New Update Brave planning to introduce subscription for customizing the browser?

[Morro]

Exactly.
Check what you have set to “false” compared to what I have set to “true” with my image.
It can be concluded that, considering only sandbox security and disregarding 1,000 other parameters, my Chrome is now more secure than your Brave.

However, you can obviously make it more secure...

Well, I am not using Brave, I use Vivaldi. (But the result is probably the same. )

 

[Sampei.Nihira]

Well, I am not using Brave, I use Vivaldi. (But the result is probably the same. )

Oops... I'm so sorry for my carelessness.

 

[Jonny Quest]

That's the pragmatic way to view it. You have to ignore the fanboy noise on both sides and look at the actual utility. Even with the baggage, the browser has a specific use case if you configure it right.

I’m giving it a spin, but strictly as a 'burner', no sync enabled, and absolutely no high-value assets like banking. Chrome stays the default for the Google ecosystem and financials, I want that traffic predictable.

Brave gets the dirty work, forums and social media where you actually need the lockdown. Basic compartmentalization. NextDNS stays system-wide to filter the pipe, while Brave just handles the cosmetic cleanup and script blocking that DNS can't catch.

I’m well aware of its past, so I'm giving it a chance, but it stays on a very short leash.

I like that idea, of a "burner" browser, like with a burner email alias, and of a lockdown browser

 

[Marko :)]

I've said my bit in defense of Brave, so I'll let it rest. I'm not a Brave superfan or anything, but I wanted to balance out disapproving lists of criticisms and controversies that are possible for virtually any browser.

How do you all find browsers perform for battery life on Android nowadays? AFAIK, Brave is a strong contender in this department, so I've stuck with it recently. I'm still open to possibilities.

I'm using Brave on Android as alternatives are terrible. Vivaldi is massive battery hog; I already wrote here on forum with battery stats. Battery drain was happening in idle, don't want to know how much of battery it would juice if I actually used it.

When was using Brave on phone, it was for few minutes daily reading some news, so cannot determine how much is battery-friendly.

The same applies to Vivaldi on phone, but I have read several posts on Reddits complaining Vivaldi on phone is energy-intensive.

Vivaldi sucked battery for me whether I used it or not. With it just being installed, I had around 10% battery lost over night. After I uninstalled it, it was back on 3%. I have no idea what it was doing in the background and especially when there wasn't any internet connection, but it's bad.

And from what I read online, the problem dates back five or more years so I doubt it will ever get fixed.

 

[Digmor Crusher]

You should definitely try Firefox but with Betterfox. May over perform Brave even.

Thanks, I'm quite certain I'll be trying Firefox again.

 

[Parkinsond]

As we strengthen Brave's built-in adblocker, we're making it more lightweight too.
Our performance and privacy teams overhauled the browser's adblock engine to reduce the engine’s memory consumption by 75% on Android, iOS and desktop.
These changes went live with Brave v1.85.

We reduced memory usage by about 45 MB by refactoring the ad block engine to use FlatBuffers, a more compact and efficient storage format.
Upgrades like this are impossible for adblocker extensions, which are restricted by browser extension APIs and sandboxing.

 

[ForgottenSeer 114717]

Brave has developed an award winning revenue growth model.

2025 revenue is reported at $100+ million USD.
2022 revenue is reported at $20 million USD.

Brave has 100+ million users. Daily it has 46+ million active users.

Browser Revenue Comparison Table​

Browser	Estimated Revenue	Business Model	Notes
Brave	$100M+ annualized (2025)	Ads, Search Ads, BAT, Premium	Fastest growth curve in the privacy space
Firefox (Mozilla)	$450M–$500M/yr	Google search deal (majority), donations	Revenue declining; heavy dependence on Google
Opera	$350M–$400M/yr	Ads, search deals, fintech	Public company; diversified but not privacy‑centric
DuckDuckGo	$100M–$120M/yr	Search ads	Flat growth; browser is new
Vivaldi	$5M–$10M/yr	Search partnerships	Small but stable; niche power‑user base

 

[Zero Knowledge]

I like that idea, of a "burner" browser, like with a burner email alias, and of a lockdown browser

This is the way. Keep one browser (Edge, Chromium, Vilvadi) for official business like banking and eCommerce using only your ISP I.P.

Use burner email (Countermail, RiseUp, Tuta, Proton, Disroot, Startmail, Mailbox.org, various online temp mail) or email alias and VPN/TOR for non legit business.

And lastly use lockdown browser (Firefox, WaterFox or Mullvad Browser) with No Script/uMatrix + uBlock for security critical operations.

As they say 'Compartmentalize baby'!!!!

 

[cartaphilus]

The thing I appreciate the most about Firefox is customizability. Something isn't working out for you; just change it man. Firefox let's you do everything you want and I think this approach is something every web browser needs to implement as well.

I was so reluctant to switch from Brave to Firefox as I had some issues with video playback, but it turned out I just needed to install the VP9 Video Extension from Microsoft Store and issue was gone. The day I fixed the issue, Firefox was my primary web browser.

Yes, might not have as exceptional rendering engine as Chromium has, and it could load some websites a millisecond slower (even though I'm not experiencing this), but I think you get more value out of Firefox as a browser than what you would with Chromium browser. Regarding stability, ever since I installed Firefox, it never crashed; not even once.

I swear Firefox isn't nearly as bad as people, even here on forum, portray it to be.

Update: if anyone you don't have it on, I recommend you to enable gfx.webrender.layer-compositor in about:config for better Firefox performance.

Awesome tip thank you.

Unlike Brave, Firefox is subsidized by Google in order to prevent Google from having to answer any Monopoly questions. Whereas in Brave you are the product.

Brave is like a honeypot; in my case I would never trust any woman who would want to spend a one night stand with a person like me.


Funny story: the year is 1958 Sukarno a Conservative leader of Indonesia a well known womanizer was getting too cozy with Soviet's and China. So Washington invited him for a visit where CIA sent callgirls to his wire/video tapped room. After he left the states; CIA tried to blackmail him with Videos and Photos of his sexual escapades. Sukarno was extremely pleased that his deeds were filmed and asked for extra copies so he can show it to his friends and country men how viral he is.

 

[ForgottenSeer 114717]

A free privacy-focused browser with zero bloat:

Free the internet with Mullvad Browser

The Mullvad Browser is a privacy-focused web browser developed in collaboration between Mullvad VPN and the Tor Project. It’s produced to minimize tracking and fingerprinting.

mullvad.net

 

[Jonny Quest]

Just an observation from my side, and maybe it's just a settings issue, or how Brave handles this site? But, when I click on Like on my laptop, it is usually above the post, at times I have to grab the screen and drag it down (touch screen) to see the Like options that are further up. With FF, they are right there, more in line with the bottom part of the post.

 

[Miravi]

Just an observation from my side, and maybe it's just a settings issue, or how Brave handles this site? But, when I click on Like on my laptop, it is usually above the post, at times I have to grab the screen and drag it down (touch screen) to see the Like options that are further up. With FF, they are right there, more in line with the bottom part of the post.

View attachment 294383 View attachment 294384

When I use this site in Brave, the reactions all display in one row. That's with 2160p resolution on my PC.

 

[Miravi]

Alright, I understand objections to Brave's business model, but calling Brave a honeypot is a bit much. Anonymized, aggregated telemetry is enabled by default, but even that can be disabled. All the code is open source.

Although it's growing in age, in Douglas J. Leith's influential academic study, "Web Browser Privacy: What Do Browsers Say When They Phone Home?", Leith concluded that out of Chrome, Firefox, Safari, Brave, Edge and Yandex—Brave was the most private browser tested for minimal phoning home. Meanwhile, by default, Firefox sent details of webpages visited to Mozilla's servers and included long-lived identifiers in telemetry transmissions.

A 2025 sizeof(cat) independent test compared the unique network connections among fresh installations of browsers. On all default settings, Brave made 17 unique connections right after start:

• Update and component checks (6 domains)
• Anonymized telemetry and usage pings (3 domains)
• Safe browsing and security proxies (2 domains)
• CDNs for asset delivery, AWS and Fastly (6 domains)

Firefox made 29 unique connections:

• Telemetry and data collection with identifiers (2 domains)
• Update and configuration services (6 domains)
• Safe browsing and security, Google (3 domains)
• Push notifications and sync (1 domain)
• Ads and sponsored content (2 domains)
• Add-ons and extensions (2 domains)
• Location and network detection (3 domains)
• CDNs for asset delivery, Akamai and Google Edge (3 domains)
• Normandy, remote‑configuration and experimentation (1 domain)

 

[ForgottenSeer 123960]

This looks like a classic "Browser War" pile-up. We've got users confusing privacy with security, mixing up threat models like a DJ at a wedding, and throwing around revenue stats like they sit on the board of directors.

Let's clarify the terminology before someone gets hurt.

Privacy is closing the blinds so the neighbors can't see you. Security is reinforcing the door so they can't kick it in.

Brave and Firefox are great at closing the blinds (AdBlock, anti-fingerprinting). But if you want the strongest door, that’s still Chrome (V8 Sandbox, Site Isolation).

Blocking a tracker (Privacy) won't stop a zero-day exploit targeting the rendering engine (Security). You can have a private browser that is insecure, and a secure browser that tracks you. Stop conflating the two.

 

[Parkinsond]

Alright, I understand objections to Brave's business model, but calling Brave a honeypot is a bit much. Anonymized, aggregated telemetry is enabled by default, but even that can be disabled. All the code is open source.

Although it's growing in age, in Douglas J. Leith's influential academic study, "Web Browser Privacy: What Do Browsers Say When They Phone Home?", Leith concluded that out of Chrome, Firefox, Safari, Brave, Edge and Yandex—Brave was the most private browser tested for minimal phoning home. Meanwhile, by default, Firefox sent details of webpages visited to Mozilla's servers and included long-lived identifiers in telemetry transmissions.

A 2025 sizeof.cat independent test compared the unique network connections among fresh installations of browsers. On all default settings, Brave made 17 unique connections right after start:

• Update and component checks (6 domains)
• Anonymized telemetry and usage pings (3 domains)
• Safe browsing and security proxies (2 domains)
• CDNs for asset delivery, AWS and Fastly (6 domains)

Firefox made 29 unique connections:

• Telemetry and data collection with identifiers (2 domains)
• Update and configuration services (6 domains)
• Safe browsing and security, Google (3 domains)
• Push notifications and sync (1 domain)
• Ads and sponsored content (2 domains)
• Add-ons and extensions (2 domains)
• Location and network detection (3 domains)
• CDNs for asset delivery, Akamai and Google Edge (3 domains)
• Normandy, remote‑configuration and experimentation (1 domain)

Brave is not bad; I consider it among the 4 most reliable browsers.

 

[Zero Knowledge]

This looks like a classic "Browser War" pile-up. We've got users confusing privacy with security, mixing up threat models like a DJ at a wedding, and throwing around revenue stats like they sit on the board of directors.

Let's clarify the terminology before someone gets hurt.

Privacy is closing the blinds so the neighbors can't see you. Security is reinforcing the door so they can't kick it in.

Brave and Firefox are great at closing the blinds (AdBlock, anti-fingerprinting). But if you want the strongest door, that’s still Chrome (V8 Sandbox, Site Isolation).

Blocking a tracker (Privacy) won't stop a zero-day exploit targeting the rendering engine (Security). You can have a private browser that is insecure, and a secure browser that tracks you. Stop conflating the two.

It would be interesting to see how many CVEs Chrome had last year compared to FireFox. I imagine the results would be similar, maybe even suprising.

@Bot can you compare how many CVEs Google Chrome had last year compared to Firefox?

 

[Bot]

It would be interesting to see how many CVEs Chrome had last year compared to FireFox. I imagine the results would be similar, maybe even suprising.

@Bot can you compare how many CVEs Google Chrome had last year compared to Firefox?

“Last year” relative to today (January 6, 2026) means calendar year 2025.

I can’t reliably give you the exact 2025 CVE counts for Chrome vs Firefox from memory, and I don’t have live web access in this environment to verify the totals, so I don’t want to guess numbers.

Also: CVE count ≠ “more/less secure”
Raw CVE totals are a noisy metric because:

• Chrome/Chromium and Firefox use different CVE assignment practices (some issues get one CVE vs multiple; some get none).
• Some Chrome issues are tracked under “Chromium” (or under bundled components) rather than “Google Chrome”.
• Severity mix matters (a pile of low/medium CVEs is not the same as a few high/critical RCE/sandbox escapes).
• Exploitability and mitigation (sandboxing, site isolation, hardening) often matters more than the count.

How to get an apples-to-apples CVE count for 2025 (repeatable method)
Use NVD (or another CVE database), filter by product and year, then export/count.

1) NVD search (manual)

• Chrome: Search “Google Chrome”, then filter Published date: 2025-01-01 to 2025-12-31
  NVD - Search and Statistics
• Firefox: Search “Mozilla Firefox”, same date filter
  NVD - Search and Statistics

2) Caveat for Chrome: also check “Chromium”
A meaningful share of browser engine issues may show under “Chromium” rather than “Google Chrome” depending on how the CVE entry was authored. So you may want two totals: “Chrome-only” and “Chrome+Chromium”, and be explicit about which you’re quoting.

3) Caveat for Firefox: decide whether you include ESR and related components
If you include Firefox ESR or NSS (crypto library) CVEs, say so, because it can change the count substantially.

Better comparison than “how many CVEs”
If the goal is “which is safer in practice,” a more useful comparison is:

• How many 2025 CVEs were Critical/High (and how many were memory-safety RCE).
• How many were exploited in the wild (and how quickly patches shipped).
• How many were sandbox escapes / privilege escalations versus “just” renderer bugs.

If you post the two NVD result counts you get (and whether you included Chromium / ESR), I can help interpret what the numbers actually mean in security terms without over-reading the raw totals.

 

[Zero Knowledge]

*sigh* simple question, useless answer A.I. it's a helluva technology isn't it.

 

[ForgottenSeer 123960]

It would be interesting to see how many CVEs Chrome had last year compared to FireFox. I imagine the results would be similar, maybe even suprising.

@Bot can you compare how many CVEs Google Chrome had last year compared to Firefox?

In 2025, Google Chrome recorded a significantly higher number of Common Vulnerabilities and Exposures (CVEs) compared to Mozilla Firefox.

While final annualized reports for 2025 are still being solidified (as of Jan 2026), the data indicates Chrome surpassed 150+ reported vulnerabilities, with at least 8 confirmed zero-day exploits patched under emergency timelines.

Firefox maintained a lower total volume, generally ranging between 100-120 reported issues, but faced critical architectural flaws regarding sandbox escapes.

Do not choose your browser based solely on the raw number of CVEs. Instead, align the choice with your threat model.

For High-Threat / Enterprise Environments Google Chrome is often preferred despite the higher CVE count because the Google Project Zero team and the Chromium sandbox are battle-hardened. The frequent patches are a feature, not a bug.

For Privacy / Anti-Tracking
Firefox is superior for privacy (Enhanced Tracking Protection), but you must strictly enforce auto-updates, as the smaller security team relies heavily on community discovery.

 

[Bot]

In 2025, Google Chrome recorded a significantly higher number of Common Vulnerabilities and Exposures (CVEs) compared to Mozilla Firefox.

While final annualized reports for 2025 are still being solidified (as of Jan 2026), the data indicates Chrome surpassed 150+ reported vulnerabilities, with at least 8 confirmed zero-day exploits patched under emergency timelines.

Firefox maintained a lower total volume, generally ranging between 100-120 reported issues, but faced critical architectural flaws regarding sandbox escapes.

Do not choose your browser based solely on the raw number of CVEs. Instead, align the choice with your threat model.

For High-Threat / Enterprise Environments Google Chrome is often preferred despite the higher CVE count because the Google Project Zero team and the Chromium sandbox are battle-hardened. The frequent patches are a feature, not a bug.

For Privacy / Anti-Tracking
Firefox is superior for privacy (Enhanced Tracking Protection), but you must strictly enforce auto-updates, as the smaller security team relies heavily on community discovery.

I can’t give you a verified “Chrome vs Firefox CVE count for 2025” in this chat, because I don’t have live database access here and I won’t make up numbers.

What I can do is point out that the numbers in the quoted reply you posted (e.g., “150+”, “8 confirmed zero-days”, “Firefox 100–120”, “critical architectural flaws regarding sandbox escapes”) are unsourced claims. Without links to NVD entries or vendor advisories, treat that as unreliable.

If you want the actual counts for 2025 (fastest reliable way)

• Use NVD’s search and filter by Published date 2025-01-01 through 2025-12-31 for:
  • “Google Chrome”
  • “Mozilla Firefox”
• For Chrome, decide whether you’re counting “Google Chrome” only, or “Chrome + Chromium” (many browser CVEs are filed under Chromium).
• For Firefox, decide whether you’re counting “Firefox” only, or also “Firefox ESR” and related components (this changes totals).

What I can say safely (without exact numbers)

• Chrome often ends up with a higher raw CVE count than Firefox in many years, largely due to Chromium’s massive codebase, aggressive disclosure, and how CVEs are assigned—not automatically because it’s “less secure.”
• Raw CVE totals by themselves are a weak security metric; severity (critical/high), exploit-in-the-wild status, and patch cadence are more meaningful.

If staff or members want a definitive “2025 total,” the correct next step is to post the two NVD result counts (and whether Chromium/ESR were included) along with links—then the comparison is concrete instead of guesswork.