When I first met the browser Brave, I thought it to be a Chinese app. With such a name and such a logo, what was I to believe? It wasn’t ING’s lion, so it might have been some Chinese kitsch (à la UC Browser’s orange squirrel). Alas, it wasn’t, and now it’s the trendiest browser out there.

§1. The present status

Everyone loves Brave nowadays. Some accolades:

  • Jesse Smith, Distrowatch, November 1, 2021: Selecting a new web browser and feeling Brave. “The Brave browser hits most of the points I want from my primary portal to the Internet. It’s quick, open source, fairly flexible, and it has been surprisingly stable. […] I greatly appreciate the browser’s privacy defaults, the fact it ships with Tor as a built-in option, its private mode, and randomized browser fingerprint. […] One final thing I appreciate about Brave is that it feels like it is intended to be a web browser and just a web browser. While we can add extra extensions and enable BAT ads, by default Brave doesn’t try to work with mail, or nag me to set up an account to synchronize my passwords. It just offers a portal to websites and this is primarily what I was looking to find.”
  • Brian X. Chen, The New York Times, March 31, 2021: If You Care About Privacy, It’s Time to Try a New Web Browser. “For me, Brave won by a hair. My favorite websites loaded flawlessly, and I enjoyed the clean look of ad-free sites, along with the flexibility of opting in to see ads whenever I felt like it.”
  • Catalin Cimpanu, ZDNet, March 2, 2021: Brave deemed most private browser in terms of ‘phoning home’. He was citing a research report published by the School of Computer Science and Statistics at Trinity College Dublin: “Prof. Leith says that in their «out of the box» states, Brave is by far the most private browser, sending back the fewest amount of information. «We did not find any use of identifiers allowing tracking of IP address overtime, and no sharing of the details of web pages visited with backend servers,» he said.”

Who loves Brave beyond measure? A few examples:

§2. The ugly part of Brave

The ugliest part of Brave is its business model. I understand that any company needs to make money, even when they claim to care about your privacy and even as they pretend that you are not the product, but how are they doing that in the case of Brave?

Brave uses its Basic Attention Token (BAT) to drive revenue. This has been marketed as innocently as Paying You to Watch Ads in Its Web Browser:

[…] an opt-in setting to view ads in exchange for reward tokens, which can be used to either support their favorite websites or, in the future, be exchanged for things like hotel stays or gift cards.
[…] For each ad viewed, Brave says its users will receive 70 percent of the revenue while the company will keep the change. […]
At the end of each monthly cycle, users who choose to view ads will be rewarded in Basic Attention Tokens (BAT), the Brave currency that users can, for now, choose to give to their top-visited websites—the default option, per TechCrunch—or gift to their favorite creators on platforms like YouTube. Additionally, Brave says it’s “working on an option to let users withdraw BAT from their wallets for personal use, converting their BAT to a local fiat currency through exchange partners.”

In reality, BAT is actually a cryptocurrency or, as I call such stuff, cryptoshit! It’s not as bad as if they were using your machine to mine a cryptocurrency, but this is a cryptocurrency nonetheless!

To quote the cryptoexchange Kraken,

Basic Attention Token (BAT) is a cryptocurrency intending to create a virtuous cycle around digital advertising that is equitable for creators and consumers.

Running on Ethereum (ETH) and integrated natively on a custom web browser called Brave, BAT can be exchanged between advertisers, publishers and internet users based on their web activity, and is intended to streamline commerce between all three groups.

Users are rewarded with BAT for viewing ad content, publishers can deliver higher-impact ads and advertisers can be assured their messaging is being viewed by a willing audience.

The end result is a new kind of digital advertising platform powered by BAT.

Users can either hold the BAT, exchange it for cash or other cryptocurrency, or pay it to support their favorite content creators.

How does BAT work?

All BAT transactions settle on Ethereum, a public blockchain that allows developers to create and deploy custom cryptocurrencies and applications.

BAT operates on a web browser called Brave, developed by the team that created the token. Brave is a free browser, which claims to load 3-6 times faster than competing offerings, as it only serves advertisements if users opt-in to seeing them.

Brave browser users can sign up for the Brave Rewards program, which allows them to be paid in BAT for viewing ads or to send BAT to content creators whose work they want to support.

Brave’s default setting is to block trackers and ads. It only turns on ads if the user opts in. Brave then serves up native ads from trusted partners, which users are rewarded in BAT for viewing.

Brave Micropayments Ledger

To track the movement of BAT, Brave uses the Brave Micropayments Ledger.

The idea is that the Brave Micropayments Ledger will allow advertisers, publishers and readers to enter into smart contracts to move payments between each other.

Brave is exploring the use of zero-knowledge proofs for its blockchain, with the goal of providing anonymity to stakeholders in online media transactions.

OK, so it involves Ethereum. (Regarding the concept of zero-knowledge proofs, I’ve put a video here.)

Let’s quote from BAT’s authors now:

BAT – Making Crypto and DeFi accessible and useable for everyone

Crypto and DeFi are hard to use and the $330 billion digital advertising industry is failing users, publishers and advertisers. With Basic Attention Token and Brave we want to take Crypto to the next 1B users and solve the endemic inefficiencies and privacy violations hobbling the digital ad industry.

They even have a whitepaper. But what is DeFi?

Decentralized Finance (commonly referred to as DeFi) is a blockchain-based form of finance that does not rely on central financial intermediaries such as brokerages, exchanges, or banks to offer traditional financial instruments, and instead utilizes smart contracts on blockchains, the most common being Ethereum. DeFi platforms allow people to lend or borrow funds from others, speculate on price movements on a range of assets using derivatives, trade cryptocurrencies, insure against risks, and earn interest in savings-like accounts.

Official propaganda from Ethereum use cases:

DeFi is an open and global financial system built for the internet age – an alternative to a system that’s opaque, tightly controlled, and held together by decades-old infrastructure and processes. It gives you control and visibility over your money. It gives you exposure to global markets and alternatives to your local currency or banking options. DeFi products open up financial services to anyone with an internet connection and they’re largely owned and maintained by their users. So far tens of billions of dollars worth of crypto has flowed through DeFi applications and it’s growing every day.

There’s also a video about that, but I won’t embed it here. If you prefer to read some very recent articles on Forbes:

And yes, the world is going down the drain. On Tuesday, Oct. 19, 2021, the first ever bitcoin-based ETF in the United States has started trading in the NYSE, under the ticker BITO. Brave’s BAT is only a modest thing, but you can track it e.g. on Coinbase (BAT/EUR).

If you have to ask why cryptocurrencies are shit, then you’re an idiot. So, don’t ask.

§3. An episode from the past

The Brave Rewards future got improved and adjusted over time, as initially it was called Brave Payments, and it used BTC (Bitcoin). But there was a controversy regarding the Brave browser collecting donations on behalf of content creators:

In December of 2018, British YouTube content creator Tom Scott said that he had not received any donations collected on his behalf by Brave browser. In a tweet, he stated “So if you thought you’d donated to me through Brave, the money (or their pseudo-money [BAT]) will not reach me, and Brave’s terms say that they may choose to just keep it for themselves. It looks like they’re ‘providing this service’ for every creator on every platform. No opt-in, no consent.” In response, Brave amended the interface with a disclaimer for each creator who hasn’t signed up with Brave and promised to consider adding “an opt-out option for creators who do not wish to receive donations” and “switching the default so users cannot tip or donate to unverified creators”. Critics stated that the system should be opt-in and not opt-out, that the disclaimer did not clearly state absence of any relation with the creators, and suggests that creator begun process of signing up with Brave. Two days after the complaint, Brave issued an update to “clearly indicate which publishers and creators have not yet joined Brave Rewards so users can better control how they donate and tip” and in January 2020 another update to change the behavior of contributions and tips. They are now held in the browser and transferred if the creator signs up within 90 days; otherwise, they are returned to the user. Tom Scott, the original complainant, tweeted in response: “These are good changes, and they fix the complaints I had!”.

Tom Scott has deleted those tweets, but you can find a screenshot of them in How to choose a browser for everyday use?

Soliciting donations in the name of other people without their consent is unthinkably outrageous! Having to opt out instead of explicitly having to opt in should be illegal! And, no matter what changes have they made, they’re crooks and assholes!

The author of the above article didn’t follow the story through, but, as I said, the late “fixes” don’t change the fact that Brave still retains 30% of this undeserved money: “You’ll earn 70% of the ad revenue that we receive from advertisers.” And it’s still right that Brave Rewards are using Uphold:

Here’s the catch: to pay out their BATshit tokens, you need an account on Uphold, whose Privacy Policy states this:

«To verify your identity, we collect your name, address, phone, email, and other similar information. We may also require you to provide additional Personal Data for verification purposes, including your date of birth, taxpayer or government identification number, or a copy of your government-issued identification.»

Facebook tier surveillance. But wait, it’s not over:

«We may obtain information from affiliated and non-affiliated third parties, such as credit bureaus, identity verification services, and other screening services to verify that you are eligible to use our Services, and will associate that information with the information we collected from you.»

They will also stalk you all over the Internet to try to find already existing information. There’s still more violations coming, so sit back and watch:

«Uphold uses Veriff to verify your identity by determining whether a selfie you take matches the photo in your government-issued identification. Veriff’s facial recognition technology collects information from your photos that may include biometric data, and when you provide your selfie, you will be asked to agree that Veriff may process biometric data and other data (including special categories of data) from the photos you submit and share it with Uphold. Automated processes may be used to make a verification decision.»

As soon as I think I’ve found the biggest privacy violator possible, the cold hammer of reality strikes that stupid idea right out of my skull. Anyway – again – the only way to pay out BATshit tokens is by using this service.

Good. Great. Be an idiot and use Brave because they really care about your privacy.

But of course you can fully trust them. They block cookies and third-party ads (because you’re too idiot to install some add-ons for that), only to use their own advertising network. They have also ditched Google for a search engine, only to replace it with their own one:

Brave Search will replace Google in the United States, United Kingdom, and Canada, Qwant in France, and DuckDuckGo in Germany. More countries will be switched over in the coming months.

Well, Brave Search is the former (obscure) search engine Tailcat, which replaced the (equally obscure) search engine Cliqz. March 3, 2021:

Today Brave announced the acquisition of Tailcat, the open search engine developed by the team formerly responsible for the privacy search and browser products at Cliqz, a holding of Hubert Burda Media. Tailcat will become the foundation of Brave Search. […]

Under the hood, nearly all of today’s search engines are either built by, or rely on, results from Big Tech companies. In contrast, the Tailcat search engine is built on top of a completely independent index, capable of delivering the quality people expect, but without compromising their privacy. Tailcat does not collect IP addresses or use personally identifiable information to improve search results.

Oh, I’m so impressed.

§4. The ad hominem moment

Nobody should care who’s Brave’s CEO, as long as this CEO isn’t Xi Jinping, right? But I happen to hold a number of grudges against Brendan Eich:

  • He created the JavaScript language, which is the plague of our days and the reason the web browser is the heaviest software application on any non-gaming PC, for most web pages retrieve tons of crappy JS and run them until your CPU catches fire!
  • OK, he also co-founded Mozilla. In 2014, he manages to be Mozilla’s CEO for no more than 11 days, because of his stances in opposing same-sex marriages.
  • He then co-founded Brave, and he’s still Brave’s CEO.
  • “At Brave Software, Eich co-created the Basic Attention Token (BAT), a cryptocurrency designed for use in the Brave browser. BAT launched its ICO on May 31, 2017, and raised $35 million.”
  • In 2020, during the COVID-19 pandemic, Eich ardently denied the effectiveness of face masks and lockdowns in combating the transmission of COVID-19.

The long thread he refers to has been collected in this ThreadReader. It collects articles and even studies on how “lockdowns don’t work” and “masks are useless.” Sure thing, there were other idiots who wrote such ineptitudes, such as this Mai 1, 2020 “study” by Thomas Meunier, Full lockdown policies in Western Europe countries have no evident impacts on the COVID-19 epidemic.

I don’t like masks either, and I don’t like to be fucked in the ass, but this being said, Brave’s CEO is a scumbag.

§5. Wrapping up

If, despite knowing all this, you’re still using and advocating Brave, you’re a complete idiot.

Even if you don’t use Brave’s stupid BATshit, you’re still supporting an unethical company, and this crypto madness.