Exploring Secure Browsers: Brave vs. LibreWolf
The digital landscape is continually evolving, and with this evolution comes the need for robust web browsers. Using a secure browser like LibreWolf or Brave helps protect online privacy, enhances security measures, reduces exposure to malicious elements online, minimizes data collection by companies, offers customization options, and provides alternative revenue models while prioritizing user interests.
Brave
Brave, is a rising star in the browser market that has been gaining attention for its unique features and commitment to user-centricity.
Privacy-focused Architecture
One of the standout features of Brave Browser is its privacy-focused architecture. Built on Chromium – an open-source project by Google – Brave retains compatibility with Chrome extensions while incorporating enhanced privacy features.
Brave shields its users against invasive online tracking methods by default. It blocks third-party cookies, script-blocking fingerprinting techniques, and malicious ads. By doing so, it provides users with a seamless browsing experience while minimizing their digital footprint.
Rewards system
Brave also supports "Brave Rewards," which allows users to earn Basic Attention Tokens (BAT) by opting into privacy-respecting ads. These tokens can be used to support content creators or redeemed for premium features within the browser. By incentivizing users to view ads while preserving their privacy, Brave fosters a new paradigm in online advertising.
Enhanced HTTPS Everywhere
HTTPS Everywhere is an essential security feature that ensures secure connections between websites and users. Brave takes this concept further by implementing HTTPS Everywhere at the DNS level through DNS over HTTPS (DoH). This enhancement prevents any potential eavesdropping or manipulation of DNS queries, further bolstering user privacy and security.
Robust Script and Ad Blocking
Brave's integrated ad-blocker not only enhances the browsing experience by eliminating annoying ads but also provides a layer of security. By blocking malicious ads, Brave mitigates the risk of users unwittingly clicking on deceptive advertisements leading to malware or phishing attacks. This proactive approach makes Brave Browser an excellent choice for users concerned about online security threats.
Stronger Protection with WebRTC IP Leak Prevention
WebRTC is a technology that allows real-time communication between browsers. However, it can inadvertently expose users' IP addresses, compromising their privacy and security. The latest version of Brave Browser includes built-in protection against WebRTC IP leaks, ensuring that users' true IP addresses remain concealed.
Off the Record Mode
Off the Record mode (OTR), introduced in Brave version 1.53 in May 2023, is designed to safeguard the users browsing activities. Its primary purpose is to assist victims of domestic violence and abuse by allowing them to access specialized websites and seek help from local authorities discreetly, without alerting their abusers.
Unlike Incognito mode, Off the Record mode is unique in that it extends its protection to individual websites rather than solely focusing on users attempting to visit websites. Once activated, Off the Record mode prompts a website to label its content as sensitive.
When attempting to access websites flagged as Off the Record, users will receive a message within Brave, giving them the option to enable Off the Record mode. When activated, the web browser will refrain from storing any data associated with that particular website, including cookies and permissions.
Instead of relying on browsers to enable OTR, users have the option to manually activate it.
- Launch Brave.
- Visit
brave://flags
. - Write
#brave-request-otr-tab
in the empty field labeledSearch flags
. - Click on the dropdown menu next to Enable Request-OTR Tab.
- Select Enabled.
- Relaunch Brave.
AI support
Brave Leo is a chat assistant hosted by Brave without the use of third-party AI services, available to Brave users on the desktop (mobile version is in the works). The model behind Leo is Llama 2, a source-available large language model released by Meta made sure that user inputs are always submitted anonymously through a reverse-proxy to their inference infrastructure. In this way, Brave can offer an AI experience with still assuring privacy.
Feature | Free Leo | Leo premium |
---|---|---|
Models | Llama 2 13B Code Llama 13B |
Llama 2 13B Llama 2 70B Code Llama 13B Code Llama 70B Anthropic Claude Instant |
Rate limits | Reasonable rate limits | Higher rate limits |
Quality of conversations | Limited by models | Very high |
Privacy | Inputs are always submitted anonymously through a reverse-proxy and are not retained. | Inputs are always submitted anonymously through a reverse-proxy and are not retained. |
By default, Brave Leo is free for all users, with easy access to the Llama 2 large language model from Meta. For users who want additional models, Brave is a
offering a premium version of Leo for $15/month.
Source: Leo—Brave’s AI browser assistant that preserves users’ privacy—is now available to desktop users
Tor integration
Tor, short for The Onion Router, is a free and open-source software that helps its users to browse the internet anonymously and securely by routing internet traffic through a network of volunteer-operated servers. It was originally developed by the United States Naval Research Laboratory in the mid-1990s, and is now maintained by the non-profit organization The Tor Project.
The Brave browser has a built-in Tor mode that allows its users to browse the internet anonymously and securely. However, Tor is not working on Brave by default, and the user needs to enable it manually. To do so, the user has to go to the Brave Settings > Privacy & Security > Tor
, and toggle the switch to the On
position.
Additionally, Brave Search, is for instance available natively on the Tor network via .onion addresses.
Security risks
Even if Tor attempts to be secure and private, like any technology, it's not foolproof. There are some potential risks and limitations to be aware of when using Tor. Here are some reasons why Tor may not be secure:
- Tracking method #1: Triangulation is possible by matching the entry and exit node use. It requires having enough nodes to compromise both ends of the circuit. This way, they could, for example, match Activist X (via his IP address) sending data via entry node at 15:04:37 and a post criticizing the government appearing on a block at 15:04:38.
- Tracking method #2: Eavesdropping the exit node may allow for the theft of Tor users’ data. As the entry node removes the last layer of Tor decryption to forward the data, it may be possible to read it. In that case, it doesn’t take a genius to figure out that someone submitting your user name and password to a website is you (or just stealing those same log-ins they just saw you enter).
- Tracking method #3: Noticing Tor use is something that can become dangerous if Tor Browser use is declared illegal. Your ISP (Internet Service Provider) doesn’t see what you do on Tor, but it can detect your internet traffic going via the Tor network. Thus, they can track when you use Tor and for how long.
Tor Bridges and Snowflake
In version 1.44, released in May 2022, Brave Browser introduced support for Tor Bridges in Private Windows with Tor. This feature allowed users to surpass restrictions imposed by certain countries using the resources provided by the company.
Additionally, in January 2023, with the release of version 1.47, Brave Browser incorporated the Snowflake extension into its settings. This extension gives users the ability to transform their devices into proxies that assist individuals in censored countries to connect to Tor.
To clarify, what Tor Bridges and Snowflakes are…
Tor Bridges are relays managed by volunteers to assist individuals in circumventing censorship and Tor blocks. They provide an alternative entry point to the Onion network, ensuring access for users. To safeguard bridges from local regimes and operators who may attempt to block them, they are not publicly listed. Brave browser offers the functionality to utilize bridges by following the path "Settings menu → Privacy and security → Tor windows." Users can choose a pre-existing bridge, request one from torproject.org, or enter a bridge obtained from a trusted source.
The Tor Snowflake is a new feature introduced by the Tor Project. It is a peer-to-peer network traffic connectivity system that aims to enhance privacy and anonymity. By combining a proxy with the WebRTC protocol, it assigns temporary Tor Bridges to users who require them, making it more difficult to track or stop block bypassing efforts. Brave users have the option to choose Snowflake in their Tor Bridge settings or volunteer to assist others by enabling the Snowflake extension. Enabling this feature will automatically install the necessary components on Brave.
Running Snowflake proxies does not carry any known risks, and it does not compromise the confidentiality of volunteer data. The system ensures that all IP addresses remain private to maintain the system's functionality.
Volunteering computers do more than just act as intermediaries connecting to websites for others. They securely transmit encrypted messages between Snowflake users and other computers within the Tor network.
There are only a few categories of users who should refrain from volunteering on the Snowflake network. These include individuals residing in countries where Tor is blocked, those using workplace or company computers, and those with limited internet connectivity.
Source: Snowflake function diagram (Tor Project)
Trusted search
In August 2023, Brave announced that it has successfully detached its search capabilities from Google and Microsoft Bing. This means that all search queries made within the Brave browser will now be handled solely by Brave.
Previously, Brave Search utilized API calls to Google and Bing for image and video searches. However, earlier this year, Brave completely cut ties with these third-party APIs. During the development of its own image and video search solution, users were temporarily redirected to Google or Bing.
Therefore unlike most of the other private search engines in this guide, Brave is using its own search index.
Sign-In with Ethereum (SIWE) - ERC-4361
Sign-In with Ethereum (SIWE) offers an option to traditional login process by replacing it with wallet-based sign-in functionality. A wallet becomes the key to accessing various platforms, identified by a chosen Ethereum wallet address. This approach transfers the responsibility of authentication from centralized identity providers to individuals themselves.
The SIWE protocol introduces a standardized method for Ethereum accounts to authenticate on external services. By signing a message in the format defined in ERC-4361, users can securely access different platforms using their self-custodial identities. This standardization ensures that SIWE remains compatible and interoperable across various wallet implementations.
LibreWolf
LibreWolf is an open-source web browser, a fork of Mozilla Firefox, focused on privacy, security, and freedom. It's designed for users who are conscious about online security and privacy.
- Enhanced Privacy Controls: LibreWolf utilizes a hardened configuration of Firefox, with settings like
privacy.resistFingerprinting
set to true, enhancing anti-fingerprinting measures. It also employs strict cookie isolation akin to Firefox's First-Party Isolation but with additional tweaks. - Security-Focused Extensions: Comes pre-configured with security-focused extensions like uBlock Origin, employed in a more aggressive mode than default settings in other browsers.
- Advanced Script Management: Offers granular control over JavaScript execution, leveraging enhanced content blocking capabilities. This is particularly beneficial against cross-site scripting (XSS) attacks.
- Disabling Telemetry and Data Collection: LibreWolf disables all telemetry, data collection, and that are often found in major browsers, including Mozilla's Firefox. This is achieved by altering settings such as
datareporting.healthreport.uploadEnabled
andtoolkit.telemetry.enabled
. - Decentralized DNS Over HTTPS (DoH): Utilizes DoH by default, but unlike Firefox, it doesn’t route all DNS requests to a single provider (like Cloudflare), reducing potential centralized tracking.
- Tor Integration: LibreWolf does not come with native Tor integration like the Tor Browser, which is a specialized version of Firefox tailored for the Tor network. However, it can be manually configured to route traffic through Tor. For users who want to use LibreWolf over Tor, setting up a proxy (like configuring a SOCKS5 proxy to
127.0.0.1:9050
) and ensuring DNS requests are also routed through Tor is necessary. This setup, however, may not offer the same level of anonymity as the Tor Browser, which has additional protections against fingerprinting and tracking.
Final thoughts
It is important to note that while secure browsers can enhance your online privacy and security, no browser can guarantee complete invulnerability or protect you from all threats. It's always advisable to stay vigilant, keep your browser up-to-date, use strong passwords, and employ additional security measures like antivirus software for comprehensive protection online.
As a technically adept user, I favor Brave for its advanced Tor inclusion and integrated private search-index, complemented by an innovative & anonymized AI system. My experience with Brave underscores its effectiveness in enhancing online security and user privacy. Concurrently, LibreWolf shows potential with its controls and (more deepened) security-centric extensions. The broader secure browsing landscape, inclusive of possible future options like Mullvad, further enriches the choices for safeguarding digital interactions.
The website and the information contained therein are not intended to be a source of advice or credit analysis with respect to the material presented, and the information and/or documents contained on this website do not constitute investment advice.