Brave Browser is hijacking links, and inserting affiliate codes

[HarborFront]

Content source

https://davidgerard.co.uk/blockchain/2020/06/06/the-brave-web-browser-is-hijacking-links-and-inserting-affiliate-codes/

The Brave web browser sells itself on privacy, security and ad-blocking. It also has its own cryptocurrency, the Basic Attention Token.

What Brave’s done this time

Brave is very into affiliate marketing. Just in March this year, Brave was caught running eToro affiliate marketing without the legally-required disclaimers — and Brave staff were caught deleting all mention of this from the /r/brave_browser subforum on Reddit. [Github, archive]

If you’re using Brave and try to go to the Binance crypto exchange, Brave hijacks the Binance link you typed in, and autofills with its own affiliate code. This was spotted by @cryptonator1337 on Twitter earlier today.

The animation in @cryptonator1337’s tweet shows you what happens

 

[Ink]

Brave CEO responds

 

[blackice]

Brave CEO responds

What kind of mistake? Like you intentionally did it and got caught? Or you were so oblivious to how you were coding things that this happened? Seems like the former.

 

[ForgottenSeer 85179]

So the almighty privacy browser don't care about privacy.
Now that's funny but not new for Brave.

Fully agree with @Spawn

 

[Marko :)]

Everything is literally on GitHub along with the full list of URLs for hijacking. I wonder how no one saw it...

brave-core/components/omnibox/browser/suggested_sites_provider_data.cc at 1cac2377c9a2d5e35873d4d3d74130336b86d062 · brave/brave-core

Core engine for the Brave browser for Android, Linux, macOS, Windows. For issues https://github.com/brave/brave-browser/issues - brave/brave-core

github.com

To be honest, I'd rather still use Brave than Microsoft Edge. Microsoft made a lot of mistakes privacy-wise that I'm not ready for forget.

 

[blackice]

Everything is literally on GitHub along with the full list of URLs for hijacking. I wonder how no one saw it...

brave-core/components/omnibox/browser/suggested_sites_provider_data.cc at 1cac2377c9a2d5e35873d4d3d74130336b86d062 · brave/brave-core

Core engine for the Brave browser for Android, Linux, macOS, Windows. For issues https://github.com/brave/brave-browser/issues - brave/brave-core

github.com

To be honest, I'd rather still use Brave than Microsoft Edge. Microsoft made a lot of mistakes privacy-wise that I'm not ready for forget.

Because open source doesn’t mean people actually check it.

 

[oldschool]

To be honest, I'd rather still use Brave than Microsoft Edge. Microsoft made a lot of mistakes privacy-wise that I'm not ready for forget.

This is also my view. If one doesn't trust Brave then one shouldn't trust Edge, in which case you are left with Firefox or ungoogled Chromium. FF is a complete design mess, Chromium requires some additional user effort to configure and maintain.

 

[Marko :)]

This is also my view. If one doesn't trust Brave then one shouldn't trust Edge, in which case you are left with Firefox or ungoogled Chromium. FF is a complete design mess, Chromium requires some additional user effort to configure and maintain.

I wouldn't even include Ungoogled Chromium to the list because it's not updated regularly, meaning it's less secure than other web browsers.

Regarding Firefox, I said it many times; the only issue keeping me away from Firefox is their terrible font rendering. I don't mind the UI, heck, I'd even give up integrated translation service (which I use a lot in Chrome), just to fix their font rendering.

 

[blacksheep]

I am literally shaking. This is just awful and unethical. Brave is uninstalled and I will never use it. I feel ashamed, because I recommended it in the past for some friends.

Just look at this code brave/brave-core

 

[Marko :)]

I am literally shaking. This is just awful and unethical. Brave is uninstalled and I will never use it. I feel ashamed, because I recommended it in the past for some friends.

Just look at this code brave/brave-core

So, what browser are you going to use now?

 

[bayasdev]

The other day when I was browsing with Brave BAFS triggered out of nowhere but I didn't saw any malicious activity, anyway today I nuked that Windows install .

 

[blacksheep]

So, what browser are you going to use now?

Switching to Firefox Preview. It looks now almost as good as Chromium based browsers. I tried it last time 2 years ago, but it was awful.

Tried DuckDuckGo, Kiwi Browser and Ecosia. They all are chromium based and are worth looking into. I didn't like them for some small UI/UX stuff.

Also, there is Bromite, but I don't like the fact that F-Droid don't include them in repos. You need to add their own repo, if you want to use it and get updates.

 

[Marko :)]

Switching to Firefox Preview. It looks now almost as good as Chromium based browsers. I tried it last time 2 years ago, but it was awful.

Tried DuckDuckGo, Kiwi Browser and Ecosia. They all are chromium based and are worth looking into. I didn't like them for some small UI/UX stuff.

Also, there is Bromite, but I don't like the fact that F-Droid don't include them in repos. You need to add their own repo, if you want to use it and get updates.

Kiwi Browser is great. Sadly, it's only available on Android, not for Windows.

 

[bayasdev]

Kiwi Browser is great. Sadly, it's only available on Android, not for Windows.

It's an one man show, it won't get Chromium updates soon unless a bigger team adopts the source code (Brave/Vivaldi had confirmed this). Personally I use FF in desktop and Fenix Nightly in Android.

 

[enaph]

Guys, why such a drama? It is only affiliate link which is harmless and your security and privacy weren't compromised.
You expect company like Brave to deliver such high quality product and don't pay their employees?
They need to make money to stay in business and continuously improve while fully respect users privacy by not selling their data to 3rd party advertisers.
If they can make money by serving privacy respecting ads, sponsored images and affiliate links, then I am OK with it.

 

[blackice]

Guys, why such a drama? It is only affiliate link which is harmless and your security and privacy weren't compromised.
You expect company like Brave to deliver such high quality product and don't pay their employees?
They need to make money to stay in business and continuously improve while fully respect users privacy by not selling their data to 3rd party advertisers.
If they can make money by serving privacy respecting ads, sponsored images and affiliate links, then I am OK with it.

The whole crusade against ads at all is kind of funny for a group of enthusiasts who want every software to be free and open source. If malvertising wasn’t an issue ads wouldn’t really be a problem.

 

[bayasdev]

Guys, why such a drama? It is only affiliate link which is harmless and your security and privacy weren't compromised.
You expect company like Brave to deliver such high quality product and don't pay their employees?
They need to make money to stay in business and continuously improve while fully respect users privacy by not selling their data to 3rd party advertisers.
If they can make money by serving privacy respecting ads, sponsored images and affiliate links, then I am OK with it.

Yeah, many people don't get that Brave has always been an adblocking browser, then they introduced their cryptothingy and promoted it as a private browser to gain more users.

 

[CyberTech]

Guys, why such a drama?

MT members love drama since corona started

Spoiler: See

 

[upnorth]

This will for sure hurt their brand either one like Brave or not, but it's their own fault. Glad I use something else.

 

[oldschool]

I am literally shaking. This is just awful and unethical.

What is so terrifying?

Guys, why such a drama? It is only affiliate link which is harmless and your security and privacy weren't compromised.
You expect company like Brave to deliver such high quality product and don't pay their employees?
They need to make money to stay in business and continuously improve while fully respect users privacy by not selling their data to 3rd party advertisers.
If they can make money by serving privacy respecting ads, sponsored images and affiliate links, then I am OK with it.

Thank you for restoring some sanity to this thread.

Yeah, many people don't get that Brave has always been an adblocking browser, then they introduced their cryptothingy and promoted it as a private browser to gain more users.

Brave users can choose which features they like to use and leave the rest. Rewards? BitCoin? I don't need it.