That’s kinda crazy, as it would look like a speck on the screen. I wish I could see the actual site, and see if there is something else sus about it. When I download important things like password managers, I usually try to be extra careful, double check the URL and do the hash check.
the police acted in good faith, meaning the evidence will be allowed in court despite the warrant being legally flawed
I have no knowledge (or particular interest) in USA laws, but I guess that judges making this decision is a statement of future intent. I guess if you don’t want to be tracked then don’t use services which track you!
i mean shit i guess they can here anyway, but it’s stunning to see that written down. oh they thought they were doing the right thing? oh that’s fine then
In Colorado, until a new law overides the ruling, google must reveal your search history when subpoenaed. This doesn’t affect surrounding states or federal law until their own judges make a ruling or politicians make a law.
The issue here is not that they are required to reveal search history of suspects, the issue is that the police is browsing the search history of everyone in order to find a suspect. That’s not what warrants are for and violates the constitutional rights of nearly everyone they searched.
Opposite actually. The court decision says that all future reverse keyword search warrants in Colorado will have their evidence thrown out. This one, however, didn't have precedent so the police acted in good faith.
I always use Google anonymously as I always find alternative search engines to be lacking. Even without personalized search results, Google always works better for me.
I’ve been using duck duck go for a while, and I’ve got a fresh Linux install on another machine I’m using as a server and I went to look something up. I was 2 pages in, thinking “ddg isn’t great, but this is ridiculous”, and I remembered i was on Google
The same company that was modifying the content of the pages as an opt-out feature deeply hidden in the setting? (e.g. bitcoin stuff on every Reddit link)
Surely you trust them with all of your traffic, though? They sound like good stewards and of course you’d want their VPN installed without your consent and you can definitely trust it’s not doing anything bad, right?
Open article -> get prompted for notifications and full-screen cookie consent pop up -> deny notifications -> click through cookie menu, accept -> finally see article for .5 nano seconds -> trending articles popup -> click the x on trending -> tab crashes.
I think I know why people only read the headline nowadays.
Will its really good but isn’t Linux mint de and especially MX is better than Debain for A few tools but i agree that they’re better than official Ubuntu and easier than vanilla arch
www.ghacks.net Brave appears to install VPN Services without user consent - gHacks Tech News Martin Brinkmann 3 - 4 minutes
If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.
Brave Firewall + VPN is an extra service that Brave users may subscribe to for a monthly fee. Launched in mid-2022, it is a cooperation between Brave Software, maker of Brave Browser, and Guardian, the company that operates the VPN and the firewall solution. The firewall and VPN solution is available for $9.99 per month.
Brave Software is not the only browser maker that has integrated a VPN solution in its browser. Mozilla, maker of Firefox, entered into a cooperation with Mullvad and launched Mozilla VPN in 2020. Brave Browser’s installation of VPN services on Windows
Brave Browser Windows VPN Service
A post on Privacy Guides suggests that Brave Browser installs its VPN Service without user consent and regardless of whether the VPN is used or has been used in the past.
You can verify this easily by following these steps:
<span style="color:#323232;">Use Windows-R to open the Run box.
</span><span style="color:#323232;">Type services.msc to open the Services manager on Windows.
</span><span style="color:#323232;">Scroll down until you come to the Brave section there.
</span><span style="color:#323232;">Check for Brave VPN Service and Brave VPN Wireguard Service.
</span>
If they exist, Brave has installed the services on your device. If you were never subscribed to Brave Firewall + VPN, the company may have done so without your consent.
The two services have no description, the startup type Manual and Manual Trigger Start.
There is no explanation why these services got installed on the system. Cautious users may set the two Services to disabled:
<span style="color:#323232;">Right-click on one of the services and select Properties.
</span><span style="color:#323232;">Switch the Startup type from Manual to Disabled.
</span><span style="color:#323232;">Repeat the process for the second VPN service.
</span>
Deleting the Windows services is another option. The main issue here is that there is no guarantee that a browser update won’t install the Services again. You’d need to monitor the services whenever Brave Browser updates to make sure of that.
Some users who replied to the discussion on Privacy Guides said that they did not have these services installed.
Closing Words
Why are the VPN services installed in first place? Brave made no announcement in this regard. Maybe so that users can start using the VPN immediately on Windows and not after a restart.
In any event, you now have the tools at hand to check for the services and either disable or delete them.
Now You: do you use Brave Browser?
Summary
Brave is installing VPN Services without user consent
Article Name
Brave is installing VPN Services without user consent
Description
Brave Software appears to be installing VPN services on Windows devices without user consent during Brave Browser updates.
Have you read the article? They install their VPN before the user decides to use that service, when they could simply install it when the user decides to subscribe to their VPN.
I’m going to be downvoted for this but it’s recommended on privacy guides because they generally lack strict criteria with browsers. Both Firefox and Brave make automatic connections that shouldn’t be allowed.
@governorkeagan@throws_lemy Privacy Guides has a set of objective criteria to judge a browser's security and privacy. People tend to hate Brave for reasons unrelated to security and privacy. Like the CEO's politics, crypto (and recently AI) integration in the browser, some shady history about injecting referral codes, etc.
Personally, I wish I could find an alternative that is as good as Brave. Until then, I'll keep using it as it is perfect for my needs.
I am conflicted on how I feel about that. Obviously information dragonets are bad because they're specifically designed to produce false positives. In this case, however, they produced a definite positive that wouldn't have been achieved otherwise.
Edit:
The good-faith exception to the exclusionary rule provides that “evidence
obtained in violation of the Fourth Amendment should not be suppressed in
circumstances where the evidence was obtained by officers acting in objectively
reasonable reliance on a warrant issued by a detached and neutral magistrate, even
if that warrant was later determined to be invalid.” Gutierrez, 222 P.3d at 941; see
also Leftwich, 869 P.2d at 1272 (holding that Colorado’s good-faith exception,
35
codified in section 16-3-308, C.R.S. (2023), is “substantially similar” to the Supreme
Court’s rule). The exception exists because there is little chance suppression will
deter police misconduct in cases where the police didn’t know their conduct was
illegal in the first place. Leon, 468 U.S. at 918–19. In such cases, “the social costs of
suppression would outweigh any possible deterrent effect.
But the good-faith analysis in Gutierrez is distinguishable. True, we held
there that the good-faith exception did not apply, but we had already recognized
that individuals have a reasonable expectation of privacy in their financial records
when Gutierrez was decided. Id. at 933 (citing numerous cases and statutes
establishing that an individual’s financial records are protected under Colorado
law). So, the police were on notice that a nexus was required between a crime and
Gutierrez’s individual tax records. See id.
38
¶70 By contrast, until today, no court had established that individuals have a
constitutionally protected privacy interest in their Google search history. Cf.
Commonwealth v. Kurtz, 294 A.3d 509, 522 (Pa. Super. Ct. 2023) (holding that, under
the third-party doctrine, the defendant did not have a reasonable expectation of
privacy in his search history). In the absence of precedent explicitly establishing
that an individual’s Google search history is constitutionally protected, DPD had
no reason to know that it might have needed to demonstrate a connection between
the alleged crime and Seymour’s individual Google account.
In essence, the court is saying that this is the one and only time this will be allowed in Colorado.
The obvious potential harm in general outweighs the positive outcome in a specific case. Justifying broad surveillance because it works occasionally is the road to a police state.
The entire exeption, and the broader exclusionary rule, is based around the self-evidently incorrect assumption that what happens in court will effect behaviour of investigators.
I agree it is people looking for reasons to criticize. However, I do think VPN or anything that modifies your route tables should be subjected to more scrutiny than other app features due to potential for abuse. I wish browsers wouldn't bundle them at all, or install them as part of their base.
Especially considering they were injecting affiliate links/replacing affiliate links with their own, everything they do should be seen through that lens. They literally thought it was either OK to do which means that behavior like this is going to happen and keep happening with them, OR they thought they could get away with it which ends up with the same result.
privacyguides
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.