Hacker News new | ask | show | jobs
by starttoaster 973 days ago
Brave bundles VPN software with their privacy focused browser. Web privacy focused people tend to distrust everything by default. Web privacy focused people begin thinking of Brave someday turning on the VPN service and tunneling your traffic through VPN nodes they control with nefarious intent.

I think that's the gist. Tbh, just installing a service that's disabled is, by itself, not that scary to me. If they were to ever turn it on without my consent, that's a real problem.
2 comments
SahAssar 973 days ago
> Web privacy focused people begin thinking of Brave someday turning on the VPN service and tunneling your traffic through VPN nodes they control with nefarious intent.

No, it is more that any one company that installs unwanted stuff on my computer is probably not some thing I trust as a privacy-focused software. Besides that VPN services have extremely broad permissions to look at or modify traffic, so it might be a attack target if not properly secured (which it might not be if it was "accidentally" installed). It also might signal that brave is looking to become a much broader company besides their current browser-crypto-ads thing, which is worrying for privacy.

There are many reasons for an accidentally or not-really-accidentally vpn service being installed behind the users back is alarming.

link
starttoaster 973 days ago
> It also might signal that brave is looking to become a much broader company besides their current browser-crypto-ads thing, which is worrying for privacy

Soft agree, while noting that from their perspective, browsers are not a profitable offering, so they likely _need_ to expand to a broader product offering, without grant funding. Google has their obvious reasons for being in the browser market, Firefox receives grants if I remember correctly, Safari I assume only exists so Apple can attempt to keep people in their walled garden of software offerings. How do the maintainers of Brave get to make a living? Either by selling you something or selling you. I'd rather them try to sell me something, personally.

That said, I'm a current Brave user that still has one foot in the door for Firefox. If they keep this up, I might be back.

link
SahAssar 973 days ago
Sure, but that is worrying from a privacy perspective. For any other venture their value is their current installed base so they will probably try to use that either via bundling (as might have been the case here) or via cross-marketing (which is usually not privacy-friendly).

Either way I think a privacy-focused company not making enough money to survive on their (hopefully privacy-focused) products is not a good thing. Brave has been going through this for quite some time with BAT and crypto ads, mozilla has been going through it even longer with bloating expenses and google income.

link
soundnote 971 days ago
Safari and Firefox development are both pretty much funded by Google paying them to be the default search engine. (Which is obviously hilarious from a privacy perspective)
link
JohnFen 973 days ago
> with nefarious intent

Or without nefarious intent. I find it sketchy regardless of the intent behind it.

> just installing a service that's disabled is, by itself, not that scary to me.

It's not that it's scary, it's that it's intrusive. If you want to install stuff on my machine, get my consent first -- even if it's disabled by default.

link
starttoaster 973 days ago
> If you want to install stuff on my machine, get my consent first

I assume from their perspective, they have your consent, as you downloaded their browser install wizard and installed their product, including its widgets. But I agree, they should itemize all their widgets, and not install them by default. Though I am a bit jaded in this area, as most desktop software seems to come with widgets that install by default.

link