He said:Ī network request does not by itself enable tracking – IP address fingerprinting is not robust, especially on mobile. Mind you, data slurps like Facebook can also track people by fingerprinting their browsers and machines. He weighed in on Twitter and in the Reddit forums, arguing that the Facebook login button can’t be used as a tracker without third-party cookies, which the browser blocks. So, these JavaScript exceptions can’t be used to track people? That’s right, according to Brave co-founder Brendan Eich. The domains listed in the article as exceptions are related to Facebook’s JS SDK that publishers implement for user auth and sharing, likes, etc.īlocking those events outright would break that Facebook functionality on a whole heap of sites, he said.Īlong with Bondy, he cites GitHub commits from three weeks ago that updated the browser’s ad blocking lists, explicitly blocking Facebook requests used for tracking.
He explained that the browser has to allow these JavaScript events through to support basic functionality on third-party sites. So if the entries in the whitelist aren’t ad trackers, what are they?īrave’s director of business development Luke Mulks dived deeper, calling stories in the press about whitelisting Facebook trackers inaccurate. He added that Brave’s Facebook blocking is “at least as good” as uBlock origin, which is a cross-platform ad blocker.
Saying we fully allow Facebook tracking isn’t right, but we admittedly need more strict-mode like settings for privacy conscious users. There’s a balance between breaking the web and being as strict as possible. CTO Brian Bondy commented directly in the YCombinator thread saying: The whitelist was in an archived version of the repository but also turns up in the latest current master branch.īrave staff have separately commented on the issue in different threads. Temporary whitelist until we find a better solution
BRAVE 2 2019 CODE
The post points to a code commit on Brave’s GitHub repository from April 2017 that includes the following code:Ĭonst whitelistHosts = Yet a post on the YCombinator Hacker News site reveals that the browser has whitelisted at least two social media sites known to be aggressive about slurping user data: Facebook and Twitter. You can allow ads and trackers in the preferences panel. Users can also credit publishers that they like with the tokens.Īds and trackers are blocked by default. It rewards users for this with an Ethereum blockchain-based token called the Basic Attention Token (BAT). It then gives users the option to receive ads by signalling basic information about their intentions to advertisers, but only with user permission. Rather than allowing advertisers to track its users, the browser blocks ad trackers and instead leaves users’ browsing data encrypted on their machines. Instead of just serving up user browsing data to advertisers, its developers designed it to put control in the users’ hands. Launched in 2016, Brave is a browser that stakes its business model on user privacy. Privacy-conscious web browser company Brave was busy trying to correct the record this week after someone posted what looked like a whitelist in its code allowing its browser to communicate with Facebook from third-party websites.
0 kommentar(er)
