cryptoknowmics.com
Brave, a privacy-first browser based on Chromium that integrates the Tor web browser, has recently been found leaking private .onion web addresses to the DNS providers. The bug was first raised on January 21, when the issue was excavated by cybersecurity company HackerOne.
Chromium Based Browser Leaking Browsing History
Tor browser works on onion routing and conceals the web browsing activity of its users by bouncing web traffic over a global network of relays. Onion routing makes it difficult enough to call it nearly impossible to trace the browsing history of any user.
This level of anonymity a user gets is the prime reason for a user seeking privacy to go for Tor browser than any other available browsers. A majority of the group making use of the Tor browser includes drug traffickers, activists, hackers, and mafias.
When the concern was raised by a HackerOne report, it was addressed in beta and was soon to be fixed in a hotfix. However, it didn’t happen, in fact, the bug leaked all the private information to DNS providers.
Brave, the Chromium-based browser, which integrated Tor in 2018 uses the same web architecture as other browsers like Google Chrome and Firefox. However, the issue was resolved, but it was then added to the developer version of Brave, Nightly, which updates itself every day.
Brave Vs. Tor Browser
Comparing the level of anonymity of Brave and Tor Browser, Ryan Watson, the vice president of IT of Brave, said on Reddit two years ago:
“Brave with Tor does not provide the same level of Privacy as the Tor browser, if your life depends on remaining anonymous, use the Tor browser.”
In addition to this, Ryan revealed that Tor Browser works differently from the Chromium-based browser as it cleanses the digital fingerprints that are used to identify systems. He said:
“Fingerprinting works by hiding in the crowd of other browsers, by using Tor in Brave you have a slightly more unique fingerprint than with Tor browser. Thus making you less anonymous.”