The mobile Brave didn't support the ads or attention token stuff when I recommended it, and my expectation was that it was a silly idea and would die off because there's too much wrong with it. I expected them to refocus on making a privacy-focused browser based on Chromium.
Conversation
I recommended it in spite of that. I never supported that part of the project. Recently, I looked BAT, Brave Ads, etc. more deeply and my impression is that it's sketchy as hell and quite possibly totally illegal to launch it and manage it the way they have. It deserves scrutiny.
1
That stuff was never in the Android app and the Android app is what I closely looked into and then recommended in the past. The reason I looked into the project more deeply recent was because I found it sketchy as hell to have a feature that requires DRM to be viable.
1
The response I got on those 2 issues from that developer was off-putting so I posted about it on Twitter and ended up getting into a mild debate (not a fight or flame war) about whether it's difficult to avoid a hard requirement on Play Services, especially when Chromium does.
1
Eventually, after thinking about it for quite a while, I posted the initial tweets here and I intended to simply remove the mention of Brave as an alternative from my documentation. I'm going to need to do much more than that now and I feel bad about ever recommending it...
1
As an onlooker it still appears to me that your primary complaint is around Brave using an Android-provided attestation API for part of their optional ad rev-share feature, and this weak foundation is used to mark them as a terrible / dishonest etc org.
Doesn't seem good faith.
2
It's not an Android API. The relevant Android API is key attestation. They use SafetyNet attestation, which is a Google Play Services API. Google Play Services isn't part of the official definition of Android. CTS / CDD don't include it. My issue with it is not it being weak.
1
You're misrepresenting my statements and continuing the concern trolling you started with in your initial tweets. I never stated or implied that my issue with it is having a weak DRM implementation. When people act as he did and to a lesser extent yourself, it's not productive.
1
If you want to have a productive conversation and hear my in-depth thoughts on it, don't start a conversation that way, and definitely don't do what he did and just fill the thread up with nonsense, baseless accusations and ridiculous spin spammed without substance at all.
1
I am interested, but also very wary of double-standards in debate when dominant bad actors seem to escape scrutiny in these ad / privacy discussions.
So the issue (in part) is this API: developer.android.com/training/safet and that it relies on Google Play Services unnecessarily?
1
As I said, my issue with Brave is not the sub-par implementation of DRM that's unnecessarily dependent on Play Services and explicitly tries to enforce that the feature cannot be used on an alternate OS. That isn't my issue with the project. It just suggested they do better.
I don't agree with doing this in the first place. I suggested they take a better, less easily bypassed approach if they are going to do it because I was trying to be helpful since I have experience with it. The reason I have an issue with it is not it being unnecessarily weak.
1
Okay logically I think I have to give up.
You think their ICO was illegal, they're a sketchy company, and that attestation is bad, but you wanted to help them build stronger attestation approach?
Being on someone's case for logical contradictions doesn't = concern troll!
1
1
Show replies