Settings Being Changed Silently? Backdoor behavior

Raccoon · January 6, 2021, 11:33am

Hi.

I have noticed an abnormal behavior.

I keep toggling the option of “Black all cookies” in the Brave settings menu on Android since I never log in to websites or any similar activities that require cookies as an essential.

I noticed that after around 3 to 4 browsing sessions {that is - browse internet - quit browser, next day browse internet - quit browser - next day browser a little and so on]
The cookies are automatically enabled with the option active being "block only third party cookies"which ultimately accepts the first party cookies.

I noticed this behavior on 3 different mobile devices. Two of them are Android 10 and the other being on android pie.

All the brave versions are latest available on Play store. Devices and OS are updated upto the latest security patch available.

Is this behavior normal? Has anyone else experienced it?

This is a major issue that caught my eye. Settings should be completely depended on what a user sets it to be. Or the program can be defined as a tool that operates remotely without user consent.

Anyhow, I did scan with a bunch of Antimalware [individually, one at a time] and as expected, the device was clean. Did a Factory reset, installed brave and observed the same behavior. All this happened in a period of 4 weeks.

I am curious and concerned at the same time. Is this normal behavior? Any sort of help from an expert on chromium builds and the brave community would be great.

le.el · January 6, 2021, 2:22pm

Can you give steps to reproduce your issue? Providing screenshot will be helpful too to better understanding your case.

gmacar · January 6, 2021, 8:51pm

Hello, I have Android but don’t use Brave there. Anyway, AFAIK Brave’s policy is not to block non-tracking cookies sent by the same host as the website, regardless if you need to log in or not. Basically, they are considered “useful” cookies. To see how many cookies have been accepted for each tab (on Brave for desktop), click the small “padlock” icon in the address bar.
That being said, I don’t know if that “Block all cookies” option actually blocks all cookies… I wouldn’t be surprised if it didn’t.

Raccoon · January 8, 2021, 6:33pm

Alright so here is what I set by default :

But after a couple of browsing sessions it automatically silently reverts back to this without the consent of user - essentially allowing some websites to track their traffic :

This can be identified as malicious behavior but I am not sure if this is produced by brave itself. I wanted to clarify if this is actually the case with all brave mobile users.

Maybe one of the devs can look into this matter. This is concerning.

Raccoon · January 8, 2021, 6:37pm

Thanks for engaging.

I’ve briefed with screenshots now.

le.el · January 8, 2021, 6:42pm

Maybe an issue with your installation. I also have all cookies blocked via that setting and never face an issue that you encounter. @Mattches @sampson may have an idea about that.

Mattches · January 8, 2021, 6:53pm

@Raccoon,
“Malicious” implies intent to do harm. So I can assure you that this behavior is not “malicious”. The first thing I would check is to make sure that you’re not clearing your browsing data “on exit”, which may be reverting some of your settings when you close the browser – Settings --> Privacy --> Close tabs on exit.

I notice you mention “after a couple browsing sessions” – is the a specific behavior or website you visit that you can think of that may be the inciting action?

Raccoon · January 15, 2021, 12:56pm

Yes. This option is enabled and has always been enabled since it was available to me. But the action I mentioned occurs only after a certain interval despite the option being enabled all the time.

Mostly news websites like BBC & telegraph and perhaps some google websites like YT and Drive. Pretty much that’s it.