Posted by spc50 | in brave (edited )

** "When you read an article about a Chromium bug or issue, chances are, it's also a Brave bug and issue, as they have based their browser on Chromium" **

Question here is if this is what broke Tor .onion address lookups really. Brave trying to on the sly invisible to user lookup domain C-Names to block tracking / malicious same domain attempts with its own internal DNS server. Expecting they are doing this via DOH (encrypted).

Key words: using an embedded DNS resolver

All this wouldn't be necessary if people were forced to serve their content from the same domain. The very same, without subdomain even. A website should be text + some images and maybe a standard format video. No junky JS needed. No heavy overhead. Just deliver the binary common objects and we are done. Handlers on computer to run the video. The HTML + stylesheet is cake. Long perfected.

All this sh!t is chasing imaginary dragons. Creating mythology to further imaginary industries. Want industry and need for solutions, create the problems.


“In Brave 1.17, Brave Shields will now recursively check the canonical name records for any network request that isn’t otherwise blocked using an embedded DNS resolver. If the request has a CNAME record, and the same request under the canonical domain would be blocked, then the request is blocked. This solution is on by default, bringing enhanced privacy protections to millions of users.”



You must log in or register to comment.

spc50 OP said ()

I know... your websites all are so radically popular and huge. Must use CDN... Must distribute load to eat bad packets. Right... In your wet dreams. Must use cnames and subdomains...

10% of market that needs such, 8% probably is sketch. The other 2% are companies so big and connected that they should happily take the beating, bad packets, etc. Comes with the territory of being a big fish.


dontvisitmyintentions said ()

What would also obsolete domain-based blocking is serving data by content hash. Surprisingly, Brave is the only browser with IPFS built in*, though what flaws we'll see in its implementation are yet to be seen.

* Firefox has always had IPFS helper extensions, but not the client itself.


Rambler said ()

They just proxy IPFS through a clearnet gateway. I already tested that out.

Though they do allow use for a local daemon as an option. I don't use IPFS locally but may give it a whirl.


spc50 OP said ()

These browsers need to knock it off. Rolling full things in like Tor and IPFS -- these are NOT features.

Brave currently is about a 79MB download. Huge file. Way too big for a browser. Installed says 250MB. This is dumb. How does it compare? I don't know. But, these people need to seriously rethink what they are doing and how many people they harming in many many ways.


smartypants said () (edited )


You see advertisers use other domains for a REASON.... accurate tabulation of passive ads drawn and seen, and also clicks.

Using hashed and cached data is no different than hosting a lot of slop from a specific single domain... and is NOT what the multibillion dollar advertising industry wants.

I agree that obfuscated javascript ad-orient architectures will be soon delivered on IPFS and such, but famous top200 web sites will always have 3rd party ad blocker tech annoy them.... always.

I am scared that loss of specific url and domain control makes it more of a wild west though