Brave VPN Service

**Type of device - Windows 11 PC

**iOS version ( Settings --> About --> Software Version ):**Windows 11 fully up to date as of today 2023-05-28.

**Detailed description of the behavior:**Noticing that Brave has installed a VPN Service, when I already have a VPN service which I have chosen and subscribed to, I naturally DISABLED the Brave VPN serivice - which SHOULD NOT BE THERE unless I asked for it.
Now on starting windows I get an error Blue Box with the info:-
“This app has been blocked by your system asministrator.
Contact your system administrator
Copy to Clikpboard or Close”
At first I did not know it was Brave’s VPN service doing this, but when first starting Brave, the Blue Error Box pops up again, which confirms that it “is to do with Brave”. The box does not pop up on later Brave starts.
Yes - I already have a VPN, which I’m happy with and don’t want to change, but if I did want a different VPN, then I would NOT choose one that used this kind of behaviour: - installing a Service without the users consent, and a service, which if disabled causes a Windows “Full Screen Blocking Blue Message”.
NASTY! Not the way to gain customers for your VPN!

If I can’t use my PC without those Blue Screen Blocking Error messages about the Brave VPN Service, then I will naturally not use Brave anymore (un-install it) and go back to Firefox!!!

There has never been anything like this experienced by a user.
I do not use Brave VPN too, use another one but have never experienced what you are saying. I will say perhaps this is the work of something else on the machine and less to do with Brave. I will tag @GuardianTeam to have a look.

But have you actually blocked the Brave VPN Service?
I’ve decades of experience “controlling” the various un-necessary services that Microsoft has running as standard. So my action of disabling Brave VPN Service was relatively quick, after the introduction. Other users may not be as clued into security/privacy as me?
While Microsoft has been doing the “Forcing Software on Users” for decades, does Brave REALLY want to be like that?
If so, then I have to say that I no longer respect or TRUST Brave!
Other software providers also want to “bundle” things, for which users may prefer to “Shop Around”. Like my Internet Security (Bitdefender) wants to push push push it’s Password Manager, it’s VPN, it’s “Safepay Browser”, but at least it hasn’t INSTALLED services without asking me!!

A brief comparison:- That Bitdefender “Safepay Browser” - yes I tried it out, but found that it took complete control of the whole screen, which meant that I could not use my Password Manager, so I couldn’t log onto any site - to do the actual purchasing!! This doesn’t mean that I’m gonna use the Bitdefender Password Manager - NO - NO - It means I won’t use the Bitdefender “Safepay Browser” OR the Bitdefender Password Manager.
In fact such "Bundling generally means “Low Quality Crap”, so I generally don’t use “Bundled” products at all!
I want to “Look Around”, choose what’s recommended and is best for my situation. GO HOME ALL “BUNDLERS”! and learn a different method of marketing PLEASE!


My apologies for any confusion. The Brave VPN service is not automatically activated on any device, ever. This is a premium service offered by Brave as an opt-in add-on which requires a user to purchase a subscription in order to access and utilize. The button appearing in the toolbar does not indicate it was installed or changed/modified any part of your current or past browser sessions. If you did not explicitly purchase a subscription, the Brave VPN is not active and no profile is installed on your device to use it. You can verify this by opening your system network settings > VPN and see that Brave VPN is not listed, meaning there is nothing installed on your device.

You are always free to use any VPN service you prefer or any other system software as Brave does not dictate or force the use of only its products, nor will it ever operate in this way.

This has absolutely nothing to do with the blue system error message that you have been seeing as a separate issue. I understand that timing makes it appear as though it is a direct result, but there are no errors from the Brave VPN that have or will cause this type of message to cover your screen.

1 Like

I’m having an issue with Brave’s decision to include VPN into the Brave browser app as well. My corporation’s IT policy now lists Brave as a prohibited application since it includes VPN features. It doesn’t matter if I subscribe to or use VPN or not (I don’t). The fact that Brave allows anyone to use VPN means that it Brave constitutes a corporate security risk, and I am now in a position where my preferred browser for privacy (and security) is blocked because it is itself a security risk. While I very much dislike my corporate IT’s decision, I must admit that the reasoning is sound, and I would make a similar decision if I were an IT admin myself.

For background, I am a software engineer, and the decision to include VPN capabilities in Brave “Browser” seems to me like a pretty clear case of feature creep and unnecessary bloating of what should be a browser first and foremost. In the server backend space, I have seen that monolithic software architectures (like I see Brave becoming) are being reorganized into microservice architectures – and this is not a recent trend. In part, this is because monoliths often lack critical flexibility for specific security-minded customers.

If Brave wants to continue being adopted, the overall project may have to start asking questions like, “Is this going to disallow HIPAA compliance or IT policy acceptance for user organizations?”

Please remove the VPN service from the Brave browser, and repackage it as either (1) a standalone app, or (2) an optionally-installed plugin, so that other users in our positions are not prevented from using Brave.

Also, @Shznakl , I wonder if there is a misunderstanding of Greg’s “Blue Message” for “Blue Screen of Death.” I don’t believe Greg is detailing a BSOD. Which is to say my interpretation is that the color of the message is irrelevant to the content. I believe Greg is attempting to communicate the same thing I am also trying to communicate: corporate IT policies (my company has 350,000 employees, for any justification for how much this may impact Brave adoption) often disallow applications that provide VPN capabilities, and Brave does now provide VPN capabilities.

Unless Brave steps back the decision to include VPN capabilities in its browser, there will be many users who are forced by their corporate IT policies to stop using Brave. I believe that is an unfortunate truth – not just doomsaying.

For myself, I prize the ability to share tabs across my devices. I didn’t use Brave as my default browser until the sync features I rely on were stable. And if my corporate IT forces me to stop using Brave at work, I will (very reluctantly) have to use FF in order to have any Chrome/Edge alternative. Because I will not choose to live without tab syncing across all my devices, that will also mean that I stop using Brave on my PC, my laptop, and my phone as well.

I get paid to work on open source software, and I’m just going to lay out how I would communicate this to my own open source and corporate leadership in order to reach a decision about whether Brave’s VPN feature stays or goes:
What percentage of Brave users are in this same position as Greg and I? What percentage of those users are likely to abandon Brave because of it – as Greg and I seem keen to do? How that will affect Brave’s overall adoption? How that will affect Brave’s monetization strategies?

Well, IT will control features through policies and that’s exactly what Brave offers, they offer policies for Tor, Wallet, IPFS and all that, they also added the Policy BraveVPNDisabled, it is in this week’s update 1.52.x, specifically this one:

You can update today to 1.52 by downloading it on github or wait for tomorrow to get it by the updater.

Anyway, the point is the policy is going to be released tomorrow so there is no excuse why the IT would have to force you to switch browsers.

Hi blaine. Yes on the Blue Message, the message DOES lock the screen, so that you can’t do anything until you’ve dismissed it with the close button. HOWEVER, I have now got that message also “as I open” Thunderbird and my Password program, so it doesn’t seem to be Brave causing it!
I reckon that it’s a typically unhelpful Windows dialogue: - why the hell doesn’t the dialogue tell you what the program is that is being blocked? My guess now is that it’s because I “uped the anti” with Edge, which now is not only blocked, but ALL it’s services are also blocked!

But back to Brave. Mine is not a threat!

I have now made Firefox my default browser again.

I will wait and see if I will allow Brave to remain “on disk”. The next time that I consider this issue, if that SERVICE for the Brave VPN is still there, then Brave will be UN-INSTALLED!

I’m not an expert, but a VPN service is effectively quite similar to a server. If operated by someone that you shouldn’t trust it could “Rip out your data”?

Brave putting a service on my system without my permission or knowledge, leads me to TRUST Brave LESS!

The ONLY reason that I havn’t applied exactly the same principles to Microsoft Windows and gone over to Linux, is that I have quite a few programs which will only run on Windows. So I HAVE to tolerate Microsoft’s lousy software and attitude…

Brave - drop the marketing by stealth and FORCE approach - please!

Hi Emi. But brave shouldn’t have put a VPN server on my machine without my knowledge or consent! Simple.

Offering a policy to disable it is not good enough! Yes I’ve already disabled the service, using “Services”, but I’m left with software on my PC that I want OFF my PC.

What is software called that does things that are not requested or wanted?

It’s called Malware!

Does brave want to continue being “Malware”?

OK - they are only joining Microsoft, who of course shove MORE “Malware” onto users computers than any other organization!

It is a browser, it will add features. Also, technically it will not add the VPN unless you run it, because, especially when they are moving away from OS specific and offering the Wireguard service for the VPN.
It is like Tor, it will only get installed if you click on it.

I mean, you pretty much are complaining about software getting updated and new features, look at the release notes, technically, it should never release any new feature, bugfixes or anything because anything is without your consent?
The moment you use a software, especially a browser with auto-updates then, you consent to use the new whatever features and new defaults Brave Team, the owner of the browser wants.

I am sorry but you are just bringing too much drama that sounds like you really need to touch grass and kick some rocks, it is computers, you are not going to get a reward for thinking the way you do and pretending throwing dumb claims like ‘malware’ will get you somewhere.
If you are talking about using Brave in your home computer, then, that’s not my problem, and you can easily be smart and disable/set to manual Brave’s updater service, and task schedulers if you installed with admin rights or disable the Startup process and task schedulers if you installed without admin rights, and then you can update whenever you want, after reading the release notes ort whatever, or never again, or never use Brave again, that’s your choice.

If you were using Brave in your company and they blocked it for the VPN, then it is their fault for not setting policies in the updater to make sure the new update will not have features they don’t want.
I really didn’t read your comment, I was only informing to the other user about the policy, which will make IT control the VPN, so companies don’t have excuses to block Brave if they can control the VPN or not.

But your situation apparently is not that and I really can’t care much about it, I was just giving the information about the policy and now I move on.

Hi @anon57438784 . I will pass that info along to my IT department.

I do also want to push back on what you say a bit. I am hoping that the frustration I’m hearing in response to my message is related to Greg and not myself.

There has been a valid excuse for IT to force me to stop using Brave up to and including today’s date. That in itself is a reason for IT to continue to disallow me and other employees from using Brave in the future as well. From the standpoint of an IT department, when Brave released a feature to users automatically that is both a security risk for corporate IT and does not arrive with a safe default or an ability to be disabled, it gives a data point of proof to the IT department that Brave shouldn’t be trusted. The message an IT will hear is that any Brave update may open new security risks at any time that can’t be quickly and easily disabled – or vetted before being enabled.

What would seem to be a simple “there is no excuse now since the issue is fixed” is not so simple. I really hope my corporate IT feels differently, but it is not in my opinion unreasonable for any IT department to continue to block Brave when there is a historical precedent of risk.

While I don’t believe this is an end-of-the-world issue right now, I don’t think it’s appropriate to ignore the points I have made so far. Reputational damage has likely been done, even if small. I would suggest that this issue be brought up with Brave leadership and stakeholders, and I would suggest that a strict policy be put in place requiring that new features added to Brave that might impact organizational security should not be released until the feature can be disabled by corporate IT departments. Such a policy should be a multi-developer check-off for any new feature. Doing so will show a maturity from the greater Brave project and a willingness to take constructive feedback, and an intention to provide better care for security as a wholistic concept (rather than a user-only one) in the future.

Hi Emi. “technically it will not add the VPN unless you run it”
Actually - I mean actually they HAVE added a VPN service to my PC, even though they didn’t ask me to do so, tell me that they were doing it, offer the option not to do so etc…

The description as “Malware” is also accurate, not just on this issue, but also I notice going back to Firefox as my default browser, that when searching with Startpage, on both Browsers, Brave adds a WHOLE PAGE full of Sponsored links before the search I want, wheras Firefox does not!

I have opted out of all Advertisments that I am able to do so, on both browsers.

I find it totally unacceptable that Brave should be adding a whole page of BRAVE sponsored links to MY Startpage Search! Yes this is “Malware”!

On Firefox, it opens MY Startpage search, with only Startpage results. Now THAT is what a browser should do.

I no longer TRUST Brave!! It’s going… going… Gone!

Note:- I would really prefer to have the option to PAY for a browser that I could trust and did not do anything but BROWSE the internet (while allowing me to block all Ads). I don’t like or trust FREE software - because nothing is free. It has to be paid for.
As an example on my Android phone I went for as much PAID for apps as I could, avoiding as much freeware as possible.

Hi Shznakl. You say “meaning there is nothing installed on your device.”

regretably this is NOT TRUE, since there is a Brave VPN Service installed!

OK - it may not be running, however I did not request it, or want that to be there - running or not!

Yes, I now know that the error message, which now happens twice when I start up my PC, is not Brave, but likely is MS Edge, which I feel similarly about - with FOUR services started as Boot time. It looks like I will have to endure these “MS nasties”, if I want the priviledge of not having Edge Services running on my PC…

This will be my final comment here - since I’ve now uninstalled Brave!

I did this a bit earlier than expected, since people here seem to show no regard to the issue of installing a service that the user has not requested or wants. Services can’t be uninstalled manually, so the only way is to un-install Brave…

Note:- This un-install was one of the dirtiest that I’ve seen. The only other comparable, was when I had to un-install Google Chrome, when I hadn’t even asked to install it!!!

Various Folders were left behind. Interestingly one was for the Brave VPN Service!

In the registry there was an absolute TON of redundant entries. I backed up quite a lot (just in case) but have now a cleaner registry, apart from the MUI caches, which will “auto-update” soon.

I wasn’t impressed with uninstalling this with “Revo Uninstaller”, since it didn’t remove all that!

Google’s version of “Uninstall” seems to mean “Hide it from the User, but leave behind as much as is necessary for a quick re-install with settings as before”

I suppose that Brave inherits that “Slap in the Users Face” from Google…


Well, yes, technically my ‘there is no excuse’ was more about they don’t have an excuse about the VPN since now a policy exists to control it after today, rather than blocking Brave because of it, it has nothing to do with other views on Brave, but I also now the problems about it, and knowing IT people, they can be a pain to deal with, because just like you, they want their job to be simpler and don’t complicate their job.

T there are other issues still remanding even with the policy available since today. but technically speaking Brave shouldn’t be put in a ‘prohibited’ list as you state, it should be managed correctly by the IT department, just like any other Browser, but we can make something clear, since Brave is small and irrelevant on Enterprise and a small team that doesn’t work as fast as they should in many areas, so not to blame the IT department, just saying IT departments have some sort of power ego, and they will not waste time trying to do much with irrelevant browsers like Brave.

Think about this, just think about Edge, adding so many consumer and enterprise features all in one browser, even a wallet and shopping list, and AI and all that. I use Edge too, it is amazing the amount of features it has, but look at the sidebar, with MSN games and all.
Now tell me, do you think IT departments will start blocking Edge which is built right in every Windows 10/11 machine? no, because they can use policies to control all those features.
Same as Brave, they have done the same job Edge and Chrome have done, but Brave hasn’t done the best job in this area, we could say it is because it is a small team, but they should surely prioritize things better like Group Policies.

But Brave even uses the same updater as Chrome, it is the open source solution called Omaha, but it works exactly the same, and uses the same policies and all.

That’s why I said there is no technical (I will add technical now) excuse why they would not manage Brave better in the first place and just add it to the prohibited list.
Of course, knowing IT departments from many companies in many ways, it is rather obvious how IT departments would rather you to make their job easier and just use Edge or Chrome or Firefox, rather than having to personalize yet another browser not many will use like Brave.

The question is, was your IT department using the policies provided by Brave team? Did you see your Brave managed by an organization? because VPN seems nothing compared to Tor or IPFS and Wallet in my opinion, I mean, I guess Tor network was already blocked by your IT globally but the feature still existed there in Brave.
So, was it managed? or they never did anything with Brave and now just block it because of the VPN?

I ask because in a perfect world of reasonable people, your IT department should have managed Brave just as they do with Edge or Chrome, and then add policies to the Brave updater in order to block Brave update since march 13th, when the VPN was released containing the VPN feature, and wait sometime to see if the policy was added in Brave to manage the VPN, and then block it completely if it was never added. That would have been the most reasonable thing to do in a perfect world that doesn’t exist, but you know, block the update, don’t ‘force you to use another browser’ because unless there was a high security patch needed by Chromium browsers, having an outdated Browser is pretty reasonable, just like companies will never want you to apply updates on the same day as anyone else, they could have delayed Brave VPN update, until it was obvious Brave wasn’t going to add the policy, or until the policy was added.

Of course, we can make one point clear, Brave should think about Enterprise when releasing these features, they HAVE to have policies in place before the features hit Stable, release them together, not 2 months and a half later.
And also fix the GPO templates to include the policies that are available but not in the group policy template, that’s seriously always bothering me about Brave, something so simple, being delayed for months and months.

So in a way it is obvious some IT departments will block Brave, and that will be Brave’s team fault.
But also as you can see the Issue/PR in GitHub, the policy was made available in April 3rd on Nightly, so it wasn’t even a month after Stable got VPN. So it will be a matter of Brave team to properly do the job for IT’s not to block it. IT’s won’t research information for a browser not many use, they won’t go to Brave’s GitHub and see if the policy is being worked on or something, so that’s Brave’s fault for sure.

But maybe your IT department is different and maybe they are just ignorant about Brave, and they are open to listen to anyone’s request.

For example, Brave’s policies/templates are in

But that’s why I mean by “there is no excuse” not because I can change people’s mind and then every IT will allow Brave to be used and they will want to manage another browser for 3 cats in the world, but because in terms of what Brave is offering, like policies, then, Brave can still be managed just as they should be managing Edge or Chrome.
I am sure Enterprise has a harder time managing Edge, with all its pro-consumer features that have nothing to do with Enterprise or Enterprise might not want around, than what they would have with Brave. But Brave is small and irrelevant, like I already stated, which makes it hard, but for example, Microsoft offers policies for everything, even Powertoys has policies to control many things about it, so that’s something Brave has to prioritize and think about the enterprise for sure if they want companies to accept Brave and don’t complain about it.

I guess the best you can do is to write your experience in an issue like this:

Because it is annoying they haven’t added the Brave specific options to the templates, which will make some IT departments unhappy for sure.

I agree with your comparison to ggoole StellarGreg.
I also disabled Brave VPN on my startup list, only to find another Brave VPN entry that was enabled after I completely removed anything Brave from my PC (C:>search Brave) by manually deleting file by file. It took a long time, but oh well.
Now the second entry for Brave VPN being enabled is there, and I am also looking for a DIRECT reply why that is after I reinstalled Brave (Nightly) browser.
If Brave VPN is not installed on my PC, why does it show up in my Startup list being enabled???
Inquiring minds want to know.