Question Brave updater telemetry & transparency

[simmerskool]

So I booted my win10_VM running Eset Nod32 (updated to 18.1.130) and AppGuard Solo. Shortly after starting AG blocked Brave updater:
Prevented <BraveSoftware Update> from reading memory of <AppGuard Agent Service (x64)>.
Prevented <BraveSoftware Update> from reading memory of <Local Security Authority Process>.

ChatGPT "thinks" that Brave or any app reading memory of <Local Security Authority Process> is highly suspect. Brave v 1.78.94 -- Any ideas or how do I check this more deeply? Or is this a false positive, but why should I trust Brave in this regard?

 

[Bot]

This could be a false positive, as Brave's updater is generally safe. However, it's always good to be cautious. You can check this more deeply by running a full system scan with your antivirus software. Additionally, you can contact Brave's support for further clarification. Trust in Brave should come from its open-source nature and its commitment to privacy and security.

 

[Parkinsond]

Abandoned long time ago for extensive SSD writing issue; similar to Bitdefender.

 

[Marko :)]

Brave has shady history and shouldn't really be trusted. I am using it on my Android phone because, unfortunately, there isn't a better alternative. But I ditched it on my PC in favor of Firefox as they installed VPN components silently without telling anyone. Worse, they made it auto start with Windows and didn't give an option to users to uninstall the VPN components along with drivers. I don't recall them ever apologizing, and after a massive backlash, they started working of a "fix" that didn't land for months. And that's just one issue I have with it, they have a bad past.

 

[Digmor Crusher]

Not sure if you should trust Brave but I remember when I was using Appguard it would block all kinds of updates for me which I just ignored.

 

[oldschool]

Or is this a false positive,

Yes.

why should I trust Brave in this regard?

It's no worse than the rest. Every browser has privacy and security issues of one kind or another.

Any ideas or how do I check this more deeply?

You don't need to. You regularly find yourself going down these time-sucking rabbit holes by using your (name your OS) in a VM, "protected" by a dozen different security apps, etc., etc. and thereby create these "problems" which you then seek answers for.

Please forget the default deny mania, the VPNs, the VMs, sandboxes, etc., etc. Use a browser of your choice on your real machine. Keep it simple and enjoy life.

 

[simmerskool]

Yes.

It's no worse than the rest. Every browser has privacy and security issues of one kind or another.

You don't need to. You regularly find yourself going down these time-sucking rabbit holes by using your (name your OS) in a VM, "protected" by a dozen different security apps, etc., etc. and thereby create these "problems" which you then seek answers for.

Please forget the default deny mania, the VPNs, the VMs, sandboxes, etc., etc. Use a browser of your choice on your real machine. Keep it simple and enjoy life.

@oldschool, you over-estimate my "paranoia" -- linux is down to one, security apps 2 (Cyberlock or AppGuard), AVs well I'm happy I tried TrendMicro again, Eset, Emsisoft Business or MS Defender. Various VMs, each relatively light. I was surprised to see AG blocking Braveupdater as I rarely get any AG red-flags now-a-days. I enjoy running a different VM to keep it interesting. I only run one VM at a time. Eg, this VM today: Eset Nod32 & AG. Pretty simple. (I had to use Brave as one particular website would not render correctly in firefox) & some interesting replies about not trusting Brave... total time sucked today on this unexpected AG block about 15 min (20m if you count this post)

 

[lokamoka820]

I don't know why, but I noticed that brave is the only browser that doesn't remove its services after uninstalling the browser, they remain and run in the background and need to be removed manually using CMD, and it is the only Chromium browser that write on SSD more than all Firefox-based browsers, the best word to describe it is "shady".

 

[simmerskool]

I don't know why, but I noticed that brave is the only browser that doesn't remove its services after uninstalling the browser, they remain and run in the background and need to be removed manually using CMD, and it is the only Chromium browser that write on SSD more than all Firefox-based browsers, the best word to describe it is "shady".

interesting! so I am uninstalling Brave on this VM! thanks for the feedback

 

[Baker KK]

This is possibility of common issus among the chronium base web browser.

According to this article. Old MS Edge updater had also same behavior.


AppGuard might detect the updater's operation of creating lsass.exe dump file. So, I suppose AppGuard might work expectedly.

 

[Sorrento]

Question: I use Brave but recently installed Brave on a relatives laptop, I'm relying on the built in shields so not added UBlock basic (or whatever its name is) She is not a happy clicker but inquisitive & added Osprey with basic additions, not sure for her to set shields to Standard or Aggressive - I'm thinking Standard? What do other Brave users use - I'm on aggressive (well I would be) on this PC but I can easily change if required or use FF.

 

[oldschool]

not sure for her to set shields to Standard or Aggressive - I'm thinking Standard?

I've never encountered problems with Aggressive, but it doesn't really matter which you choose for them. I assume they're average computer users ... ???

 

[Jonny Quest]

@Sorrento as with @oldschool I have Brave set to Aggressive without any problems.

 

[Sorrento]

Yes she uses a PC as most & I would say quite safe, I can tell her how to change things anyway so? - She is my late brothers wife & he sorted everything much like I do, I saved her a bit of money by moving her from Reflect to Hasleo (as he was on yearly sub) & added Mcafee from my licences as keeping costs down now is important for J - Thinking of adding remote management as she lives an hour away - Thank you.