this post was submitted on 28 Sep 2023
20 points (100.0% liked)

Privacy Guides

16802 readers
2 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
20
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 

I wanted to try out the desktop version of the Brave browser. Its setup according to the privacy guide directions and I have sendoff usage data disabled, but if I open the browser sitting on the home page, windows is reporting 100KB ofdataa going out every 5 or so seconds.

Running the same test with Edge, no network usage is reported.

The only extention on Brave is bitwarden, which is also installed on edge.

Any thoughts? This is the IP it is sending to: 104.18.12.33

Edit: on reboot of process, I see the hostname: ec2-35-163-26-5.us-west-2.compute.amazonaws.com

all 35 comments
sorted by: hot top controversial new old
[–] [email protected] 15 points 1 year ago (1 children)

I read an article a while ago that put pretty convincing arguments forward to not use Brave. You should be able to find it if you search on Lemmy

[–] [email protected] 11 points 1 year ago (1 children)
[–] [email protected] 8 points 1 year ago (2 children)

I dont think I can take that article seriously when they recommend Chromium with uBlock as an alternative 💀

[–] [email protected] 2 points 1 year ago (1 children)

I mean, agreed, but Chromium and Chrome are different. Just in case you thought they are the same, wasn't exactly clear to me. But I also might remember wrong, in my memory Chromium is the base for Chrome and has a lot less Google stuff baked in.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

I'm aware that they're different. Chromium is a much better option that Chrome, but not a good option overall for privacy. If you like Chromium, try UnGoogled Chromium!

[–] [email protected] 1 points 1 year ago (1 children)

What is wrong with Chromium with uBlock origin? I was a Brave user then after all their controversies I moved on to Chromium. I use FF primarily though, only Chromium for websites that have issues

[–] [email protected] 1 points 1 year ago (1 children)

Chromium bundles a lot of google telemetry into it, even though it is the open source base of Chrome. Ungoogled Chromium is a recommendation that's actually private. I also only use Chromium for websites that have issues.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

I have tried Ungoogled Chromium before. While it's undeniably better in security and privacy, there were also many things that are not so convenient such as installing extensions, streaming with widevine DRM etc. For a program that serves the sole purpose of filling the compatibility gap, the fact that it doesn't "just works" makes it less optimal than vanilla Chromium for me

[–] [email protected] 7 points 1 year ago (1 children)
[–] [email protected] 5 points 1 year ago (1 children)

Its encrypted traffic, just getting a bunch of bytes. I don't see the server in the brave git repo.

Idk, something in there is sending data over what looks like a web socket.

[–] [email protected] 1 points 1 year ago

Install mitmproxy and set the proxy settings to mitm. Maybe it will work.

[–] [email protected] 6 points 1 year ago

I'd uninstall Brave if you care about privacy. Also check out the creator...

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

It seem that's a cloudflare load balancer IP so it doesn't really give any clues as to where the data is going.

[–] [email protected] 2 points 1 year ago

Yeah, not sure. I see a post on reddit about Firefox hitting a similar host, but not sure it's related.

Does anyone else see this?

[–] [email protected] 3 points 1 year ago (1 children)

Could it be a connectivity check for captive portals?

[–] [email protected] 2 points 1 year ago

What does that mean? Still, Edge doesn't seem to do this.

[–] [email protected] 2 points 1 year ago (1 children)

maybe you have opt-out logs enabled? try to disable them 😃

[–] [email protected] 1 points 1 year ago (1 children)

Do you know where this setting is? I'm not seeing it

[–] [email protected] 1 points 1 year ago (1 children)

it is in privacy and security section in settings. allow analytics, PING and send everyday data.

[–] [email protected] 1 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago

weird situation D:

[–] [email protected] 2 points 1 year ago (1 children)

Using a privte tab doesn't send anything out when idle.

[–] [email protected] 3 points 1 year ago (1 children)

It could be a notification for a webpage? I think it has to do websockets for that, but I’m not 100% sure

[–] [email protected] 1 points 1 year ago

I'll try clearing data, maybe your on the right track.

[–] [email protected] 2 points 1 year ago (2 children)

Brave Homepage? Sync disabled? Update check?

[–] [email protected] 1 points 1 year ago

Oh i forgot, when in the private window, there is no traffic when sitting at the new tab page.

[–] [email protected] 1 points 1 year ago

This is sitting on the new tab page. No news or any widgets. Sync is never enabled. I though about update check, but that's really offten to keep checking.

I didn't get to try out other suggestions here yet, will on Monday when I'm back at the computer.

[–] [email protected] 1 points 1 year ago (2 children)

Try removing bitwarden and do the same test. Ibet bitwarden is checking for updates that it needs to sync.

[–] [email protected] 3 points 1 year ago (1 children)

OP says it is trying to contact some aws server. Bitwarden afaik does not use aws. Brave probably is.

[–] [email protected] 1 points 1 year ago

Apologies...I misread that

[–] [email protected] 1 points 1 year ago

I did this, no change.

[–] [email protected] 1 points 1 year ago (1 children)

You can likely inspect the traffic if you use Wireshark.

[–] [email protected] 1 points 1 year ago

I did, but it looked like https traffic as it was labeled as this and the data was just bytes