I used to be optimistic about Brave, but I no longer consider it to be a good project. It has had some serious issues with security and the intent behind it is starting to seem nefarious. Monetizing other people's content was always sketchy and their DRM is going far beyond EME.
Conversation
At the core, it's an attempt to monetize other people's content on the web with a cryptocurrency based on the value of people's attention, i.e. the core of the advertising industry. I was interested in their work on privacy improvements but it's clear that's just window dressing.
1
13
I'm not a fan of using attestation to build DRM implementations, especially in a way that goes out of the way to shut out other platforms. They wouldn't even respond to my suggestion to use an approach that is both *stronger* and would allow them to whitelist operating systems.
1
10
Replying to
As long as you can use it without the attention-coin-mining bullshit enabled... Refusing to enable it on "untrusted" operating system is kinda a feature. ;-) But yeah, it's all grossing me out.
1
1
Replying to
I do think that on a technical level, it's a decent choice. The Chromium base is the most secure option and they set privacy-unfriendly defaults, disable invasive optional services and make some important tweaks. Built-in content filtering is also the right approach by far.
However, they haven't have the best attitude towards security and there have been some major issues. The previous Electron-based desktop browser was awful too. The approach on mobile was saner from the start, and that's what I recommended to people as a decent option in the past.
1
1
The main thing is that they clearly have the wrong motivations. The DRM issue was the last straw for me. I don't like attestation being used for DRM. I see a lot of value in it as a security feature for users but having a root of trust makes it possible to (ab)use it for DRM.
1
2
Show replies