Today, I downloaded Brave to check out the Tor integration and went through the settings dance, because no browser today, of which I am aware, respects privacy out of the box. I was disappointed to find some privacy nightmares in there.
Pocket integration: wow. If you’re not aware of Pocket, it’s something. I had a back and forth discussion with a PR member on this for awhile and came away even more concerned. If you have questions, I suggest asking them, but don’t expect to get more than canned answers and propaganda. Otherwise, they were professional and polite.
DuckDuckGo: I’ve never received an answer, from DDG or otherwise, about why on earth people would trust this company for security. Their main offices are in the US and are, as such, required to comply with US law. Imagine a scenario where the US government, in the form of an alphabet agency, required them to turn on logs and provide tracking information. Is that a far-fetched scenario?
Extensions: Passwords and torrent viewer sum up those. Out of all the possible extensions available to help protect privacy, why those? see https://www.darknet.org.uk/2017/03/lastpass-chrome-extension-leaking-passwords/
Anybody that uses browser extensions to manage passwords is asking for trouble.
I was pleasantly surprised to find a way to disable WebRTC, thank you! That’s a step in the right direction. Now, if we had a way to minutely configure Brave like we do Firefox, I would switch in a heartbeat. As it is, though, I don’t know if Brave forbids pings, beacons, webgl, and a whole host of privacy-destroying browser technology.
Thank you for all the hard work. It seems that I will still have to pass on Brave as a daily driver; however, I’ll keep watching it to see if it will truly stand up for privacy. Oh, and almost forgot, Discourse doesn’t exactly protect privacy, either: