We at Brave Research just published a technical report called “Privacy and Security Issues in Web 3.0” on arXiv. This blog post summarizes our findings and puts them in perspective for Brave users.
The ongoing AMA series on Reddit features guests from the Brave/BAT team. The most recent AMA took place on August 18th with Peter Snyder, Senior Privacy Researcher and Director of Privacy at Brave.
Brave opposes FLoC, a recent Google proposal that would have your browser share your browsing behavior and interests by default with every site and advertiser with which you interact.
You can learn quite a bit about a browser from observing the requests it makes in its first moments with a new user profile. Often, a cursory examination will tell you a great deal about how the browser thinks about, and handles, user privacy and security.
Brave is a company where privacy isn’t just a feature; it’s a requirement. This is perhaps most obvious in the Brave Browser, where we block trackers, prevent fingerprinting, and include a privacy-preserving, opt-in and user-first ad-system, but Brave’s focus on privacy goes far beyond the browser.
We’re using Brave’s new private CDN to fetch RSS feeds anonymously and the browser’s personalization capabilities to rank headlines with a simple algorithm that will make the experience interesting for everyone.
Today’s Brave Android browser update (version 1.17) features the Binance widget. Brave Android users can now seamlessly trade and manage cryptocurrency assets, all without leaving their mobile browser.
Brave today announced that Dr Johnny Ryan, FRHistS, Brave’s Chief Policy and Industry Relations Officer, is departing from Brave to join the Irish Council for Civil Liberties. He will also take up a Senior Fellow position at the Open Markets Institute.
Last year I did a review of several popular desktop browsers, focusing exclusively on what they do when you launch the browser for the first time. Today I decided to take a look at various browsers available on iOS 13…
Google recently announced that their Chrome Web browser will — with luck, and if a bunch of other conditions come to pass — probably start blocking third-party cookies.
This research was conducted by Stan (Jiexin) Zhang, a research intern at Brave and a PhD student at the University of Cambridge, Dr. Panagiotis Papadopoulos, Security Researcher at Brave, and Dr. Ben Livshits, Chief Scientist at Brave. We gratefully acknowledge the valuable feedback of Prof. Alastair R. Beresford of the University of Cambridge. Bots are automated programs that often mimic human behavior for monetary or criminal purposes. They have become a serious and pervasive problem for many industries, especially for the online advertising market. In 2013, it was discovered that the Chameleon botnet harvested around 6 million dollars per month from advertisers. The proliferation and the wide variety of mobile devices created opportunities for fraudsters to gain profit by abusing the ad ecosystem and exploiting low-cost mobile devices. In particular, recent news has reported that phone farmers have been using bots to automate phone clicks and touch movements to generate revenue from ad views.
This research presents VPN⁰, the first distributed virtual private network offering a privacy preserving traffic authorization and validation mechanism.
What this post explores today is how browsers behave by default, on their first-run, with no preexisting user profile. By default, Brave blocks third-party trackers (and the ads that rely on them). It also prevents fingerprinting, auto-play of media, crypto-mining, and access to media input devices.
Most of the software you use includes some sort of product analytics, or usage data collection, as does every major browser. And for good reason — knowing which features are resonating and which need work is an important part of making software that’s a pleasure to use.
Earlier this summer, Brave and Yubico announced a partnership to bring YubiKey support to Brave for iOS. Yubico is the leading provider of hardware security keys which use the U2F and WebAuthn protocols to provide secure phishing-resistant authentication for online logins