this post was submitted on 20 Oct 2023
238 points (98.8% liked)

Technology

37754 readers
387 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

From article:

If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

More reason to ditch the crypto bro browser.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 year ago (1 children)

Not that I'm defending anybody but how is this touching your "network stack" any more than any other application?

[–] [email protected] 12 points 1 year ago (1 children)

because a VPN is both a new network interface, and it has the ability to change how your traffic routes. Most applications don't do that.

[–] [email protected] 1 points 1 year ago (2 children)

I see now that it was adding a wireguard interface, but without seeing the configuration being used, there's no telling if they are routing anything more than the traffic from the browser.

As an aside, are you serving applications from your workstation?

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Whether they route only the browser or traffic or not, that is messing with my traffic routing, and that's dangerous. If they control the VPN exit node (but especially if they control that AND the browser), they can do almost anything they want with/ to your browser traffic.

Not sure what me serving out applications from my endpoint device has to do with this, but yes, I sometimes do (LAN games, netcat listeners, python servers, etc).

[–] [email protected] 2 points 1 year ago

there’s no telling if they are routing anything more than the traffic from the browser

Yeah that's the problem "there's no telling". Messing with network settings is opening a can of worms and highly likely to cause problems one day.