[jonathansampson]

Hello, John! I'm Sampson, a developer on the browser. The BAT component is not on-by-default in Brave. By default, you get a browser that blocks third-party trackers (and the ads that rely on them), prevents fingerprinting, crypto-jacking, auto-play media, and more.

Unfortunately, the ad-system that has become infested with malicious tracking and more is also a means by which creators across the Web find support. This is why Brave introduced the Brave Rewards component. So that we can create not only a safer Web, but a sustainable Web.

Opting-in to Brave Rewards means you're able to earn tokens for your attention. By default, these tokens are then donated to the sites and properties you visit throughout the month. The more you visit a property, the higher their end-of-month contribution will be.

All of this works without violating your privacy, thanks to on-device matching of ads and machine-learning. The token integration is a minimal component, but with a massive impact on the long-term sustainability of the Web. I'm happy to answer any other questions you may have.

All the best!

[JMTQp8lwXL]

Given that IP address, user agent, fonts, screen dimensions, and a few other data points easily found via JavaScript can create a fingerprint [0], isn't a bit disingenuous to suggest any browser can truly block tracking, especially if JavaScript is enabled?

I could use cURL to perform all web browsing, but my IP Address + User Agent could still be tracked by the website I visit.

With time, what seems to be occurring is a game of cat-and-mouse where trackers develop more powerful heuristics for creating fingerprints.

[0]: https://amiunique.org/

[asdkhadsj]

To extend your comment; Even your mouse movements can be used to form an identity of you. Not only that, your mouse movements even correlate to demographic information about you (eg age/gender/etc).

With that said, I think you're correct in that it'll be a game of cat and mouse, but I'm not sure what the alternative is. Are you implying that there is anything that can be done beyond the traditional cat and mouse? Because I feel that's the same with security, crypto, etc etc.

[JMTQp8lwXL]

Browsers need to rethink what is available via JavaScript. Scroll position, cursor location, etc. should not be readable. CSS Media queries for building responsive should still be fine to write, but the JavaScript API should be silent as to what styles are actually applied (to prevent workarounds for say, inferring the screen height/width from media query styles).

If we go back to basics, where I can make a network request, and the body includes a useful response (e.g., no need for running JS to populate the DOM, as is the case with SPAs that aren't server-side rendered), we can free ourselves from those more advanced heuristics.

It will likely always be cat-and-mouse, but we can rethink the universe of data available within the browser (that can be reported back via XHR requests), and make that universe much smaller.