Brave Browser-Maker Launches Privacy-Friendly News Reader

An anonymous reader quotes a report from Ars Technica: Brave Software, maker of the Brave Web browser, is introducing a news reader that's designed to protect user privacy by preventing parties -- both internal and third party -- from tracking the sites, articles, and story topics people view. Brave Today, as the service is called, is using technology that the company says sets it apart from news services offered by Google and Facebook. It's designed to deliver personalized news feeds in a way that leaves no trail for Brave, ISPs, and third parties to track. The new service is part of Brave's strategy of differentiating its browser as more privacy-friendly than its competitors'.

Key to Brave Today is a new content delivery network the company is unveiling. Typically, news services use a single CDN to cache content and then serve it to users. This allows the CDN or the service using it to see both the IP address and news feed of each user, and over time, that data can help services build detailed profiles of a person's interests. The Brave Today CDN takes a different approach. It's designed in a way that separates a user's IP address from the content they request. One entity offers a load-balancing service that receives TLS-encrypted traffic from the user. The load balancer then passes the traffic on to the CDN that processes the request.

The load balancer knows the user's IP address but, because the request is encrypted, has no visibility into the content the user is seeking. The CDN, meanwhile, sees only the request but has no way of knowing the IP address that's making it. Responses are delivered in reverse order. To prevent the data from being combined, Brave says that it will use one provider for load balancing and a different one for content delivery. To prevent the load-balancing provider from using the size of the requests and responses to infer the contents of the encrypted data, the service will also use a technique called padding, which adds characters to the plaintext before it's encrypted. The CDN uses several other techniques to preserve the anonymity of users. Among them: stripping out various headers that could be used to identify the person making the request. Furthermore, Brave is also taking steps to shield user information from its own employees. "... [T]he company has configured its account with the load-balancing provider to restrict access to its logging resources," reports Ars. "The load-balancing provider also doesn't provide the ability for customers to use the proxy protocol to inject the requester's IP address into outgoing requests. In case that changes, however, Brave has also entered into a contract with the load balancer that restricts access to logs or use of the protocol, even if Brave asks."

Ironic

[backslashdot]

Haha Brave. They got caught red handed a few months ago spying on users and now they are talking privacy BS?

Re:

[Anonymous Coward]

https://brave.com/referral-cod... [brave.com]

It sounds like when autocompleting typed URLs, the browser was accidentally making a link with Brave's affiliate code appended the default suggestion for certain websites. They say their intention was to always make the default suggestion a plain link to the website or search term and allow the user to explicitly choose to use the affiliate code-containing link. A new version of the browser fixing the bug was released within a couple of days.

Whether you agree with suggesting

Re:

[bill_mcgonigle]

> They got caught red handed a few months ago spying on users

This claim requires evidence. When and how did they spy on users?

Re:

[drinkypoo]

It does phone home at startup, though that's all I know of. They also permit tracking by Facebook by default.

So trust one data collector instead of another?

[ffkom]

Why would one deem a company that alters displayed web pages for their profit [wikipedia.org] more trustworthy of one's reading history than any of the CDNs? (And by the way: The article stipulates that every web site needs a CDN to function, which of course it not the case. You can still host your stuff yourself.)

Re:

[bill_mcgonigle]

> Why would one deem a company that alters displayed web pages for their profit

Criticism is good. Wrong criticism is detrimental.

Go read their blog if you care. They didn't alter displayed web pages, as claimed above. Actually, that's a main reason to use Brave, and probably why most people use Brave - they want Brave to remove the ads and trackers, thereby altering the display of web pages.

Whether through error or not, they appended a ?r=12345 code to certain URL's to get referral points, where 12345

IT'S AWFUL

[greytree]

I want a good news reader.
This is NOT a good news reader.
It SUCKS - do the Brave developers even USE news readers ?
Flipboard is ay better than this, and even that is pretty bad.

What YEAR is this?

[jonadab]

Who the heck is looking for a new newsreader in 2020? Are there even still ISPs that offer a newsfeed? I mean, I know there are outfits you can get one from (e.g., Eternal September), but you have to go way out of your way to find that, and the folks who do, generally are old hands who are set in their ways and already know precisely what newsreader they want to use (typically, the same one they used thirty years ago). Who on earth is looking to switch to a different newsreader at this point?