VPN / Proxy Extensions better integrated in Brave


#1

Extension based Modern VPN / Proxy services have taken off for the past couple of years now and I’ve had many discussions with them relating to which browser their service works best on, if that make sense.
Taking into account their service (or a part of their service) predominately operate on Chrome and Firefox not forgetting Opera and push for sooner updates should we say on their Chrome version than FF, we always and when I say we I mean those that use such service always end up getting in arguments as to which browser it functions more securely on and their reply is always one relating to trust.

In this case I was hoping Brave could apprehend this and take advantage of this fact in relation to the preservation of privacy and improvement on security and collaborate with them on integrating their service in Brave as though it was part of Brave and make it similarly to, if not better than Opera’s way of building OperaVPN/SurfEasy within their native browser.

One brilliant aspect to such browser based solutions if you’re not aware of, is that during circumstances where security software are blocked, with the exception of Tor, extension/SPDY based VPN solutions also continue to still perform securing data and maintaining privacy rather fantastically.

As for the rest of the ones I listed below, they regularly update their service, have an extensive user base and all round excellent service and given some started enthusiastically with the SPDY technology (browser technology by Google which allowed such services to function within the browser) I’m sure they’d love to talk to you guys about integrating it within Brave properly and effectively, especially with the recent improvements made to the older and coherently used SPDY technology. It would be interesting to discuss as to how the newer HTTPS/2 will function given the older technology is to be deprecated.

To be quite honest, considering these are based around stringent security and privacy I would hope these are the extensions which are included within Brave first. I did exclude a couple solutions as I didn’t think it was fair for some companies to immediately gain a greater reputation in the browser-based space considering their service didn’t begin with extensions and are still relatively new to that side of the technology and the fact they’re already popular in the full-force (desktop) space and thought it would be better to give a greater interest, initially at least, to those that dedicate their company around the extension based technology and began and or adopted the technology from the very beginning. I also excluded more than a handful of solutions as they’re not as stringent when it comes to logging and a couple that were negligent when it came to user data, so if you’re wondering why one you know of isn’t on the list, read their privacy policy or more information on the company elsewhere.


Why is Brave Showing my Location!
PureVpn extension
Google Encrypted and Stop Country Redirection and Geolocation
Discussion with Proxy / VPN providers that offer SPDY-HTTPS/2 Solutions
Must have extensions
#2

DotVPN and UnlimtedVPN request is already added here



#3

#4

#5

I think the other extensions have some merit, so we should look into them before closing this out.


#6

Awesome! (with torrent capabilities, it’s rather short sighted/irresponsible to disregard this, especially considering the micropayments aspect to this project.)
One of the things that I like about Opera is that they have VPN built in…unfortunately, I don’t trust it as much as I would a 3rd party, like @Numpty suggests.
And having come from Firefox with the decentraleyes add-on, I like that as well; hopefully that’ll get some attention from brave devs too.


#7

Hi @heysoundude thanks for responding to this like you did. I figured I was the only one concerned with this @alex kindly reopened this after I emailed him regarding Brave becoming the most securest and efficient broswer for a VPN to work with somewhat what similar but slightly sceptical to the functionality of OperaVPN/SurfEasy rather than how most of them function somewhat skeptically within Chrome and Firefox already and whether it is possible to offer it in a more effcient and securer way.
One thing I should also point out was that I excluded SurfEasy from the original list because it was obviously picked up by Opera and Opera already had/has a VPN inder its name and I quite rudely excluded them because I wanted users if they ever viewed this to support the underdogs. I suppose it isn’t a bad idea to also include SurfEasy in the list seeing as the companies don’t operate as one entity and do offer similar principles relating to privacy.
Another thing I’d like to point out which I corresponded with @alex about is the exclusion of Hola which believe it or not someone had the audacity to include in the first place considering many reports on it negligence. I think you should also exclude those that act similarly and that haven’t updated their service since that damning report came out on Android OS VPNs also being negligent. I haven’t read the list of VPNs but perhaps someone reading this could type a list of those providers.

You should also be pleased to know I put in a request for forcing encryption in torrent extension though I think they’d need to contact the party that offers the solution in their browser. Forcing encryption in torrent extention

I don’t know whether anyone come across this before but I once spoke to @ZenMate relating to this and with another browser based torrent client and their service together, personally I didn’t test it with Wireshark myself because I wouldn’t really know in which places it was leaking but they themselves told me that at that time it wasn’t really secure to torrent, this was a couple of years ago obviously you probably could now because they have a desktop client version but I wonder whether they including others optimize their service for it now, browserly speaking of course. I know that isn’t a term.

One final point relating to modern VPN Service providers function within Brave predominantly @heysoundude is that when the micropayment aspect is applied, maybe be not soon but later on they could quite possibly offer their solutions with significant amount of data rather than the GB or 2 with full features for free as well.


#8

When we’re all safe, secure, anonymous, private, the interweb is a better place for everyone. Now if I could only sell the majority of users on that and decentralization, we’d really be onto something.


#9

Firstly, I hope you don’t mind me asking @alex but what changes do you make to the specific addons? Is it just a simple enabling function you add so it works from Chrome to Brave?
I ask these questions because I’m certain if you work with the most popular VPN addon providers such as the ones I listed who either started their service with the addon and or continue to make improvements on it, I think it would be better to get their input on where they where they were restricted by Chrome (Google) and how they could improve their service within Brave but couldn’t in Chrome.
Furthermore, I think you should do it like this as initially stated because I imagine errors would occur when certain fixes are made by the providers in/for Chrome. Which sort of also brings in to question, how will updates be performed of such addon for Brave?

Secondly, In Projects under Requested categorised under VPN’s: - I only notice two providers, does this mean certain ones won’t be implemented, which sort of ties into the beginning of the first question.

Thanks.


#10

@Numpty with respect to the implementation of Extensions, we have some documentation here:


Nothing has been particularly decided on what will not be implemented, it’s really just a function of priority vs user signal & time/resources available.

In enabling a particular extension, there is some checking to make sure it doesn’t compromise user security or privacy.

There’s some more details than this, but @sampson or @brian would be able to dive into specifics.


#11

I just wanted to show support for this suggestion.

It seems to me that the inclusion of a VPN (extension) would match the idea of Brave in general. I mean, the idea of providing anonymous adds, removing tracking and protecting against fingerprinting seem slightly moot if the IP address is visible. I like how this turned out with password managers, where you can select a build in one, or one from a list of 3rd party extensions.

I don’t know how feasible it is though: while I would love a VPN to be integrated, it seems like supporting it is an arms race. I should note that haven’t tried any of the suggestions from Numpty. Personally I use Hoxx. I don’t know if it’s good or not, but the Chromium version works well for me. The Firefox version perhaps isn’t up to date, as it is actively blocked on some networks I encountered. SurfEasy (Chromium & Opera version) I found easy to use, but all servers seems to be blocked for the past months too. Perhaps supporting a range of extensions would be the easiest option?


#12

Hi @Degine thanks for supporting it. I excluded quite a few other solutions because they’re not either forthright when it comes to privacy and or their respect for privacy to put it plainly is stupid. Sure there are a few that don’t respect certain principals but the fact of the matter is people like them is marginal in contrast to the larger user base who are in general against any forms of abuse and fundamentally just don’t enjoy being snooped on or hacked in any circumstance.
So I’ve asked @alex to exclude such solutions as Hola, Hoxx, annonymoX and Browsec because one of them i.e. Hola is known to be flawed holistically when it comes to user privacy and they’re known for admitting it and is reported. Hoxx’s service in general and internationally has great reviews compared to most I’ve seen but its privacy policy and most asked questions and answers to it is pathetic especially considering the country they’re based supposedly respects user privacy constitutionally which is why other solutions in that country don’t log user identifiable data.
In regards to the other two, they have a considerable amount of users but again their privacy policy isn’t excellent. It isn’t as bad as other solutions but it’s not brilliant either.


#13

Since I’m already running an effective adblocking solution on the router for my home network to rave reviews, I’d be more into a proxy extension (that could be made part of the Shields?) since it would work on both mobile and desktop versions.


#14

Hello @Numpty, thank you for these insights. You’ve got me to review the policies in more detail and I think I see what you mean. I guess it’s generally a good thing not all Chromium extensions are directly accessible in Brave. I can only hope those that are implemented have been reviewed as thoroughly as you do. :relaxed: Perhaps not everybody feels the same -some may feel restricted- but I think it improves the quality of the browser.

@heysoundude it would be great if it was incorporated into the Shields. That would allow you to make exceptions and disable the proxy/vpn for some websites, if necessary. And neatly pack all options together, which I really appreciate in Brave.


#15

This was precisely my point.

I once spoke to one of the VPN providers many years ago, this was when I was using FF and I basically was trying to force them to push updates for FF first and got into a lengthy conversation as to which browser their service works best on, believe it or not he/she let it slip that it was Chrome because there was certain restrictions or issues that FF brought to the VPN. Please don’t think I’m implying that their security wasn’t working on FF because they obviously runs tests.
I don’t have have expertise on coding or algorithms in general but the conversation later or maybe beforehand jumped to browser based torrenting of which there was only one of at the time to my knowledge and just in general wanted to figure out whether their extension/addon encrypted the the data and they said no. I brought up the bit about expertise because they mentioned something about the backend and where they have their have their coding or whatever deployed and they completely lost me because I pictured algorithms behind the scenes like a large trifle and couldn’t understand why the torrenting bit of the data was being skipped.

This was my original notion similarly the way Opera built their acquisition of SurfEasy into their native browser for Brave to do the same thing but better, i.e. a relationship between you guys. Believe it or not this is a brilliant way to for the micro payment system to function as I can think of a couple of ways it benefits both parties financially. So I agree with you it should be part of Shields and the way ‘Advanced Controls’ displays management of the selected shields, Brave should too when implementing it just below it display ‘VPN Controls’ where it shows a particular VPN providers simple GUI and the white part of the brave lion icon turning green indicating no data was leaked and all data is currently encrypted.


Request: Decentraleyes
#16

I may be confusing some of the technicalities here, but as far as I’m concerned, my gov’t (any gov’t for that matter) has no “right” to know what passes through my computing devices, where it came from or where it’s headed.

This is a good convo to be having at this particular moment in history, I think, with the recent changes to US law, and the global economy on the verge of massive societal change (make no mistake with how interconnected those two things are). I believe and contend that proxies are more important to brave at this moment than browser-level VPN

As I understand it, US ISPs are now able to monetize their customers browsing history; it can only be a matter of time before other countries laws follow suit, unless this is already specifically outlawed for privacy reasons. Unfortunately, privacy goes by the wayside in times when nations feel threatened - like they do now with the prospect of imminent international terrorism. So now aware and concerned citizens are turning in greater numbers to VPN services, which offer one type of protection, but the next logical step to take is having everything in and out of their VPN portals be further randomized with a proxy, further obfuscating what their online activities are.


#17

Hi @heysoundude would you mind clarifying you contention relating to proxies in contrast to modern VPN solutions; I’ve been using such services for quite some time now and I can humbly say that I have a considerable mount of knowledge regarding this matter and I don’t see how exactly your suggestion could do anything except make the browser slower.
I don’t know if you’ve used ixquick within StartPage searches before but it offers a proxy and slows the browsing considerably.

The functionality of modern VPN solutions is essentially a proxy solutions in an of itself that is why I included it in the title (VPN / Proxy) and that is why some also title their product in online app stores as this as it uses to my understanding provides AES encryption with SSL and TLS SSL via SSL Tunnel VPN or SSL Portal VPN which I think became popular with the development of SPDY, though I wonder if they implement the improved HTTP/2 over it.

Furthermore, I may be wrong but I don’t think Brave can do anything further except for what it has already detailed in terms of enhancing user privacy. I suppose compared to the other browsers we can actually say that the team behind Brave and its goal it wouldn’t do anything that’s damaging for user privacy. Thus offering offering the above browser based extension/addons in the coming updates after V1.0.0 with possible advise of directing solutions on enhancing their products within Brave which will only drive more and more users from other browsers towards Brave. I asked @alex about this and he stated[quote=“alex, post:10, topic:1753”]
In enabling a particular extension, there is some checking to make sure it doesn’t compromise user security or privacy.
[/quote]
speaking of which I also wonder if Brave would have figured out how criminally compromising Hola VPN was before the report came out, which you’d be happy to know was removed per my advise. How it even managed to be on the suggestion list?

I understand a lady worked on the encrypted synchronisation of Brave, it would be great to hear her thoughts on the matter or probably most of the team work around cryptography which is why alex said @sampson or @brian could delve into the specifics.

So @heysoundude the current solutions offered are just more than one type of protection like you state and is by far the best and most efficient solution available which is incredibly user-friendly. I don’t see how they can or how Brave can help in further randomizing (encrypted) data seeing as it is somewhat already obfuscated also as most of the providers that offer a SPDY/HTTP/2 VPN, they usually to my knowledge implement it with AES 128 as it is sufficiently secure and very efficient. To be honest it seems more faster than without using anything, don’t you think your suggestion would only make it lag?


#18

(Is my understanding of a proxy correct?) All I know is that when I started using decentraleyes along with HTTPS everywhere (or similar) on Firefox, pages started to seem to load faster and advertising became much less targeted - I wish I had my router set up to block ads then.
What does browser speed actually mean?
Me, I’m concerned with getting the page I open/link I click to come/load as fast as possible, but I also don’t want anyone to know what’s being transmitted/received or from where…by all means they may see an encrypted datastream a la “The Matrix”, but using it to track me or determine what my tastes are is none of “their” business.
So does that answer your question?


#19

Hi, I understand a couple have already been removed but wanted asked could you remove the two you have under VPN: on Github and link this request instead so when those in Brave are focusing on it later, hopefully the suggestions aren’t overlooked. Thanks.


#20

I wish in the coming months after V1.0, someone types an article “The Only Browser in Cahoots with Security and Privacy Centric VPNs”

I believe I’ve been using Brave now for just over a month and within that time this request has now become the most viewed and replied request suggested in the community. I know, boohoo or is it imperative that Brave focus on this more so than any other feature.
I only imply this as I hope my original statement regarding integration isn’t forgotten.

I’d also like to stress, per my advice (I don’t mean to sound pompous) that particular VPNs are taken into suggestions like the ones I’ve listed and only those ones because I honestly don’t like the policies of the other browser based solutions. In doing I’m sure it will become a brilliant way for Brave to receive micro payments from those solutions.

For anyone in general reading this, I’d also like to stress that there are many brilliant full force VPNs that don’t offer the browser extension, that isn’t a bad thing, if not it is somewhat better as they focus primarily on a proprietary client with many brilliant behind the scene features.