provider can, if you’re not using a vpn. But at least with your provider, you have a contract with them - you pay them to transport your data and nothing more. Some very scummy providers aside, that’s where it stops.
A free vpn, however, needs to pay for transporting your data somehow. And if you’re not paying for it with money, then who/what is?
See also Tom Scott’s explanation about vpns, why you probably don’t need one, and why he refused their advertisement money.
It’s not even free, the service itself is a payed subscription. But it’s there and it could be working and funneling data without the user knowing it if they wanted to.
Here is an alternative Piped link(s):
Tom Scott’s explanation about vpns
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
deleted by creator
I’m interested to hear what you think a vpn will protect you against. Or what you think the flaws in Toms arguments are.
Edit: I don’t know about you, but I trust my own, GDPR-backed isp far, far more than I trust whichever foreign based vpn company. Especially if they for it for free or cheap.
deleted by creator
The only thing you’re “protecting” yourself from by using a vpn to surf the Internet, is your own provider. It won’t stop any spying software on your phone, or any nefarious scripts on the websites you visit.
Tom’s argument was more nuanced than that, which is why I linked it. I suggest you watch it and explain where he’s wrong if you want to give your argument to ignore him any weight. Ad hominems and “imagined” arguments alone won’t get you very far, I’m afraid.
I actually work in cyber security and I was really happy Tom Scott released that video. VPN companies are some of the scummiest companies out there, and their rampant sponsorships on YouTube were shameless misinformation and fear mongering in order to scare you into giving all your internet traffic to them. Seeing so many sellout tech YouTubers take their sponsorships despite knowing better COUGH NetworkChuck, was one of my biggest pet peeves.
There are seemingly legit VPN companies out there, and there are some legitimate use cases for them, but what Tom is addressing are the shady ones that lie to you about what they’re for and how they help you for their own monetary and in some cases data mining benefit. In most cases you do not need a VPN, and it doesn’t do anything to protect you from “internet criminals”, or provide extra “security” and it only “protects” your privacy by shifting the for-profit company that gets to see all the websites you visit.
I too would like to know why you think a VPN is needed “on today’s web”, I would bet money it came directly out of one of theirs ads scripts.
I doubt either one of you will ever hear from them. I guess they haven’t even watched the video to begin with.
deleted by creator
I’m sorry you felt the need to denounce claims in videos while openly admitting you don’t even know what the claims are.
deleted by creator
When I’m away from home, I use my own Wireguard VPN back into my private network, where all of my traffic is filtered.
That’s your own VPN, not a commercial VPN service and you’re using that for what I would assume is DNS filtering. Thats entirely unrelated to what a commercial VPN service does and what Tom Scott’s video is about. And that’s not even a benefit of your VPN, your VPN is just a tool you’re using for remote access to your DNS filter/server which is what’s actually providing you that service. I could do the same exact thing with a recursive DNS server and Pihole using DOH without a VPN at all.
I use a VPN for my job as well, and it isn’t to protect company products (we don’t make a product). It’s to keep prying eyes out.
That is again an entirely different use case and product than what a commercial VPN service is offering. That’s not even for privacy, it’s for secure remote access to your company network.
I’m sorry, but when my wife and kid’s phones are showing them ads for things we talked about 5 minutes ago, they appear horrified by it. Then they move along like nothing happened. That’s the typical user.
That’s not a problem a VPN service solves.
I will continue to not be spied on 24/7 by corporations and my government.
With a VPN service like ProtonVPN, all you’re doing is changing the corporation that can see which sites you visit from your ISP, to Proton. It isn’t inherently any more private or secure, you’re just choosing which corporation you allow the ability to spy on you.
I don’t remember if I saw that video from Tom Scott or not, but I imagine his argument was along the lines of, “if you aren’t doing anything nefarious or you don’t live in a nation state that censors you, then you have nothing to worry about”.
No, his argument was that outside of spoofing your location, and hiding which sites you visit from your ISP specifically, VPN services don’t provide the average consumer with any additional benefit over what you get for free by default due to the wonderful inventions of TLS, and HSTS. The point is that VPN service companies use scare tactics to get you to purchase a product you don’t need to solve problems you don’t have. NetworkChuck made a whole sponsored video about how somebody can man-in-the-middle you at a coffee shop to steal your credit card information to demonstrate the effectiveness of a VPN service and the attack he demonstrated was literally impossible. He created a fake, non-real world scenario straight out of 2003 to deceive the less tech literate public in order to shill a VPN service.
Tom Scott provided a fantastic public service by educating people on what a VPN actually DOES and what it DOESN’T DO. So people can actually make a decision as to whether they need one due to the facts, not misinformation and false advertisement. You on the other hand still can’t seem to articulate what exactly you think a VPN services does for you and how it does it. You have a lot of buzzwords and vague statements about “being spied on”, and never actually said why you think commercial VPN products should be used by the average user “On todays web”.
Brave browser has been automatically installing VPN services on Windows computers without user consent, but it remains inactive unless the user subscribes.
They’re installing extra software that’s useless unless you give them money. Plus you really want to be aware of your VPN since all your traffic will be going through it.
It doesn’t auto enable and chromium also gives you a lot of unnecessary features. While I think Brave is bloat I don’t see how this is any more than the usual.
I agree with what other people said. And here’s a new twist.
Any software that messes with the networking stack, can cause really difficult to debug errors. And it may induce errors in other programs. The more complicated your computer’s networking, the more fragile it is.
So introducing, silently, unasked for, network drivers and VPN hooks into the operating system is harming the compute stability of their user base.
At the very least, it should be opt-in! There should be a dialogue asking hey we have this new awesome feature, click okay to install it, something like that. Informed consent
a service has far more privs on the system than a browser should have or need (which can be installed on a per-user basis, no admin/root required).
deleted by creator
