What do web browsers really do in the background? Privacy advocates have a keen interest in this question. Promising users better privacy and freedom from ads, Brave has made quite a name for themselves with over 100 million monthly active users.
Multiple privacy researchers and engineers have overseen Brave's increasingly active open-source development, and Brave's feature set reflects that. Brave's own researchers continually publish academic papers (like these) in several prestigious venues on topics such as privacy, security, and machine learning. A number of privacy experts and enthusiasts really do endorse Brave. Accordingly, examining Brave's behavior is commonplace.
Brave Rewards has suffered from intermittent issues with helper components loading in the background even when turned off. It was never universal and stemmed from different variables in a user's setup coinciding around the original design as well as background extension unloading bugs in early Chromium versions. Importantly, when turned off, background helpers didn't generate unwanted network activity. Multiple fixes and improvements to cleanup/unloading code (including Chromium's) worked to remedy it for affected users over time. Resetting Rewards additionally helps resolve lingering cases. Nevertheless, Brave Rewards is designed for privacy and transparency when used, and it was always opt-in.
Brave obviously isn't the only browser ever to have had bugs or imperfect cleanup. It's complex software.
Without further ado, here's how I set out to record Brave's network activity. Using the latest version of HTTP Toolkit (v1.24.4), I took advantage of its respected toolset to intercept network requests made by Brave over the course of 48 hours. A Brave session was started with a fresh profile and launched with command-line switches to force the use of HTTP Toolkit's proxy and CA certificate. The temporary profile eliminates extra noise from extensions.
I verified that the proxy was working properly, and I disabled the QUIC (HTTP/3) protocol. There is no DNS adblocking in effect.
HTTP Toolkit started the new session by loading a simple webpage of its own:
Brave was quiet during those 48 hours. Just three tiny, anonymous pings took place to help Brave estimate active users. No unwanted privacy-preserving analytics (P3A) or Brave Rewards connections.
Finally, I navigated to
Multiple privacy researchers and engineers have overseen Brave's increasingly active open-source development, and Brave's feature set reflects that. Brave's own researchers continually publish academic papers (like these) in several prestigious venues on topics such as privacy, security, and machine learning. A number of privacy experts and enthusiasts really do endorse Brave. Accordingly, examining Brave's behavior is commonplace.
Brave Rewards has suffered from intermittent issues with helper components loading in the background even when turned off. It was never universal and stemmed from different variables in a user's setup coinciding around the original design as well as background extension unloading bugs in early Chromium versions. Importantly, when turned off, background helpers didn't generate unwanted network activity. Multiple fixes and improvements to cleanup/unloading code (including Chromium's) worked to remedy it for affected users over time. Resetting Rewards additionally helps resolve lingering cases. Nevertheless, Brave Rewards is designed for privacy and transparency when used, and it was always opt-in.
Brave obviously isn't the only browser ever to have had bugs or imperfect cleanup. It's complex software.
Without further ado, here's how I set out to record Brave's network activity. Using the latest version of HTTP Toolkit (v1.24.4), I took advantage of its respected toolset to intercept network requests made by Brave over the course of 48 hours. A Brave session was started with a fresh profile and launched with command-line switches to force the use of HTTP Toolkit's proxy and CA certificate. The temporary profile eliminates extra noise from extensions.
I verified that the proxy was working properly, and I disabled the QUIC (HTTP/3) protocol. There is no DNS adblocking in effect.
HTTP Toolkit started the new session by loading a simple webpage of its own:
amiusing.httptoolkit.tech. This generated five requests whose contents and responses are open to inspection. The only other request is Brave's usage ping that I left enabled. Looking into it, no identifiers are present—the X-Brave-API-Key header is uniformly hardcoded for all users. Usage pings can be turned off. I've opted out of analytics, however. From here, I let the browser sit idle to do its thing.Brave was quiet during those 48 hours. Just three tiny, anonymous pings took place to help Brave estimate active users. No unwanted privacy-preserving analytics (P3A) or Brave Rewards connections.
Finally, I navigated to
wikipedia.org. Autocomplete in the address bar produced no network activity. Brave loaded the website, 10 requests in total, and refrained from making its own requests. I was satisfied and stopped the experiment here.
Last edited:
