That’s kinda crazy, as it would look like a speck on the screen. I wish I could see the actual site, and see if there is something else sus about it. When I download important things like password managers, I usually try to be extra careful, double check the URL and do the hash check.
People who use those characters benefit from it. I imagine 點看 is more useful than xn–c1yn36f to a Chinese person. That’s also why Google displays them that way.
It would be nice if browsers warned when International Domain Names were in use, and provided the option to disable punycode when first encountered.
Yes, because the internet is not restricted to English letters.
Just imagine you had to visit アップル instead of apple.com! And most importantly, would you trust yourself to see the difference that and say プッアル consistently without seeing the real reference?
Just to be clear, I hate it when the browsers hides part of the url too. Show me the https god damn! But internationalization is a good thing, as it makes the internet accessible to more people.
They have failed one of their code jobs: validating advertisements are legitimate. I don't know why any legitimate company would advertise with google as you get associated with the scams they allow on their ad platform.
“Ahhh gosh oh golly I guess i better comply with this police warrant” says the company that actively engages in one of the largest tax fraud operations in human history.
Assuming they’re talking about what most businesses, especially large ones with huge legal resources, do: exploit loopholes to not pay, or pay reduced, taxes.
From my personal lemmy experience, a lot of people would consider it actual (legal) fraud that’s just not being prosecuted because the perpetrator/s are wealthy.
www.ghacks.net Brave appears to install VPN Services without user consent - gHacks Tech News Martin Brinkmann 3 - 4 minutes
If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.
Brave Firewall + VPN is an extra service that Brave users may subscribe to for a monthly fee. Launched in mid-2022, it is a cooperation between Brave Software, maker of Brave Browser, and Guardian, the company that operates the VPN and the firewall solution. The firewall and VPN solution is available for $9.99 per month.
Brave Software is not the only browser maker that has integrated a VPN solution in its browser. Mozilla, maker of Firefox, entered into a cooperation with Mullvad and launched Mozilla VPN in 2020. Brave Browser’s installation of VPN services on Windows
Brave Browser Windows VPN Service
A post on Privacy Guides suggests that Brave Browser installs its VPN Service without user consent and regardless of whether the VPN is used or has been used in the past.
You can verify this easily by following these steps:
<span style="color:#323232;">Use Windows-R to open the Run box.
</span><span style="color:#323232;">Type services.msc to open the Services manager on Windows.
</span><span style="color:#323232;">Scroll down until you come to the Brave section there.
</span><span style="color:#323232;">Check for Brave VPN Service and Brave VPN Wireguard Service.
</span>
If they exist, Brave has installed the services on your device. If you were never subscribed to Brave Firewall + VPN, the company may have done so without your consent.
The two services have no description, the startup type Manual and Manual Trigger Start.
There is no explanation why these services got installed on the system. Cautious users may set the two Services to disabled:
<span style="color:#323232;">Right-click on one of the services and select Properties.
</span><span style="color:#323232;">Switch the Startup type from Manual to Disabled.
</span><span style="color:#323232;">Repeat the process for the second VPN service.
</span>
Deleting the Windows services is another option. The main issue here is that there is no guarantee that a browser update won’t install the Services again. You’d need to monitor the services whenever Brave Browser updates to make sure of that.
Some users who replied to the discussion on Privacy Guides said that they did not have these services installed.
Closing Words
Why are the VPN services installed in first place? Brave made no announcement in this regard. Maybe so that users can start using the VPN immediately on Windows and not after a restart.
In any event, you now have the tools at hand to check for the services and either disable or delete them.
Now You: do you use Brave Browser?
Summary
Brave is installing VPN Services without user consent
Article Name
Brave is installing VPN Services without user consent
Description
Brave Software appears to be installing VPN services on Windows devices without user consent during Brave Browser updates.
Open article -> get prompted for notifications and full-screen cookie consent pop up -> deny notifications -> click through cookie menu, accept -> finally see article for .5 nano seconds -> trending articles popup -> click the x on trending -> tab crashes.
I think I know why people only read the headline nowadays.
Have you read the article? They install their VPN before the user decides to use that service, when they could simply install it when the user decides to subscribe to their VPN.
I’m going to be downvoted for this but it’s recommended on privacy guides because they generally lack strict criteria with browsers. Both Firefox and Brave make automatic connections that shouldn’t be allowed.
@governorkeagan@throws_lemy Privacy Guides has a set of objective criteria to judge a browser's security and privacy. People tend to hate Brave for reasons unrelated to security and privacy. Like the CEO's politics, crypto (and recently AI) integration in the browser, some shady history about injecting referral codes, etc.
Personally, I wish I could find an alternative that is as good as Brave. Until then, I'll keep using it as it is perfect for my needs.
I originally started using brave because at the time it was the most feature complete alternative to chrome. Now I would like to switch but I would still use chrome cast for music streaming (I have quite a few of them).
Last time I checked casting audio was missing as a feature in most deGooogled versions of chrome. Does anyone have any suggestions for browsers that allow me to stream audio from my browser to Google Chromecast?
Is there a good alternative, maybe locally hosted, for location history?
While I’ve recently disabled it for Google, it actually was helpful for going back in time and remembering where I was on X day, on numerous occasions. Would be cool if there was a locally hosted, open source alternative.
I guess it could sometimes be an unfortunate coincidence that you do something suspicious where a crime just occurred. But surely you’d be proven innocent after looking at other evidence.
There are many people currently in jail for crimes they have never committed, there are people who’ve been arrested simply for looking like the suspect despite not being them, wrongful convictions are an issue and everyone should protect themselves because in a lot of crimes people don’t want justice, they just want someone to punish.
That was confounded because his mother’s ex boyfriend seemed to be the murderer and used his car. Am I the only person on Lemmy who DOESN’T obsess over privacy, demand FOSS, and refuse to use Windows? My mother doesn’t have a shady ex-boyfriend, and it seems like a pretty fair exchange otherwise to give up my data in exchange for great free services that generally work pretty well — it’s not like I could sell my data myself. Nor am I paying my own money to use them. I don’t feel like getting a worse experience for e.g. maps (saw another post about it) just for the sake of data that (for most intents and purposes) doesn’t affect me directly.
@knexcar@throws_lemy@Clent Maybe you won't face a problem with law enforcement caused by some company sharing your data with the law enforcement. On an individual level, yeah sure, you probably won't get affected. But on a societal level, do we accept having some people's lives ruined by these techniques? I don't think so.
In general, is it acceptable that we give some for-profit companies full access to our data so they can manipulate our buying behaviors with their targeted ads?
That’s fair, we as a society are probably manipulated quite a lot. though I feel like law enforcement getting cases wrong is a somewhat separate issue from the “targeted ads” one. The alternative would be to use shittier evidence, potentially racism, or just let it go unsolved. I hate ads too and I block them so I don’t have to see them. I guess I’m tired that 1/3 of Lemmy posts seem to be about privacy/FOSS, I wish there was more variety like the R-site.
Privacy, freedom, and corruption? Like Trump banned international travel from how many Muslim countries? The fact that that happened at all is insane. You don’t think these tools will be abused? Like the UK banned fetish porn (which has been thankfully overturned). You would be fine if say… these tools were used to monitor your sexual habits?
There are alternatives for every service they offer.
I used to believe that, but what’s the alternative for a phone keyboard with swipe typing and speech recognition that actually works?
Or a phone that gets reliable push messages and also works for banking?
Cause I hate Google, but these are things I actually need in my life.
First, I use GrapheneOS, so I can continue using Gboard and a few other Google products that do not warrant or require an internet connection, with network access disabled.
Alternatively, the next best keyboard is grammarly (also with network access dsiabled) and you can also use voiceinput.futo.org with that one.
Sounds like you’re on Android but there are still options. I am no subject matter expert but there are many who are and they are just a quick duckduckgo search away. Good luck!
It’s actually because the Tensor chip is the most secure one available, and because Google promises several years of software updates, with a solid history to back it up.
You mean the Tensor chips that don't appear until 6th gen, even though the project supports 5th and 4th gen?
They also literally state:
Devices need to be meeting the standards of the project in order to be considered as potential targets. In addition to support for installing other operating systems...
And
Devices with support for alternative operating systems as an afterthought will not be considered.
This pretty much rules out 99% of smartphones. I would argue this even rules out non-Pixel favourites such as the OnePlus lineup, even though I'm writing this on a Lineage-loaded OnePlus 7T. Support for other ROMs is there but it's quite fucky. Add in what you said about firmware support and yeah, only the Pixel lineup would apply.
Understanding that you probably paraphrased for brevity, it’s hard to respond with anything helpful because only you know where the goalposts of, “actually works,” are – same thing with, “reliable push messages,” and, “works for banking.” I’ve used swipe input on the native Samsung keyboard and SwiftKey and found that they work just fine, but not as good as GBoard. If you’re going from a Google-invested product to pretty much anything else, it’s likely going to be a worse user experience, so you just have to set your expectations appropriately and keep in mind that what you’re getting in return for that is intangible but important.
What have you tried so far, and how have they failed you with respect to the metrics you’ve stated?
Swiftkey isn’t a real option for me, it just sends my data to another one of the big 3 tech megacorporations.
What I’ve tried:
Degoogled my phone with UAD and used apps that can run in the background instead of relying on Google Play Services for push. But I kept missing important messages cause push didn’t work reliably. It lead to a wild goose chase of which system apps can be disabled and which permissions revoked without losing core functions, none of which is documented properly anywhere. Location only worked outside sometimes and took 3 minutes for a fix. And it still may not even do anything for privacy because the underlying system is made by Google and could just ignore all of my settings.
Installed LineageOS. This solved the problems above. But my banking app refused to even launch on it.
Gave up, again used a debloated Android but kept Google Play Services and its dependencies intact and just used no Google account or Google apps. Now banking works, push works, location works. But Google still has unlimited root access to my device, contacts, calls, SMS, location, so really what’s the point?
How feasible is it to interact with your bank or other necessary services in a browser vs using the play store app? I can see LineageOS being viable if you can make such a transition.
Impossible. I either need a phone or buy a TAN generator for 2FA.
I’m currently thinking about that, or just leaving a spare phone at home with no data on it and location disabled. But the banking app is also used to verify bigger credit card payments. And without having it on me, I would have been unable to pay for plane or train tickets while traveling more than once.
honestly, having a spare phone that sits at home is a great solution. Your main phone can be a native pixel/grapheneos (not lineage, graphene has no issues with feature comparability). And the spare phone at run all the apps for, idk, your robot vaccum, smart home, etc. At home you have more control of data and connectivity.
we all have old phones that can be used as spares. My 8 yr old phone is the “remote control” for my house. Using accounts that don’t tie to me, on it’s own vlan, pi-holed, etc
for speech recognition there is “futo voice” which not only works better than Google’s speech talk-to-type by allowing the user to fluently speak, but it also works offline and doesn’t upload voice recordings anywhere. You won’t be able to use it with gboard because google will not allow the use of another talk-to-speech engine with gboard, you’ll have to download another keyboard first.
mobile banking is an unnecessary luxary. Moving money around/paying CC biils often takes days to go through anyway so the urgency of “doing it now” mobily can wait until you’re at your desktop.
Push notifications, I’ll give you. Without any services some apps cannot recieve push notifications. As the other user suggested, using a pixel with grapheneos, you can install sandboxes google services or microG and then have full functionality.
On grapheneOS you can choose which apps have access to internet/data much more fine-grained that what google allows you.
It’s been my experience that for most people, Google services are not a requirement, but a luxury… especially for daily life. Now, most Google-esque services are a requirement for daily life, but as they said, there are alternatives that you can use that work.
privacyguides
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.