Brave Browser is hijacking links, and inserting affiliate codes

H

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,033
security123 said:
I guess they don't implement all the security stuff Bromite (and of course Vanadium) does. So it's less secure
Click to expand...
FYI, it's already released with extension support as well
github.com

wchen342/ungoogled-chromium-android

Android build for ungoogled-chromium. Contribute to wchen342/ungoogled-chromium-android development by creating an account on GitHub.
github.com github.com

The important difference between Bromite and Ungoogled Chromium is the latter will remove as much connections to Google as possible. Bromite doesn't do to that extent. Bromite added some privacy enhancements to its browser but you can use extensions in Ungoogled Chromium for added privacy

Ungoogled Chromium borrowed some features from Bromite (and others) which, in turn, also borrowed some features from Graphene OS, Ungoogled Chromium and others

As far as security is concerned both are Chromium forks.

From Bromite site

Bromite

Bromite is a Chromium fork with ad blocking and enhanced privacy; take back your browser
www.bromite.org www.bromite.org

Quote

Bromite is a Chromium fork with ad blocking and enhanced privacy; take back your browser

Unquote
 
Last edited:
  • Like
Reactions: Cortex, Protomartyr, simmerskool and 3 others
H

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,033
Developers are forking Brave to remove affiliate links

In brief:
  • Developers are forking a version of the Brave Browser to remove many of its for-profit features.
  • The move was triggered by Brave's use of referral links.
  • Brave CEO Brendan Eich warns that stripping out all of Brave's "revenue legs" could leave the new fork without the necessary funding in the future.
Read more here.

decrypt.co

Developers are forking Brave to remove affiliate links - Decrypt

Renegade devs want to strip out Brave Browser’s invasive for-profit features, but can "Braver" last without them?
decrypt.co decrypt.co
 
  • Like
  • Wow
Reactions: Cortex, South Park, plat and 5 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
oldschool said:
The Binance thingy and sponsored images. They keep reappearing even if "Off".
Click to expand...
Sponsored NTP Images can be disabled, and I've yet to see it re-activate by itself on my device [Android 10]. Are you on iOS?

Binance is a minor issue, and only affects you if you visit those sites, where the autocomplete adds the referral.
 
  • Like
Reactions: Protomartyr, simmerskool, oldschool and 1 other person
F

ForgottenSeer 85179

HarborFront said:
FYI, it's already released with extension support as well

The important difference between Bromite and Ungoogled Chromium is the latter will remove as much connections to Google as possible. Bromite doesn't do to that extent. Bromite added some privacy enhancements to its browser but you can use extensions in Ungoogled Chromium for added privacy

Ungoogled Chromium borrowed some features from Bromite (and others) which, in turn, also borrowed some features from Graphene OS, Ungoogled Chromium and others
Click to expand...
Extension only increase attack surface and doesn't work as most people thing.

Also, why forks are bad:

And:
Bromite is a rare exception among these Chromium browser forks
Click to expand...
 
  • Like
  • +Reputation
Reactions: Cortex, Gandalf_The_Grey, harlan4096 and 2 others
oldschool

oldschool

Level 82
Verified
Top Poster
Well-known
Mar 29, 2018
7,110
Brave Blog post describes their mistake in coding that has everyone in a tither. It reads, in part:

What we did not intend was the wrong default shown here:
image2-1.png

The default suggestion should have been the third item, “binance.us”.
Again, we apologize to our users for this error, and we wanted to share more about how we will ensure that this does not happen again.
The good news is that this does not compromise user privacy, nor does it reveal any personal information. The affiliate code identifies Brave to the partner; it does not identify the user or anyone else.[1]
In no case would affiliate codes ever be added to or overwritten in any link in a web page, as some have misreported. The bug affected only URLs typed into the address bar.
We have already fixed the issue in Brave’s open source on GitHub and in the Brave Nightly, Beta, and Developer release channels, as well as in the Stable (1.9.80) release of our desktop browser that just went live, by changing the “Show Brave suggested sites in autocomplete suggestions” setting’s default to “off”: ... "
_________________________

You may read the entire post and decide for yourself. It sounds plausible to me.

Stay Brave, my friends. Not paranoid! :D
 
  • Like
Reactions: Cortex, Gandalf_The_Grey, SeriousHoax and 5 others
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,782
oldschool said:
Brave Blog post describes their mistake in coding that has everyone in a tither. It reads, in part:

What we did not intend was the wrong default shown here:
image2-1.png

The default suggestion should have been the third item, “binance.us”.
Again, we apologize to our users for this error, and we wanted to share more about how we will ensure that this does not happen again.
The good news is that this does not compromise user privacy, nor does it reveal any personal information. The affiliate code identifies Brave to the partner; it does not identify the user or anyone else.[1]
In no case would affiliate codes ever be added to or overwritten in any link in a web page, as some have misreported. The bug affected only URLs typed into the address bar.
We have already fixed the issue in Brave’s open source on GitHub and in the Brave Nightly, Beta, and Developer release channels, as well as in the Stable (1.9.80) release of our desktop browser that just went live, by changing the “Show Brave suggested sites in autocomplete suggestions” setting’s default to “off”: ... "
_________________________

You may read the entire post and decide for yourself. It sounds plausible to me.

Stay Brave, my friends. Not paranoid! :D
Click to expand...
Our very BRAVE evangelist to the rescue!
 
Last edited:
  • Like
  • HaHa
Reactions: Cortex, Gandalf_The_Grey, SeriousHoax and 3 others
Mountainking

Mountainking

Level 3
Verified
Well-known
Jan 10, 2018
116
Slightly OT, but I tried installing extensions on chromium on android but could not.... Any clues on how to add them? Thanks
 
  • Like
Reactions: Cortex
You must log in or register to reply here.

Similar threads

oldschool
    • Like
    • Applause
Brave Passes 50 Million Monthly Active Users, Growing 2x for the Fifth Year in a Row
Replies
23
Views
3,337
Brave
russ0408
russ0408
H
    • Like
    • +Reputation
Advice Request My Take – Brave vs Firefox vs Ungoogled Chromium (UC - Eloston) Browsers
Replies
48
Views
20,231
Other Browsers
monkeylove
monkeylove
enaph
    • Like
Brave iOS Browser with Guardian Firewall + VPN
Replies
0
Views
1,888
VPN and DNS
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top