Brave Browser's new privacy protections: time-based permissions and more

[harlan4096]

ne of them improves the permissions dialog that the browser displays when sites request access to certain information such as a user's location, camera or microphone.

Most Chromium-based browsers displays allow or block options in the dialog. Mozilla's Firefox web browser sets temporary permissions by default unless users check a box in the dialog. Apple's Safari browser offers a similar feature.

Brave, starting in version 1.25, displays a new option that enables users to select a period in which the permission is valid.

The options are "until I close the site", "for 24 hours", "for 1 week", and "forever". Forever works just like the allow button, but all three remaining options limit the granted permission to the specified time. The permission is revoked automatically by the browser once.

Brave notes that the all or nothing permissions approach leads to the oversharing of data as users have to revoke permissions actively to block future access to the information by the site in question.

Bounce Tracking Protections improvements

Recent versions of Brave Browser include improved bounce tracking protections. Sites may use bounce tracking to track users; this is done by adding parameters to the URL which is then passed to the destination. Facebook uses the system to track users across sites on the Internet.

Brave protected users from bounce trackers up until now by stripping tracking parameters from URLs.

Users of the browser who have enabled aggressive tracking in the browser's settings will receive prompts now when a "URL is suspected as a bounce tracker". The loading of the destination is blocked by default, but users may continue to the site or end the navigation at that point.

Brave plans to introduce the protections to all users, regardless of blocking setting status.

Other privacy improvements in Brave

Brave introduced ephemeral third-party storage some time ago in the browser which was designed to protect against tracking but without breaking sites, particularly sites that expected third-party storage to persist.

The feature caused issues on certain sites that used specific integrations, e.g. Single-Sign On. Brave cleared third-party storage of a site the moment the site was no longer open, but some workflows did not work as expected because of that.

To make sure that this does not happen anymore, Brave added a 30 second pause to the process, after which the data is removed.

The fourth and final improvement integrates new fingerprinting protections in the web browser.

• Dark Mode fingerprinting protections
  
• WebGL fingerprinting protection improvements.
  

You can check out the announcement on the Brave site.
...

Continue Reading