Features: Chromium-based | Blocks third-party ad trackers | Blocks cookies
Brave is a Chromium-based browser that by default blocks ads, fingerprinting and ad-trackers. Brave in January announced it had passed 50 million monthly active users, which is still a fraction of Chrome’s 3.3 billion users across desktop and mobile.
Brave’s business model relies on privacy-protecting ads that can pay publishers and users with Basic Attention Tokens (BAT) when users pay attention to ads. It also recently acquired Tailcat to launch Brave Search, so it can provide a privacy-focussed alternative to Google Chrome and Google Search.
Brave’s privacy record isn’t unblemished. Eich in 2020 apologized to customers after being caught sharing default autocomplete answers with an affiliate cryptocurrency exchange.
Still, a recent study by Professor Douglas J. Leith at Trinity College at the University of Dublin rated Brave as the most private browser over Google Chrome, Mozilla Firefox, Apple Safari, and Chromium-based Microsoft Edge.
Leith looked at how much browsers communicate to each browser maker’s backend servers. Brave did not use any identifiers allowing the IP addresses to be tracked over time, and did not share details of web pages visited with its backend servers. By contrast Chrome, Firefox and Safari tagged telemetry data with identifiers linked to each browser instance.
Brave has removed a ton of Google code from its version of Chromium to improve user privacy and has also come out hard against Google’s FLoC ID proposal, which is beginning to roll out to Chrome users but will not been enabled in Brave.
Brave has several privacy-enhancing settings with options to block third-party ad trackers, a toggle for upgrading unsecured connections to HTTPS, cookie blocking and fingerprinting blocking. Users can adjust these in Settings with in the Shields and Privacy and security sections.
Despite alarm over FLoC, Olejnik says it is preferable to third-party cookies from a privacy standpoint, but he’s holding off judgement until he sees the final design.
FLoC is a type of fingerprint designed to replace third-party cookies. In this scheme, Google assigns a FLoC ID to clusters of Chrome users with similar interests, allowing for some privacy by letting individuals ‘hide within crowds’, as Google put it, while still delivering targeted ads to advertisers.
Still, Olejnik found the initial implementation of FLoC can leak users web browsing histories, so taking cover in the crowd might not actually work as intended yet.
“If I had to choose between third-party cookies or FLoC, I would choose FLoC. But it all depends on the final design and configuration. Care must be exerted in the design to avert the risk of data leaks,” Olejnik says.
“In my tests of the initial version, I verified that leaks of web browsing histories are indeed possible. But I am sure that the final solution would have to have some privacy settings designed and implemented. In current testing FloC, this is not the case.”
- Chromium challenger
- Privacy-focused by default
- Not in the traditional online ad business
- A fast experience
- No obvious negatives but issues in the past show it is not perfect