I noticed that Brave does not restrict the interaction of external websites with the local network. In my opinion, this poses an unnecessary privacy risk, as it can be abused to scan for ports or identify running services, network topology, etc. I see no legitimate use case that justifies this behaviour (please correct me if I am wrong on this point). It also poses a security risk when having vulnerable software running locally.
I know there are already countermeasures in place (blocked ports, throttling), which dont seem to fight the root problem.
I would really appreciate your thoughts on this!
Thank you very much.