+ Reply to Thread
Page 2 of 5 FirstFirst 1 2 5 LastLast
Results 21 to 40 of 97

Thread: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

  1. Link to Post #21
    Scotland Avalon Member
    Join Date
    16th February 2012
    Posts
    2,035
    Thanks
    2,282
    Thanked 9,410 times in 1,804 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by Bob (here)
    I just tried this 'browser' and my opinion is it is a locked virus. I think we have been duped into installing some type of spyware on our machine(s). Until I see a way to completely uninstall all traces of "Brave" I will consider us being duped to having installed spyware which will not uninstall. The files are LOCKED even when you are system administrator. Machine OWNER cannot uninstall.

    I used the standard remove program from the control panel after installing and found out, there are a lot of folders, and programs still left, in non-standard program locations on the windows machine.

    Any suggestions on how to remove it? Like how to actually get access to the permissions for the hidden user account that is created??
    Could you suggest an alternative browser that's downloadable now? I have 5 on my machine. Chrome has also been accused of being spyware. Maxthon has had similar accusations thrown at it. Firefox, I don't know. Safari is from Apple, IE from Microsoft. That leaves Opera and Chromium.

    I'm open minded about any alternative browsers.

    It looks like Brave is open source:

    https://github.com/brave/browser-laptop

    Which means any genuine spyware capabilities would be found in a matter of weeks or months. If there were any under-the-radar additions, anyone could easily fork the github repository and release a different version. IMO, Brendan Eich would have to be crazy to trash his career by releasing an open source browser that contained spyware.

    It might be a good idea to take 15 seconds to Google: "How to uninstall Brave Browser" before throwing around libelous accusations about viruses, duping, and spyware. Other people have had similar problems during uninstall. It's probably just be an early stage bug.

  2. The Following 5 Users Say Thank You to Daozen For This Post:

    Bob (2nd October 2016), Chanlo23 (3rd October 2016), Hervé (2nd October 2016), Johnny (2nd October 2016), ThePythonicCow (3rd October 2016)

  3. Link to Post #22
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Exclamation Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    I did, it says it doesn't uninstall on Windows 10 and "Case Closed" (did they finally succeed in uninstalling, don't know).

    My feeling is this: When a developer uses non-standard locations for data, like the normal install location(s), and there are QUITE A FEW.. it becomes difficult (and it shouldn't be difficult in fully open source fully clear explained commented code). One could very easily become suspicious that something nefarious may be happening - so here is what I found and why I felt more and more uncomfortable -

    One can do a search for the brave keyword (as some have suggested) within the whole computer to locate where the programs and the myriad of files are installed, and there are a LOT OF THEM. A LOT OF NONSTANDARD FILES. Numerous caches are created it looks like, encrypted (?) (binary maybe)... which could store passwords, etc. why are those caches needed?

    Just wondering out loud, are there stored passwords somewhere in a file created by Brave? Secure where ONLY the owner would know? Untamperable, and not able to be remotely read by some script somewhere accessing the Java Engine?

    How can one tell without having extreme programming skills to dissect this browser and all the 'features' offered by or to be offered by it. How is the public, not technically oriented, not skilled programmers just going to be comfortable, that everything is indeed safe and secure? How do I know that my bios didn't have code written in to it for instance? (a place some nasty issues have been known to be installed).. We have no guarantees that such is clean. Look at ALL the stuff being done by NSA, how even hard drives bios' (the firmware memory chips) can be programmed by a program running on one's machine. Paranoid? Maybe or security conscious?

    I am not a happy camper. I expected "warm and fuzzy". It was not warm and fuzzy. There were too many unknowns in my view of this, and I don't like the idea of trusting private data to a third party "new" program which will transmit potentially, depending on the website clicked on, private data. I have seen no peer reviews that the security is hole/problem/issue free.

    As to uninstalling: I did manage to create an an elevated senior "EVERYONE" account to take full control in the "Brave" folders which were created, and ONE by ONE I am deleting each. I should NOT have had to do that. I should have as some on various websites said (git hub included), is just go and delete the files. I could not just delete the files or folders.

    As a developer myself, I have found one doesn't do installs in non-normal locations - normal locations would be such as "program files" or "program files (86)". An uninstaller would remove ALL traces of the program, files, caches, repositories.. I didn't sign up to be a beta-tester for this program, and having to actually do procedures which normally could happen during a betatest is wasting my time and energy. If the code was inadvertently written to STOP writing a proper UNINSTALLER, and what was left was seeing HOW Brave's installer treated the hard drive's folder's by creating an ELEVATED account that nothing else could touch (including the system and owner).. Maybe there is a logic to that, but if the installer is supposed to write an UN-Installer and it stops doing that, leaving the program and files/folders LOCKED that certainly is a no-no, a nasty oops !

    When I test out something new I test out the uninstaller to see what damage, if anything, that it does.

    I personally will COMPLETELY STAY THE HECK away from this "Brave" browser in it's current state. I am not interested in re-installing it. The example of the "spyware" actions without user permission, and an uninstaller which leaves coded scripts (without explanation of why the are there) is worrisome. Code bug I just don't know. What I saw I saw and my protection systems prevented (I believe) the compromise.

    I am going to spend the next 2 hours uninstalling the traces left of this 'browser' and see what other damage (if any) has been created. (update.. it took a full day, not just two hours).

    This is my advice, as any good programmer would suggest to you: If one hasn't created an uninstall point DO SO and have a backup of your system before you try this 'program' or for that matter, ANY new program. Test it as best as you can, that you can restore your machine to what state it was in before the new program addition. Having backups is important, disk drive failures, other failures..

    I didn't get a "crash" of the program, but there is an UPLOAD LOCATION installed on one's machine as follows:

    \Brave Developers Crashes\crash_checkpoint.txt
    server is https://brave-laptop-updates.herokuapp.com/1/crashes
    maximum 128 reports/day
    reporter is brave-crash-service

    this above, is verbatim out of a file called : "operation_log.txt" in a folder created in:
    AppData\Local\Temp\Brave Developers Crashes

    What I have seen with "developer crash dumps" in general, is that very specific information about one's machine, what files were open, potentially user specific information, passwords, websites visited, etc. could be part of a "crash dump" - that a program has that "automatic upload" to a server (file repository) without notice and permission IRKS me as a spyware or in the minimum malware (without a clean un-install) and files/data being transmitted..

    There are many more things, having to be "uninstalled" which I will screenshot and post in a moment. I won't screenshot my registry for privacy reasons.

    Here are some of the remnants after managing to create a SENIOR account to counter and gain access above the hidden or "locked" account created by "Brave". Going thru each of these to review their contents, and thento delete, afterwhch then will do an intensive REGISTRY SEARCH to see what was changed there as well (sigh), I feel what a mistake trying this - I didn't need this effort !! ALL I wanted was to see how great this new browser is supposed to be. I don't have any way of determining if any firmware was modified either on the hard drives, or motherboard.

    Last edited by Bob; 3rd October 2016 at 06:10.

  4. Link to Post #23
    Scotland Avalon Member
    Join Date
    16th February 2012
    Posts
    2,035
    Thanks
    2,282
    Thanked 9,410 times in 1,804 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    I'm sorry you're having problems. Uninstalling can be a pain.

    You could help Brave out by keeping a log of the hassles you had, and someone could open an issue on Github. What commands did you try, what happened. I know there are non-technical people reading this, but there are programmers here as well. Keeping a log might help others.

    If you don't give any specifics, how can anyone reproduce what you've done?

  5. The Following 3 Users Say Thank You to Daozen For This Post:

    Chanlo23 (3rd October 2016), Hervé (2nd October 2016), Johnny (2nd October 2016)

  6. Link to Post #24
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    I have plenty of specifics, enough to take me two hours to uninstall. I would NEVER create a program that hides from the normal install locations. NEVER.

    try uninstall and see what is left, but before doing that go see WHERE everything is modified, like registry, like non-standard locations for program folders. Anything in Beta should be using standard locations, full documentation, and support. Not turning loose a program into the public and expecting them to sort it.

    AS FAR AS AUTOMATIC CRASH REPORTER SERVICES:

    IT IS CUSTOMARY for a person installing a program to OPT-IN or OPT-OUT for automatically HELPING THE DEVELOPER to see what crashed and to provide a solution.

    THERE WAS NO OPT-IN and NO OPT-OUT option during install. That really bothers me. As I said, not a happy camper.

    I don't like it when programs automatically UPLOAD without notice, or don't ask permission. How about something like this: "We are about to upload sensitive information about your computer, programs you are running, etc. Your clicking OK will say you agree to this..." (or something like that) to some server and state that server and WHY.

    THAT lack of opt-in or opt-out to have sensitive data uploaded without permission I believe strongly is violating good development practices, and it seems to me, all the other developers of the browsers out there would seriously "frown" on this "Brave" browser being so highly rated when it is not openly forthcoming about what all it opens your machine (and privacy apparently) to such as crash reports without user permission.

    AND, there was NO OBVIOUS CRASH HERE running the program. No notice, no warning, nada.

    BUT it created a crash report, with identifying features and apparently wanted to UPLOAD TO THAT SERVER (?) mentioned above, all without my permission.. I call that SPYWARE behavior period per the published definition.
    Last edited by Bob; 3rd October 2016 at 05:29.

  7. Link to Post #25
    United States Administrator ThePythonicCow's Avatar
    Join Date
    4th January 2011
    Location
    North Texas
    Language
    English
    Age
    76
    Posts
    28,581
    Thanks
    30,501
    Thanked 138,438 times in 21,490 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by Bob (here)
    Any suggestions on how to remove it? Like how to actually get access to the permissions for the hidden user account that is created??
    Switch to Linux ?
    My quite dormant website: pauljackson.us

  8. The Following 5 Users Say Thank You to ThePythonicCow For This Post:

    Bob (2nd October 2016), Chanlo23 (3rd October 2016), gord (2nd October 2016), Hervé (2nd October 2016), Johnny (2nd October 2016)

  9. Link to Post #26
    Scotland Avalon Member
    Join Date
    16th February 2012
    Posts
    2,035
    Thanks
    2,282
    Thanked 9,410 times in 1,804 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    I can see the crash logs and screenshots in one of your posts. Names of all the non-standard files would help a lot. Once you have enough posted, someone could open a Github issue.

  10. The Following 4 Users Say Thank You to Daozen For This Post:

    Bob (4th October 2016), Chanlo23 (3rd October 2016), Hervé (2nd October 2016), Johnny (2nd October 2016)

  11. Link to Post #27
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by Paul (here)
    Quote Posted by Bob (here)
    Any suggestions on how to remove it? Like how to actually get access to the permissions for the hidden user account that is created??
    Switch to Linux ?
    I actually do use LINUX, Ubuntu etc.. I tried Brave cause of all the great reviews what worked was to create a SENIOR account EVERYONE, with full permissions above the locked account created by Brave, then hunt for and then delete.. using timestamp searches to look for newly created or modified files.

    What is left is to go thru the registry to clear out that which was modified..

    For an uninstaller for "Brave" I feel very strongly that it has some major issues. (see the search params above). I should NOT have had to create a special permissions account to have to go through and uninstall. There should have been an exact list showing what was done what was modified if any, what will be transmitted to 157.52.65.7:443 (or any other site on a failure).. NO regular unskilled lay person would have been able to just go in, find a way to bypass a file/folder permission lock to correct an install failure. It took many hours to sort this.
    Last edited by Bob; 3rd October 2016 at 05:18.

  12. Link to Post #28
    Scotland Avalon Member
    Join Date
    16th February 2012
    Posts
    2,035
    Thanks
    2,282
    Thanked 9,410 times in 1,804 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by Bob (here)
    Quote Posted by Paul (here)
    Quote Posted by Bob (here)
    Any suggestions on how to remove it? Like how to actually get access to the permissions for the hidden user account that is created??
    Switch to Linux ?
    What is left is to go thru the registry to clear out that which was modified..

    For an uninstaller for "Brave" it has some major issues. (see the search params above). Now if he did what other spyware writers do, he would have changed the file names to something which would not be so easy to search on.
    Which kind of proves it's an early stage bug, not spyware. And who would be silly enough to release open-source spyware? lol.

  13. The Following 4 Users Say Thank You to Daozen For This Post:

    Chanlo23 (3rd October 2016), gord (2nd October 2016), Hervé (2nd October 2016), Johnny (2nd October 2016)

  14. Link to Post #29
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Makes ya wonder doesn't it? SPYWARE uploads private material, user identifyable material, machine identifyable material to another.. Without user permission. I never gave permission for this "Brave" browser to upload to that server.

    Definition reference:

    spy·ware
    ˈspīwer/
    noun
    software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.

    Using that published definition of SPYWARE, I BELIEVE most strongly that issues in the crash reporter feature can be constituted as SPYWARE installed under the delusion of installing the "best" new browser out there able to kick Chrome in the teeth, be faster, etc.. (paraphrased highly) especially without USER authorization/permission to allow private data in "reports" to be sent to the programmer's organization (or other third parties) ... (or in other words, it appears to me to be SOCIAL ENGINEERING to get one to install a seemingly useful program. (like dohh...) fell for it, my bad.. oops. Of course though I have monitors which track what things get installed, so being able to debug all this 'new stuff' is quite interesting.. isn't it? I didn't sign up for a beta-test to test out a new browser to see what issues are present (or not).

    This I feel is some common logic when testing out any new program: (make your system backup, restore points, run the program in a sandbox) and when one installs it, first check in any new program is see what the uninstaller will do, see what tracking information (if any) happens, see what data may be sent to the developer (or others) and under what conditions such will be triggered.. proper checking in other words to see if one can undo an installation cleanly. This failed in step 1 of the check, can it uninstall cleanly, and failed in step 2 is it CLEAN of sending ANY DATA to any other data repository for whatever purposes (calling it crash reporting is convenient to gather data on users' machines, and who knows what else is in the encrypted files created by "Brave" on the user's hard drive. That is going to take more of an analysis, but some things seen in the "compiled" script executables have PRIVATE information in them, machine descriptors, drive identifiers..)

    Rambling a bit here: One thinks a browser just has a simple data cache, to be able to present files from a website, and prevent nasty things from websites from getting in.. THAT it seems to me, is what the public is lead to believe.. That things are safe, 100%.. Bugs happen, of course, but sending user data without their permission, without opt-in or opt-out is in my opinion very wrong. We must TRUST when we install a program that it will meet our expectations, for me security is the highest, will it damage my machine or operating system, will it slow down my machine or operating system, things like that is what I am concerned about.

    ==update==

    finally got the registry cleaned and then proceeded to find the other "hidden names" which were used besides the "brave" - located SquirrelTemp folder and then followed the "setup" steps being done, some of which proceeded to "analyze" my destktop and taskbar, and then tried to create a file to send to a server. I believe I saw my running applications in the list to be "sent" and reported on including my machine identifier, hard drive identifier, etc.

    One particular code line looked interesting:
    Quote System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
    - at that point file permissions were changed (again without the USER's choice to let them be changed)..

    At that point it seems that the "squirrel" setup program looked for ALL RUNNING PROGRAMS and created a list of those (also it seems like it was to upload to the server, but it was STOPPED COLD from doing so). (tmp.node executables were created looking at the time stamp, that contained private machine identifiable data, private personal programs that were on my machine were put INTO the various tmp.node executables and .pf (prefetch) files. It also gave an entry in it's setup log, that it was done "FIXING" (according to a line in one of the files found) my links (again without my permission). I don't need my shortcuts and links "FIXED" by any program/browser. Do no harm? Hardly it seems to me, with this "brave" program/installer - why do my "shortcuts" have to be analyzed and "fixed", what gives this program the RIGHT to do that without my permission? Why are the program's file and folders locked to a permission level that the machine OWNER can not over-ride (like delete the file/folder).

    Afterwards it (the installer program) apparently got pissed(?), and it said: "didn't care" in the log.. (hmmmmmmm).. when it was prohibited from gaining access to more private data and sending it out. Hilarious comments in code? or something else? Unknown and questioning why such was written that way, besides it trying to send a report to that IP..

    Quote Couldn't write uninstall icon, don't care: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions 157.52.65.7:443
    at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
    EXCUSE ME? A programmer writing "DON'T CARE" in the code when the user's system REFUSED to let confidential information be sent UNAUTHORIZED apparently to the Programmer's server, to not put the uninstaller in when an essential feature called UNINSTALL is legitimately NEEDED to completely REMOVE all traces and put back the SYSTEM to it's state BEFORE ONE INSTALLED their "program" ? Can we wonder why Brendan was supposedly "fired" from a past job at a browser company (they say he stepped down). How much of this code was written by Mr. Eick and how much by others? Did he review all the code, check it verify it is secure safe and operating with good programming practices? (take a brief re-read of post https://projectavalon.net/forum4/show...=1#post1102905 ). I suppose in my opinion, politics happens everywhere and anywhere and that a step-down or job changes has nothing to do with how code is written for a particular new and unique application, or that JavaScript ( or possibly old code used elsewhere ) may play a strong role in the setup and maybe running(?)of the new Brave browser. These are unknowns to me, and doing web-searches and having problems with a program gets one concerned. I thought open source with good documentation would help enlighten. What about the public do they trust and how are they assured everything is safe, and will be safe continually?

    The attempt to send data to port 443 is logical. It is a guaranteed special port used for secure file uploading and downloading. 157.52.65.7:443 is what the data was attempted to be sent to and blocked.

    Some background on that port:

    Trojans that use this port:
    W32.Kelvir.M (04.05.2005) - worm that spreads through MSN Messenger and drops a variant of the W32.Spybot.Worm. Connects to IRC servers on the s.defonic2.net and s.majesticwin.com domains, and listens for commands on port 443/tcp.

    Port 443 tcp, protocol, a trojan called "Slapper" uses this

    Legitimate programs also use that port for secure transmissions.. The use of secure ports are important no question.

    MOST firewalls will allow that port (443) to send "secure" data without asking twice. Mine apparently refused at the point of "setup" to let this spyware transmit it's load. I refer to spyware as that which will transmit private data unauthorized by the owner to some location as per the publicly published definition of such. Some may see it differently, but no OPT-OUT, no notice that such will be transmitted certainly is not "best programming practices", is it an oversight? Who knows?

    More background on port 443:

    Quote Fortunately, the fact is that TCP 443 is not a Universal Firewall Port. True, if you're using a simple stateful packet inspection only firewall, you're out of luck, but you've been out of luck for quite some time. However, many proxy based firewalls and dedicated Web proxies are able to look at the information in the HTTP header and block connections based on that header information. This is true for SSTP.
    Who belongs to that IP? - it's in a block called this:
    157.52.64.0 - 157.52.127.255
    CIDR: 157.52.64.0/18
    Organization: Fastly (SKYCA-3)
    RegDate: 2015-04-02
    Updated: 2015-04-02

    Tracing further: Brave.com is currently hosted at Fastly.
    brave.com SOA 21599 chip.ns.cloudflare.com dns@cloudflare.com 2022668191 10000 2400 604800 3600
    brave.com NS 21599 kim.ns.cloudflare.com
    brave.com NS 21599 chip.ns.cloudflare.com
    brave.com A 299 172.111.97.7
    brave.com A 299 172.111.65.7
    brave.com A 299 157.52.97.7
    brave.com A 299 157.52.65.7
    brave.com MX 299 5 alt1.aspmx.l.google.com
    brave.com MX 299 10 aspmx2.googlemail.com
    brave.com MX 299 5 alt2.aspmx.l.google.com
    brave.com MX 299 10 aspmx3.googlemail.com
    brave.com MX 299 1 aspmx.l.google.com
    www.brave.com A 29 151.101.33.7
    www.brave.com CNAME 299 prod.p.ssl.global.fastly.net

    (Source reference: https://who.is/dns/brave.com)

    And public is just supposed to KNOW how to check for this stuff on their own, and just TRUST ? Why is the public then testing out potentially buggy betatest software that could expose private machine information to those not authorized to receive it? I just don't see it that this software is ready for public general non-technical user use.

    references: http://www.nationalreview.com/corner...gn-alec-torres - employees call for CEO to be 'fired'

    Quote [..] thousands have signed a petition calling for new Mozilla CEO Brendan Eich to either openly endorse gay marriage or be fired. Six years ago, Eich donated $1,000 to the successful Proposition 8 campaign that created a constitutional amendment preserving the traditional definition of marriage in California. Eich, who is famous for creating JavaScript, was a co-founder of Mozilla and was appointed CEO after having served as Mozilla’s chief technology officer since 2005.
    https://www.sitepoint.com/interview-...ich-ceo-brave/ -

    Quote Quote by Brendan Eick: Brave is for all people who care about their privacy and browsing speed on the Web, which are closely related concerns due to the rise of intrusive, inefficient, and even dangerous third party advertising technology.
    Sleight of hand? Apparently putting the FOCUS ON AD BLOCKING but neglecting to tell users that their privates can be sent to BRAVE without their permission (when something goes 'allegedly wrong' like during an install) is an interesting kettle and pot issue isn't it? Oooops?

    ==update 2==

    Found out what the other hidden executable files are, JAVASCRIPT executables with some containing what looks like the computer's privates within them.. hmmmmm

    https://www.nsslabs.com/blog/node-js...loit-campaign/ - understanding Node.JS when tmp.node files are created what are they.

    Is Java Script secure? see for instance or do a keyword search on that - http://arstechnica.com/information-t...-in-a-browser/

    Well it can open up HOLES in the machine's secure area.. It could with proper coding allow a specially constructed web page accessed for instance, which may contain certain codes for calling up Java (if that engine is enabled) or to to call up the javascripts or call up programs to run on a user's machine, thereby allowing for remote control in some instances.. and for special "features" to be activated that a browser could not normally perform. That is why JAVA has been labeled as the most obscene engineering development for safety (paraphrasing) in the computer world.. hmmmmm

    And the developer of Javascript is none other than Brian Eick ! weoh... dots more dots.. And now it has been noted by reviewing closely files created at the time of install, the Brave/installer creating what looks like no less than 16 javascript executables just sitting there in an obscure (out of the way) folder possibly waiting to be activated by visiting a webpage with the appropriate CODE on them? If they aren't needed why are they still then there? A logical question to ask when one is concerned about safety, security..

    See my concerns? Dot's connecting, coincidentally or otherwise?

    reference: Can I get a virus or trojan from visiting a website? http://superuser.com/questions/10680...ting-a-website

    Quote Unfortunately, there have been several vulnerabilities in the sandboxes of Javascript, of Java and of Flash, just to name a few. It's still a kind of race between malicious hackers who detect these vulnerabilities to exploit them, and good hackers and developers who detect and fix them. Usually, they are fixed quickly, but there is sometimes a window of vulnerability.

    BTW: The sandbox is the reason some Java applets pop up a "Do you trust this applet" warning on launch: These applets ask you to let them out of their sandbox and to give them access to your computer.
    Why are javascript executables left hidden on the machine?

    Doing a generic search on how JavaScript files can be misused (used for creating trojans, RATs, or backdoors) comes up with this: http://www.bleepingcomputer.com/foru...re-or-rootkit/

    Quote Was going to mention that again, I had a look at the temp folder after the commands and a restart, I see a 7464.tmp.node with some very suspicious wording if opened through notepad ++ or alike. Inbetween all the encoding breaks like NUL.
    Understanding JAVA - http://www.zdnet.com/article/a-close...-java-updates/

    Understanding JAVASCRIPT - the executable - http://people.cs.pitt.edu/~mehmud/cs...vascript1.html "the term script-kiddie" refers to using script snippets pasted together to create nefarious activity on one's computer from having received a payload by visiting a properly crafted webpage. (Malicious website). I guess I should have been running this in a sandbox. Social testimony you know is certainly moving. It leads one it seems to let down one's guard. Great promises are certainly compelling, but never ever it seems to me take security for granted.

    More References:
    The difference between JAVA and JavaScript - http://www.htmlgoodies.com/beyond/ja...JavaScript.htm

    Quote So... what is the difference between Java and JavaScript anyway?

    They are both similar and quite different depending on how you look at them. First their lineage:
    Java is an Object Oriented Programming (OOP) language created by James Gosling of Sun Microsystems.

    JavaScript is a scripting language that was created by the fine people at Netscape and was originally known as LiveScript. JavaScript is a (very) distant cousin of Java in that it is also an OOP language.

    Many of their programming structures are similar. However, JavaScript contains a much smaller and simpler set of commands than does Java. It is easier for the average weekend warrior to understand.

    You may be wondering what OOP means by now. Object Oriented Programming is a relatively new concept, whereas the sum of the parts of a program make up the whole. Think of it this way: you are building a model car. You build the engine first.

    It can stand alone. It is an engine and everyone can see it's an engine. Next you build the body. It can also stand alone. Finally, you build the interior including the seats, steering wheel, and whatnot. Each, by itself is a object.

    But it is not a fully functioning car until all the pieces are put together. The sum of the objects (parts) make up the whole.
    The issue with the hidden xxxx.tmp.node files - a user writes a question about the tmp.node files (mentioned finding these types of files in my machine after running the brave installer) "what are they" (I noticed in some of them it started with "this program cannot run in DOS MODE" and then later in the file privates from my machine apparently were compiled INTO some of these files. They were part of the squirrel installer it looks like.)

    Quote Some Coding, Samples within the xxxx.tmp.node files which were created during the installation:

    <assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
    <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
    <requestedPrivileges>
    <requestedExecutionLevel level='asInvoker' uiAccess='false' />
    </requestedPrivileges>
    </security>
    </trustInfo>
    </assembly>

    =============

    Locator' too long getPassword addPassword deletePassword findPassword ..\src\main.cc keytar

    ==============

    in other words that section of the code deals with "getting or finding PASSWORDS, adding - no browser program has ANY RIGHT to get my passwords, period.

    ==============
    JIT must be enabled) Microsoft Visual C++ Library (JIT, Just in time debugging)
    ==============
    RtlCaptureContext
    GetStartupInfoW
    IsDebuggerPresent
    GetSystemTimeAsFileTime
    SetFile
    CreateFile
    DeleteCriticalSection
    /json/
    c: \bbondy\.node-gyp\io-js-1.3.3 "IS NEAR DEATH" ()
    ========================================================

    One starts to see things like this about getting passwords, capturing data, changing execution levels, it gets very worrisome
    Last edited by Bob; 3rd October 2016 at 20:40.

  15. Link to Post #30
    Germany Avalon Member
    Join Date
    18th July 2014
    Location
    Germany
    Age
    61
    Posts
    277
    Thanks
    992
    Thanked 2,027 times in 268 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by Paul (here)
    Olaf - can you say more about what motivates you to avoid Google's Chrome wherever possible?
    Because Chrome knows everything about your internet behaviour when you use it. It can track you across all sites that you visit. It may even resolve the URLs that you call by its own DNS. It knows your cookies. It knows your passwords. And it may send some of this information to google. It would not be possible to check any way in which this might happen.

    Of course I cannot proof this. I'm simply suspicious.

    Even if you only use one of the Google DNS servers, Google knows every page you visisit. And with the call of only one single Google ad in one of those websites ist also knows your identity and can connect it to your DNS requests.

    At least in the current versions Otter browser and Vivaldi just don't have any interest in knowing those things, because they are not able to make money from it.

    On the other side: Browsers that earn money by presenting you their own advertisements - such as Opera (>12.x) and perhaps Brave naturally must have an interest in tracking your identity.

  16. The Following 6 Users Say Thank You to Olaf For This Post:

    Bob (2nd October 2016), Chanlo23 (3rd October 2016), GaelVictor (2nd October 2016), Hervé (2nd October 2016), Johnny (2nd October 2016), ThePythonicCow (2nd October 2016)

  17. Link to Post #31
    Avalon Member Hughe's Avatar
    Join Date
    19th November 2010
    Location
    Earth
    Posts
    966
    Thanks
    1,129
    Thanked 4,103 times in 806 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Firefox became a bloated software that newer version gets slow, bulky.
    Since I switched to Pale Moon web brower, I'm enjoying solid web browing that I used have from old Firefox.
    Add-ons:
    Adblock Latitude
    Password Exporter
    Flash Video Downloader
    Plugins:
    Shockwave Flash
    For free society!

  18. The Following 4 Users Say Thank You to Hughe For This Post:

    Bob (2nd October 2016), Chanlo23 (3rd October 2016), Hervé (2nd October 2016), Johnny (2nd October 2016)

  19. Link to Post #32
    Germany Avalon Member
    Join Date
    18th July 2014
    Location
    Germany
    Age
    61
    Posts
    277
    Thanks
    992
    Thanked 2,027 times in 268 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    (deleted - I've found a wrong entry in my firewall which caused the described behavior)
    Last edited by Olaf; 2nd October 2016 at 14:34.

  20. The Following 6 Users Say Thank You to Olaf For This Post:

    Chanlo23 (3rd October 2016), GaelVictor (2nd October 2016), Johnny (2nd October 2016), ponda (2nd October 2016), sunpaw (2nd October 2016), uzn (2nd October 2016)

  21. Link to Post #33
    United States Administrator ThePythonicCow's Avatar
    Join Date
    4th January 2011
    Location
    North Texas
    Language
    English
    Age
    76
    Posts
    28,581
    Thanks
    30,501
    Thanked 138,438 times in 21,490 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by Olaf (here)
    Brave is using a SSL or VPN connection to remote port 443 to access everything. Sometimes also port 80.
    Brave, by default (that you can disable in Brave if you want to) tries to promote all its connections to server port 80 (plain text http) to port 443 (ssl encrypted https).

    Is that what you're seeing?
    My quite dormant website: pauljackson.us

  22. The Following 3 Users Say Thank You to ThePythonicCow For This Post:

    Bob (2nd October 2016), Chanlo23 (3rd October 2016), Johnny (2nd October 2016)

  23. Link to Post #34
    Germany Avalon Member Michi's Avatar
    Join Date
    17th April 2015
    Location
    Reinbek, Germany
    Language
    German
    Posts
    458
    Thanks
    3,826
    Thanked 3,206 times in 437 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    I noticed something odd too: I usually use the Adblocker browser on my Android Smartphone and I wanted to give Brave a try and installed it. The next day I uninstalled it and when I used my Adblocker browser again, it reported at the cleanup option about some potential harmful elements which I had it clean up.
    I am not fully sure, if that was caused by Brave.
    Has anyone experienced the same issue?
    Last edited by Michi; 2nd October 2016 at 13:03.
    "The greatest good you can do for another is not just share your riches, but to reveal to him his own."
    -- Benjamin Disraeli

  24. The Following 3 Users Say Thank You to Michi For This Post:

    Bob (2nd October 2016), Chanlo23 (3rd October 2016), Johnny (2nd October 2016)

  25. Link to Post #35
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by devplan (here)
    I noticed something odd too: I usually use the Adblocker browser on my Android Smartphone and I wanted to give Brave a try and installed it. The next day I uninstalled it and when I used my Adblocker browser again, it reported at the cleanup option about some potential harmful elements which I had it clean up.
    I am not fully sure, if that was caused by Brave.
    Has anyone experienced the same issue?
    I tried it on Win 10 which was the worst and most difficult to cleanup, uninstall (one can review another user reporting on win10 uninstall of 'brave browser' HERE, and on a Windows 7 OS. Of course the leading name browsers have adware reporting and cookie checking for referrals. Chrome has a very good blocker called Ghostery if you want to add that. (Interesting watching for instance PA popup GoogleTranslate (when using chrome) and DoubleClick on some pages too)

    I personallywouldn't try it on the smartphones, what I have seen with smartphones is there is just not enough ability to get into the hidden folders within the Smartphones (maybe developers can do that, but a normal user can't). At least Brave's uploader wanted secure 443 to it's report gathering website when it was trying to send private information about my computer, its running programs to their repository (based on the IP and links found within the log files and script files). I suppose so nobody else would get them. Probably just for "statistical" purposes to debug why their program wouldn't run. Didn't NSA say something like that, we are just gathering statistical data, not actually looking/listening.. just really annoyed I wasn't asked if I wanted private data sent to some site without my permission.

    Some one doing a blow by blow analysis (Peer Review, it is OPEN SOURCE RIGHT?), including how billing is accomplished, how one's passwords, wallet, programs one is running, bank account numbers/ID's, in general, maybe looking into the security section code (not just saying it's secure on port 443) for transferring funds to Brave.. how all that is guaranteed that your machine will never be snooped on by them or their associates, would be a great exercise. I don't have the month to get into that much code to do a security check..

    References: - how NSA data is worked with - "how your data becomes 'our' data" https://nsa.gov1.info/surveillance/ - if you haven't seen this webpage, it may be a great read.. when one see's what may be holes in a "brower's" way of doing things, just maybe one may need to take a closer look.. I did when this didn't uninstall properly.. Glad I did.
    Last edited by Bob; 3rd October 2016 at 04:40.

  26. Link to Post #36
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Quote Posted by Paul (here)
    Quote Posted by Olaf (here)
    It is allways a good idea to use different browsers for different purposes - especially when you are interested in your privacy.

    Google ads and other ads from advertising networks track your identity across many websites, including project avalon (due to the Google translate module).

    Currently I am using:
    ...

    Google Chrome
    - you should use this one only for one single purpose: to use the special function of Google that cannot be accessed by other browsers (such as: advanced image search)
    That seems to me like a good idea to spread one's usage over multiple browsers, to limit tracking.

    Avalon's use of Google translate, which causes hits on Google servers everytime anyone loads most any page of the Avalon forum, bothers me ... but I haven't done anything to see if this can be avoided, outside of asking Ilie about it once, a year or two ago, and he didn't think it would be easy to avoid hitting the Google servers on each Avalon page load, short of removing what some users might find to be a useful facility.

    Olaf - can you say more about what motivates you to avoid Google's Chrome wherever possible?
    As to turning off trackers - I had mentioned Ghostery which is a Chrome extension, that blocks PA's use of GoogleTranslate, and also DoubleClick (tracker) which also appears on some PA pages.. Not sure why DoubleClick would be appearing unless it is somehow associated with some "image". BTW, I didn't see any way to guarantee a full turn off of full tracking in Brave for the brief time I had it up trying out it's "features".

    I haven't had any major issues using Chrome with the proper added extensions. I have seen going to a webpage WITH a drive-by downloader/installer such will lock up the browser and using the taskmanager is needed to stop chrome, and NOT re-open the infected page (on that particular tab), such requires step by step re-opening of the tabs, but such is stored in history to make an easy get back to. If Chrome absolutely knew what to FLAG as a corrupted webpage with a dropper on it, that would be handy. (I bumped into one when looking for a webpage discussing publisher legal action to be taken against BRAVE for destroying their Ads and found that corrupted page "trap". Spyware checks for anything dropped showed nothing got through).

    So it's not a matter of finding a way to remove GoogleTranslate from PA, or any other VBulletin Forum.., I personally would use Chrome and use Ghostery to block all webpage trackers. I don't have any speed issues using Chrome, with PixelBlock for instance turned on to assist with blocking tracking in looking at one's email from the browser.

    For example on VBulletin, (this forum's Forum software) this code is used: http://translate.google.com/translat...ateElementInit Failed to load resource: net::ERR_BLOCKED_BY_CLIENT and you can see Ghostery blocking the tracking attempt.

    Quick history on Forum Software and Browsers: VBulletin seems to have the GoogleTranslate "tracker" built-in (possibly other add-ons used for other "statistical purposes" as well).

    PA's VBulletin forum software also uses vbulletin_Ajax_suggest.js @ https://projectavalon.net/forum4/clie...ggest.js?v=411 .. if you are curious about what is happening on the Forum webpages, use CHROME and turn on "USE INSPECT" and turn on the Applications tab. If you are experienced it should make sense to you the immensity of the VBulletin Software, and if you are not experienced, it will be a whole lot of cornfusing mumbo-jumbo

    SCRIPTS are used everywhere (Java's claim to fame) to make it "easier" for programmers to do fancy things which simple HTML code can't do (at this time). The question has always been, are the SCRIPTS that one finds being used wherever perfectly cleared and SAFE. One has to TRUST and BELIEVE that such scripts are safe as they are not fully explained how they work, why they work, what they access and HOW.

    I haven't analyzed WHY VBulletin NEEDS to have a GoogleAnalytics type of tracker as part of their "analytics" feature (and why so much YAHOO CODE is used). Why does a Forum need to continue to analyze where a user goes? Statistics, what threads visited, thanks? Just wondering out loud..

    I'm looking for more statistical extensions also, to get a better packet by packet "clean display" to see what is going where. (I've recently just had to deal with what appears to be the NSA "man in the middle" issues tied into my ISP, apparently without the ISP's knowledge.. that was a wakeup call to them it seems.. if I believe their network operations center reports...) To me knowing what is going on when one clicks on a link is important.

    Hearing that "Brave" was so security conscious (even mentioned at the outset of the thread) certainly got me to "try" the program.. User testimony one would assume certainly would get people to pay attention to anything new, of course it seems to me. I definitely paid attention !

    I found more programs installed that came out of the "squirrel" (literally that is the name) installer, installed/used during the "Brave" installation, that I am still analyzing - like why would it seem that Brave would need machine privates to then encrypt and store in it's hidden files, why would it need to elevate itself ABOVE normal system levels to be able to write itself and not let a regular general public-style user not be able to remove (is that good programming practices?) - all those are signs (typically in security checking) that something was "dropped" at least with properly removing the program(s), its 'leftovers' on trying to use their "uninstaller".

    Hopefully, it seems to me, in the future all those observed issues will be corrected, maybe they are "non-issues" when one get's down into the full technical nitty-gritty and Brave will join the ranks of something guaranteed to be secure, fast, safe by demonstrating that it will NEVER do reporting to their website (or FTP or other repository) user "privates" without their express permission.

    - What has been observed was about not getting too overly technical but trying to express concerns seen during trying to uninstall and clean up. What was seen is enough for me to red flag potential questionable points. Make your own choice to explore obviously.

    If others are able to fully take apart "brave" browser and report on each feature, install function, their method or reporting "bug issues", determining if in the light or hidden, such would apparently be a good service to 'brave' and others using that browser - by all means giving them a 'chance' is certainly a noble position. A forum is a good place to share our observations and there are some great technical people who may have the time to do this.

    references cited or related:
    This link may be useful for users (like me) who had difficulty uninstalling "brave" browser: http://www.advanceduninstaller.com/B...pplication.htm I have not checked AdvancedUninstaller PRO, nor can I say it is or isn't safe to use. They even have a disclaimer on their page which says this:

    Quote Disclaimer

    This page is not a recommendation to remove Brave by Brave Software from your computer, nor are we saying that Brave by Brave Software is not a good application for your PC. This page only contains detailed instructions on how to remove Brave supposing you decide this is what you want to do. The information above contains registry and disk entries that other software left behind and Advanced Uninstaller PRO discovered and classified as "leftovers" on other users' computers.
    NOTE: JAVA and JAVASCRIPT are two different things - see : http://www.htmlgoodies.com/beyond/ja...JavaScript.htm


    Quote So... what is the difference between Java and JavaScript anyway?

    They are both similar and quite different depending on how you look at them. First their lineage:
    Java is an Object Oriented Programming (OOP) language created by James Gosling of Sun Microsystems. JavaScript is a scripting language that was created by the fine people at Netscape and was originally known as LiveScript. JavaScript is a (very) distant cousin of Java in that it is also an OOP language. Many of their programming structures are similar. However, JavaScript contains a much smaller and simpler set of commands than does Java. It is easier for the average weekend warrior to understand.

    You may be wondering what OOP means by now. Object Oriented Programming is a relatively new concept, whereas the sum of the parts of a program make up the whole. Think of it this way: you are building a model car. You build the engine first. It can stand alone. It is an engine and everyone can see it's an engine. Next you build the body. It can also stand alone. Finally, you build the interior including the seats, steering wheel, and whatnot. Each, by itself is a object. But it is not a fully functioning car until all the pieces are put together. The sum of the objects (parts) make up the whole.

    Now let's talk about how Java and JavaScript differ. The main difference is that Java can stand on its own while JavaScript must (primarily) be placed inside an HTML document to function. Java is a much larger and more complicated language that creates "standalone" applications. A Java "applet" (so-called because it is a little application) is a fully contained program.

    JavaScript is text that is fed into a browser that can interpret it and then it is enacted by the browser--although today's web apps are starting to blur the line between traditional desktop applications and those which are created using the traditional web technologies: JavaScript, HTML and CSS.

    Another major difference is how the language is presented to the end user (that's you when you're surfing).

    Java must be compiled into what is known as a "machine language" before it can be run on the Web. Basically what happens is after the programmer writes the Java program and checks it for errors, he or she hands the text over to another computer program that changes the text code into a smaller language. That smaller language is formatted so that it is seen by the computer as a set program with definite beginning and ending points. Nothing can be added to it and nothing can be subtracted without destroying the program.

    JavaScript is text-based. You write it to an HTML document and it is run through a browser. You can alter it after it runs and run it again and again. Once the Java is compiled, it is set. Sure, you can go back to the original text and alter it, but then you need to compile again.
    Last edited by Bob; 3rd October 2016 at 19:12.

  27. Link to Post #37
    Scotland Avalon Member
    Join Date
    16th February 2012
    Posts
    2,035
    Thanks
    2,282
    Thanked 9,410 times in 1,804 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    That's some interesting information Bob. I agree 100% that Browsers shouldn't be sending crash dumps to external servers without explicit permission. We need to do something about this trend.

    I would hope that this is just an innocent design choice on the part of the Brave team. As you said, it's good to bring it to their attention and see how they respond.

    Javascript is well know for it's security flaws. Unfortunately we're stuck with it, as it's the language of the web. 93 percent of sites use it. VBulliten software uses it for the Project Avalon Thanks and editor button, for example. I used F12/Inspect Element and went to sources. Under Scripts, it's all JS. So every time you log onto a site, its Javascript. So there's nothing intrinsically alarming about Javascript, but it does open up security holes. They're well documented and there are fixes for most of them. The document is for NodeJS, a server side implementation of Javascript.

    http://bishankochher.blogspot.com/20...-and-ugly.html

    Quote One particular code line stands out:
    System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
    - at that point file permissions were changed (again without the USER's choice to let them be changed)..
    But a program altering user permissions as it sets itself up? That might be user friendly, but some security minded people might not like it.

  28. The Following 2 Users Say Thank You to Daozen For This Post:

    Bob (3rd October 2016), Chanlo23 (3rd October 2016)

  29. Link to Post #38
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    And if it weren't for security minded people, whistleblowers people who want security, where would we be? Why did Snowden need to let the world know be-aware and not just blindly trust and follow social media "engineering" leading the 'sheeple'? The developer of JavaScript, none other that the person mentioned in the title of the thread for Brave should know darned well about doing proper coding without leaving loose "java executables" around. In my opinion, it seems not that we need a new browser we need better security and user ability to opt-in to ads for instance which may let's say get them benefits for viewing the ad.. like points to let some free game or other benefit - more view more points/coupons or whatever.. Don't want the benefits, OPT-OUT. Brave in their page appears to claim that is the strategy, OPT-IN or OPT-OUT and get paid for viewing (at least that is how I read it..) Can anyone explain how security is guaranteed within the code? How JavaScript IS NOT going to be used? Anywhere with the code?

    What Brave has done it appears is opened up in the publishing world threats of injunctions. (see https://www.wired.com/2016/04/brave-...shers-respond/ - "Publishers Strike Back at a Browser That Replaces Their Ads"

    I can only imagine what other issues happen when private information is sent without user/owner permission. Do we know looking at the "black list" within "brave" (sites that would have their ads substituted for instance) if that would or wouldn't constitute conspiracy or racketeering? Who gets to not be on the ad blacklist? Did they pay for such a position? Brave claims certain ads WILL be allowed to make it through to the end user. Hmmmmm Favorites? Playing or could one assume at one point "paying" favorites? Make a donation and get your Ad pushed to users? What's different from that than google? or other browsers who let ads in? Are those questions that can be asked? What is a safe Ad and what is not?

    Seems to me there are more issues than just "hole-y" JavaScript to worry about. 93% that is quite a statement, seems to me some of the reasons why ZERO DAY (unreported holes) are able to still be discovered. They aren't just easily patched and fixed all the time (there are threads about some of the Android, OPEN SOURCE) holes, like going open source doesn't just guarantee that things are safe, and secure, just maybe that the holes are more complex in some cases and maybe one cannot necessarily see what's under one's nose (take StageFright hole discussed in another thread)..

    Taking security seriously I think is more important that complaining about ads and using that as the feature to "sell" one's new browser. Just me saying what I think is important. Asking some questions that anyone would ask when needing to understand what we trust private data, like passwords, like access to Admin for servers, webpages, sites... security should be on everyone's mind. Snowden made it clear and paid a high price bringing to the world issues which were continually poopoo'd or glossed over or "socially engineered", out of mind, out of sight..

    team: https://brave.com/about.html

    Hi to Brian Clifton !

    reference: https://brave.com/about_ad_replacement.html What Ad Replacement means.

    Quote What is Brave Ad Replacement?
    Brave’s goal is to speed up the web, stop bad ads and pay publishers. One of the ways we plan to accomplish this is with ad replacements. We will also invite users to fund their wallets and to use those funds to pay the publishers of their favorite websites.
    Judgement call? from the Ad Replacement page:

    Quote Step Two: Brave Replaces Ads
    We recognize that ads pay for most of our web content. Ads are not going away. So we replace the bad ads with Brave Ads, which we use to pay publishers and users. Brave Ads use anonymous protocols — not tracking pixels — to confirm impressions (details about anonymity coming soon). And unlike the ads we remove, Brave ad replacements have a negligible effect on loading performance.
    The browser is going to determine? Or the programming team? B.E. or just how? Speed, tracking what issues are the criteria for ads making it through or for tracking data to make it through?

    Answering my own question rhetorically we are offered this explanation HOW it works - Users are given a chance to say NO ADs (block), or Substitute Ads (generates some coin for viewing) - best to read it HERE - https://brave.com/blogpost_2.html how they describe how it works. Ad Blocking or Ad substitution and "Rewards".
    Last edited by Bob; 3rd October 2016 at 03:52.

  30. Link to Post #39
    Unsubscribed
    Join Date
    23rd June 2013
    Location
    North America
    Age
    72
    Posts
    6,884
    Thanks
    12,723
    Thanked 29,293 times in 6,140 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    I want to let the Forum know that we have as a new Member, Brian Clifton (member nick BraveClifton), a leading developer at Brave.

    He has been following the thread and is eager to help us all understand better all about Brave, the Browser, and share with the community.

    Another member has applied, Jonathan Sampson, also from Brave Software.

    Brian has some fantastic experience - at Brave, he is titled: Senior Software Engineer, Desktop/Electron

    I didn't see a listing for Jonathan Sampson on the Brave page (Jonathan would you introduce yourself to the forum? : https://brave.com/about.html possibly he could introduce himself to the community.

    Brian - Engineer @brave. Previously @GoDaddy & @intel. I love Mexican food and writing code in C++ and JavaScript. - (github: https://github.com/bsclifton)



    (I love Mexican food too, the hotter the better ! We both have a passion for writing in C )

    From his blog: https://blog.clifton.io/leaving-godaddy/

    Quote I started getting involved in early April 2016 after trying the browser out.

    While I love the project and its vision, it felt very rough around the edges at the time and I wanted to help do my part.

    I started off by contributing small fixes: adding favicons to the bookmarks toolbar, fixing rendering issues on Windows, fixing bugs, and reworking the context menus. I moved onto larger scope issues like making sure the window state is saved (window position / full screen status / maximized status), adding a really nice live tile for Brave on Windows 10, and fixing the way the session is stored to disk.

    I did this all in my free time at night or on weekends when I was at GoDaddy as my professional growth goal. Along the way, I got a chance to meet the team and learned more about modern JavaScript and React. My favorite technology to learn about was/is Electron, an open source project maintained by GitHub. Electron is basically a web browser that is hardcoded to only load your application. You do your UI in HTML / CSS / JavaScript and unlike typical web development, you don’t have to worry about “How does this look in {{BrowserName}}?”. When you package your app, Electron includes (and wraps with a JavaScript API) components from the Chromium browser. There are several cool projects using electron, like Slack, Visual Studio Code, and of course, Atom.

    Every aspect of Brave is personally appealing to me. True to its name, this small company is taking parts of Chromium (specifically libchromiumcontent), a project that advertising giant Google has put a lot of blood, sweat, and tears into, and using it to make a new browser which stands up against their core business.
    Jonathan Sampson - Brave Software



    Quote Building the web since the 90's.

    Stack Overflow Moderator from 2010-2013.
    Passionately tending to HTML, CSS, and JavaScript's needs.
    GitHub: https://github.com/jonathansampson

    Twitter posting - https://twitter.com/sampsonmsft/stat...94139546169344
    Quote I'm about to teach you how to use the Performance tools in Microsoft Edge. Tune in for a quick crash course!
    Jonathan says on his facebook page: https://www.facebook.com/jonathanjds...PAGES_TIMELINE

    Quote Starting this month, I'm joining the great people at @brave to face these challenges head-on. To make the web work for publishers and users.
    Let us give a warm welcome to the two Brave Software employees, and some of the leading experts in Web Development !

    (Brian and Jonathan, would you say hi to the Forum ?)
    Last edited by Bob; 3rd October 2016 at 17:47.

  31. Link to Post #40
    United States Administrator ThePythonicCow's Avatar
    Join Date
    4th January 2011
    Location
    North Texas
    Language
    English
    Age
    76
    Posts
    28,581
    Thanks
    30,501
    Thanked 138,438 times in 21,490 posts

    Default Re: The "Brave" Browser Created by Firefox Web Browser Creator Brendan Eich

    Welcome BraveClifton and Jonathan Sampson.

    I'd be quite interested in hearing more about Brave, including even geeky details, discussing the issues raised above by some of our other members. I'm a firm believer in open source (been doing it for decades) and open discussions.
    My quite dormant website: pauljackson.us

  32. The Following 9 Users Say Thank You to ThePythonicCow For This Post:

    Akasha (3rd October 2016), Bill Ryan (3rd October 2016), Billy (3rd October 2016), Bob (3rd October 2016), Ewan (6th October 2016), Johnny (4th October 2016), meeradas (3rd October 2016), PathWalker (3rd October 2016), Sierra (4th October 2016)

+ Reply to Thread
Page 2 of 5 FirstFirst 1 2 5 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts