You know, when I install a browser I expect a nice UI, an up to date engine, some privacy and a few additional features that a vanilla browser doesn’t come with.
What I don’t expect is an eco system of binaries and services that is slowly creeping into my system while it updates itself in the background without my knowledge.
Not using Brave very much and being alerted by the taskbar icon of “Brave VPN” I checked what’s going on:
There are SIX SERVICES running with local system privileges.
- Brave Elevation Service (Local System) For What? I’m using a browser.
- Brave Update-Service “brave” (Local System) For what? I’m using a browser.
- Brave Update-Service “bravem” (Local System) For what? I’m using a browser.
- Brave VPN Service (Local System) For what? I’m using a browser.
- Brave VPN Wireguard Service (Local System) For what? I’m using a browser.
I don’t want to know how many bugs and potential backdoors exist in those services and don’t tell me there aren’t any. We all know software isn’t perfect.
There are two tasks in the task planer that run with highest privileges when exectued that have one and only one thing to do:
Check if the services are still activated and if not, reactivate them and then run them. With highest privliges (local system) of course.
The way all of this is implemented reminds me more of some sort of malware than of a browser. Why network services need to be run with highest privileges is a mistery to me and is known to cause all kinds of security implications. That’s why people don’t do it. But I guess implementing new features was “importanter” than looking out for security and privacy.
The way all kinds of sh1t gets implemented into the browser and tons of services are getting installed through background updates on my system without even asking me leaves one of the worst tastes in my mouth I have ever had. Especially when we’re talking about a product that advertises with security and privacy.
In my opinion you have become your own worst enemy and your software has turned into the biggest malware that is out there. I never really trusted your browser because I had to disable way too many features from the start, but this takes the cake.
For your own sake I can only hope you fix this and if you want to sell a VPN, make it an addon but don’t sneak it in through the backdoor of automatic updates.
Seriously: WTF?
EDIT:
I just uninstalled your malware of a browser:
Update services are still there:
Tasks are still there:
Binaries are still there:
No words…