Brave's Tor mode is bad - don't use it

  • 🐕 I am attempting to get the site runnning as fast as possible. If you are experiencing slow page load times, please report it.
CrunkLord420

CrunkLord420

not a financial adviser
Forum Staff
True & Honest Fan
kiwifarms.net
Joined
Jul 22, 2017
Security extensions like uMatrix is a basic requirement for any browser, it's the only way to have half-decent control over security while browsing the internet. In many ways I consider it more important than hiding your "real IP" from the first-party domain you're connecting to: https://github.com/gorhill/uMatrix

The fact that Brave's Tor mode does not support extensions makes it totally unworkable: https://github.com/brave/brave-browser/issues/2761

The solution is to use something like SwitchyOmega, create a automatic filter for .onion domains, passing it into a locally running tor service on 9050: https://github.com/FelisCatus/SwitchyOmega

Reminder that it's extra important you prevent block third-party servers with uMatrix while browsing an onion site to prevent identification via cookies. None of this is a replacement for the actual Tor browser which is what you should use for the most important things since it will mitigate browser fingerprinting techniques.

If you are in fact too fucking normie to do any of this shit, fine, use Brave tor mode, it's better than a default Chrome browser.
 
  • Informative
  • Agree
  • Like
Reactions: Geranium, Lord Xenu, Toolbox and 30 others
He Who Points And Laughs said:
Why not stick with the Tor browser for when you use Tor and your normal browser for the clearweb?

Using a "normal" browser on the Tor network just seems to defeat the anonymity.
Click to expand...
I think it's important to promote incorporating onion support into your regular browser. There are different sets of concerns and there is something to be said about convenience. Specifically talking about Kiwi Farms. The onion address does not feature any third party domain embedding, you won't get a cookie issue from the main site because it's on a different domain. By using an onion address you bypass regular DNS and it makes it very difficult for a third party (your ISP, CloudFlare, the NSA) to figure out what exactly you're connecting to. On the other hand you could rely on a VPN to connect via CloudFlare which isn't a better option. The benefits from using the Tor browser are marginal, especially when you do a good job at managing your uMatrix settings.

In a perfect world everyone would be browsing the web via onion addresses and it'd just be a regular supported protocol.
 
  • Informative
  • Like
  • Agree
Reactions: Toolbox, thermocline, Uncanny Valley and 8 others
Brave is botnet shit. Sends unsolicited requests when started, (((targeted ads))), google as default search and whitelists spyware scripts from facebook and twitter by default.

Like Mozilla it's taking advantage of normies who are caught up in the recent internet privacy scare but are too lazy or stupid to look into it. So here comes Mr. benevolent browser to save them from big brother at the push of a button but in reality both fail to do this by design.
 
  • Optimistic
  • Autistic
  • Like
Reactions: Ambiguous-Morality, Kosher Salt, hinikuna damacy and 4 others
Isaac Cox said:
Brave is botnet shit. Sends unsolicited requests when started, (((targeted ads))), google as default search and whitelists spyware scripts from facebook and twitter by default.

Like Mozilla it's taking advantage of normies who are caught up in the recent internet privacy scare but are too lazy or stupid to look into it. So here comes Mr. benevolent browser to save them from big brother at the push of a button but in reality both fail to do this by design.
Click to expand...
It's still the best maintained chromium fork, and you can turn all that shit you mentioned off, I do. I don't use any of the extra Brave features.
 
  • Agree
  • Like
Reactions: thermocline, Serin Spaghetti, Feline Supremacist and 3 others
I'd go one step farther and say don't trust the browser not to leak data or not to make a clearnet connection. Use a Linux network namespace you put your browser into it and connect it's network interface to the outside and over tor via iptables rules. Voila, you have a browser instance that literally cannot make a connection through anything except tor, even if you wanted it to. Then also use a pid namespace and a mount namespace (for resolv.conf, dns requests!) so the browser doesn't know too much. Now you don't have to trust the browsers' coding anymore. You don't even need extra parts for assembly, this is all stuff that's included in the linux kernel since forever and some very basic tools. Ways to run different browser instances and different tor instances for programs other than browsers (to have different circuits for programs running via tor) are left as an thought exercise to the reader. The government is in cohorts with jewish-hebrew-ufo-lizards and is reading my thoughts difficulty grade: run the browser on a physically different machine than the one you're sitting at and redirect it's graphical output to your terminal.

Then run your browser as unprivileged user and optionally add MAC on top. (although the latter can be sometimes high maintenance and extra user might be simpler and safe enough, even if the browser gets compromised)
 
Last edited:
Security Steps:

1. Don't be doing things on the internet that will get you vanned. If a government wants you in prison, they have the technical resources to do so regardless of your browser choice. If law enforcement is focusing on you, you're already fucked.
2. If you can't follow #1, say you're trapped in some shithole dictatorship and everything is illegal, don't use half-measures. Run a secure OS off of non-writeable media, don't have a hard drive in the computer, don't save one single bit of data to any storage. Encrypt, VPN, TOR, do whatever you can to make it difficult to get your traffic.

#2 is a huge pain in the ass, which is why I follow #1 instead. Thankfully browsing the farms isn't a legal issue in my country, so it frankly doesn't matter one bit if someone finds out all of my browsing info.
 
  • Like
Reactions: Kosher Salt, Uncanny Valley, PimpKramer and 1 other person
Isaac Cox said:
(((targeted ads))),
Click to expand...
I read they keep the advert database in your browser, so you already have every possible add they serve on your computer, then it does the datamining locally, the data never leaves your computer, and the adds served come from that local database, so they don't see which adds the browser showed you.
Now whether they collect any anonymous statistics, I'm guessing they probably do, since advertisers will want to know how many users saw their adds. They also need to know how many adds you've seen in order to award you BAT.
Stil better than what Google does, and it's an easy way to support KF, by sending Null your BAT.
 
  • Informative
  • Thunk-Provoking
  • Agree
Reactions: *Hidden_Bird*, Kosher Salt, Serin Spaghetti and 2 others
GethN7 said:
using straight Tor anyway
Click to expand...
How do you do this? Every major site I've visited using Tor throws a tantrum and disallows access. I can't even visit gamefaqs using it. What's the point of using the "best" privacy browser when every company and hosting service is hip to the tech and just blocks it?

Also the mobile version is shit garbage. A page on KF takes upward of two minutes to load, whether on 4G or WiFi.
 
You must log in or register to reply here.
Back