Recent comments from a regular DCT reader prompted me to install and take a closer look at the Brave browser. Brave is known to be the most private of the mainstream browsers incorporating a native ad-blocker, anti-tracking protections, and even fingerprinting prevention. In this article, I’m going to explain various features/options when setting up and working with the Brave browser and deliver a final verdict.
- Please read: Which Browser is the Most Private
Brave Browser Out-Of-The-Box
On the first run after installation, Brave prompts the user to import various aspects – including bookmarks, passwords, and extensions – from a variety of popular browsers. This pretty much automates the importation functions and simplifies transitioning to Brave no end. A big tick.
However, when the browser’s home page opened, I was surprised to see how busy it is. With a fancy background image that changes frequently and lots of graphics, it is a bit of a shock if you’re used to the simplicity of (say) Chrome or Edge. The good news is that, if you’re of the same mind as me and have no use for all those extraneous items, they can easily be removed via the Customize link toward the bottom right of the page:
As you can see, there is no bookmark sidebar and the way in which bookmarks are handled is clumsy, as is the case with all Chromium-based browsers. To compensate somewhat there is a provision to pin links to favorite (most often visited) websites on the home page, which is definitely a plus.
There is no separate search dialogue box, which typically displays in the center of most browsers’ home pages, all searches being directed from within the address bar. A bit different but certainly no big deal. A choice of search engines is available via the settings, including Brave’s own private search, Google, DuckDuckGo, Qwant, Bing, Startpage, and Ecosia. Setting a default search engine is a simple matter of selecting your preferred option from a dropdown menu available via the browser’s settings:
Brave handles icons for installed extensions in a slightly different manner than what I’m used to. Other browsers I’ve worked with automatically place an installed extension’s icon at the far right of the address bar but Brave does not. You need to manually “pin” extension icons to the address bar via a settings menu. This is a good thing. For extensions that just sit in the background quietly doing their job, you can choose to leave the icon unpinned, and conversely, for those extensions that issue notifications and occasionally require user interaction, you can easily pin those icons to the address bar.
As for speed, Brave is typical of most Chromium-based browsers in that it renders webpages very quickly and accurately. I couldn’t swear that it’s faster than Chrome or Edge but it’s certainly as fast as.
Brave Browser Customized To Suit
There is no way I could live with Brave out-of-the-box. As I mentioned, the home page is way too busy for my liking and I much prefer a bookmark sidebar over the typically clumsy Chromium-based browsers’ method of handling bookmarks. I guess I got spoiled by the years of using Firefox. So, the first thing I did was to install the terrific Bookmark Sidebar extension which places a bookmark sidebar down the left-hand side of the page.
Next, I chose a different home page, opting for a plain and simple home page rather than Brave’s overly busy default page. I had to change a setting to also apply that home page to new tabs but, after a short search through settings, it was a simple enough exercise.
Needing to change a few default characteristics of a browser via extensions and/or settings to meet my preferences is the norm for me and certainly no deal breaker. With a new simple and plain home page plus my preference for a bookmark sidebar in place, I am very happy with Brave and have already decided it’s a keeper. I needed to overcome my trust issues with Brave but, in the end, the additional privacy features won out.
If you haven’t tried Brave as yet, I suggest you do so. In terms of speed, options, and ease of use, it’s at the very least equal to any browser I’ve tried and far superior to any browser in terms of privacy. Brave gets a firm recommendation from me.
I have now learned that there is a bookmark sidebar available in Brave. Thanks to “JD” for pointing this out (please refer to comments under).
To enable the bookmark sidebar in Brave, click the sidebar icon at the far right of the address bar, and then from the menu in the sidebar, click the bookmark icon:
31 thoughts on “Brave Browser Review – First Impressions”
Jim, Glad you are enjoying Brave (I knew you would).
Why do I use Brave?
1) Because Brave removes unsolicited requests to Google from Chromium, and when it does contact Google [update extensions (if you have any) or Google SafeBrowsing (unless you disable it) and Push notifications (unless you disable them)] the connections are proxied (anonymized towards Google).
Note: read a complete list of what the Brave team removed here:
2) It is the only Chromium-based browser with credible fingerprinting protections:
3)It is the only Chromium-based browser that can do CNAME uncloaking
4) Brave’s internal adblocker will also continue to work when Manifest V2 is removed. It won’t be affected by Google’s decision to cripple adblockers with Manifest V3 (note Manifest V2 was going to end on Jan 1, but Google just extended it to Jan 1, 2024). Brave’s adblocker is not an extension, but rather implemented natively, and thus isn’t under extension restrictions like uBlock Origin would be.
You can add lists by going to settings/Shields/Content Filtering. Add the filters from the included lists, or add custom filter lists.
Some extensions I’d recommend to improve privacy (all downloaded from the Chrome Web Store):
1) ClearURLs = primarily filters tracking elements from URLs, meaning you will be using clean links.
– Allow domain blocking –> Enabled
– Prevent tracking via the History API –> Enabled
– Allow Referral marketing –> Disabled
– Filter eTags –> Enabled
2) LocalCDN = websites load libraries from third-party sources, the providers of those libraries know which websites you’ve visited and can potentially profile you. LocalCDN provides these libraries locally for websites, intercepting requests to third-party sources. Has the side effect of slightly speeding up the loading process of websites.– You can leave everything at the default settings here. However, I recommend setting Notification after an update to Never (Silent) if it is not already as it’s quite annoying – the extension gets updated quite regularly.
3) Cookie AutoDelete = Gets rid of cookies and other kinds of local data websites store upon your computer upon closing the tab or changing the domain.
– Enable Automatic Cleaning –> Enabled
One more thing, if you click on the “Show Side Panel” button in upper right corner of Brave. It shows a side panel. Then click “Bookmarks” and it will show your bookmarks in the side panel. So, you might not need the “Bookmark Sidebar Extension”. I don’t use that extension (or even the built in Brave function) so I’m not sure if the extension is better than built in. But, you might want to try that out.
Thanks for all this additional information JD, much appreciated. I’ve updated the article to include the info re the bookmark sidebar.
By the way; apparently, Brave is working on adding a feature that does the same job as the ClearURLs extension. It’s not available in the latest build but planned for a future update.
I saw that they were working on a Copy Clean Link feature to copy website addresses without additional parameters that was suppose to be included in the September 27, 2022 Version 1.44.101 release–but it wasn’t. Brave will strip excess parameters from the address, without changing its link destination, when copying the URL.
But, the ClearURLs extension filters tracking elements from URLs, meaning you will be using clean links, while you browse then when copying an URL. That’s different unless they are working on a browsing version of this (makes sense that they would be), too.
Security researcher Kirtikumar Anandrao Ramchandani discovered an Information Disclosure vulnerability in the Brave Browser and reported it to the company through the HackerOne platform.
The researcher discovered that when the browser is used with Tor it could leak the referer.
“Brave browser has a function of New Private Window with Tor. The browser when used with Tor shouldn’t leak the referer.” reads the report submitted to HackerOne.
Below is the procedure to reproduce the issue:
Click on https://www.whatismybrowser.com/.
Expected behavior: It should have shown a blank referrer;
Actual behavior: It shows the referrer as: kirtikumarar.com which was the host from where we navigated.
It also disabled my outlook mail original browser even though I did not want Brave to be default.
More to come…
Did you test to see if the vulnerability has been fixed. I did. I visited the whatismybrowser website in a new “Private window with Tor” and the referrer was not shown, with the message “We couldn’t tell where you came from”.
Maybe this is old news.
This was reported on 9/13/2021 to Brave on Hackerone. Brave started looking at it. Brave confirmed the leak on Oct 1 2021 and paid the reporter $500 for the find. Brave Fixed the leak on Nov 8, 2021 and patched it in version 1.34.23. and made the leak public 3 weeks after the fix was released. You can see the report on Hackerone https://hackerone.com/reports/1337624
Thanks JD, you confirmed my suspicion that this would be old news.
[Comment removed by moderator due to outdated information]
I use Brave on both Windows and Gentoo Linux.
No dice. Very annoying when secure browsing such as banking and credit card login attempts give me blank screens. Reverted to Firefox.
When you come to a site that you trust, and the shields are blocking (some banks, some credit cards, etc), add that site to the trusted sites list. To do that, click on the orange lion icon on the top row next to the site URL. Then click the slider for shields. Brave will remember that setting for that site so you only have to do it once. I have about 15 sites that I have removed shields for. It is better to be secure and private at 99.9% of the sites you go to and trust the other .1% of sites, than use an open browser where you have no protections at 100% of sites.
Thank you, JD. I will try that.
No luck. I reinstalled Brave, but STILL behaves differently from other browsers. When I go to my banking site, instead of giving me the login screen, it does flash the login screen for a millisecond, but then, it switches to another screen that keeps asking me to change my password – ain’t doing that! This is after I took down the shield for the site. I am back on Edge and Firefox which work as smooth as ever. I spent enough time trying to get it working given the fact, that I really wanted to use Brave. I don’t need the hassle anymore and nobody has been able to give me a solution.
My bank’s login screen displays fine in Brave and that’s with all shields enabled. Sounds to me like scripts are being blocked, do you have any extensions installed in Brave, particularly something like uBlock Origin or NoScript? What antivirus software are you running and are you using a third-party firewall?
Okay, I have decided to keep Brave, as using a secondary browser for difficult sites is not a stretch. As you said, I can use it for 99.9% of sites, some of them, nefarious, while using FF or Chrome, as needed.
Brave Browser 1.44.101 was released earlier today.
My preference is for portable versions of browsers. Alas, there is no official portable build of Brave, only the one offered by Portapps: https://portapps.io/app/brave-portable/
(with additional details at GitHub:
https://github.com/portapps/brave-portable). Their current build is now twenty days old.
The portable browsers that I employ are Firefox ESR, LibreWolf, Slimjet, SRWare Iron, and UnGoogled Chromium (a combination of x32 & x64), all running extensions that typically include uBlock Origin, NoScript, Privacy Badger, Malwarebytes Browser Guard (MWB Premium is installed in Windows), Cookie AutoDelete, Decentraleyes, and Disconnect.
Thanks for all the information here – I’m setting up Brave. In the process of adding Bitwarden extension, I was given several warnings – opinion?
ok now I have a site that I use everyday that says its not providing a secure connection – I’ve adjusted the Brave Shields to be off – but its still not loading – the site is http://www.relayforlife.org/mocotx
I was able to get to this OK. So, I added a new profile in Brave (so I’d be at same settings as someone starting fresh) and I was able to get here again. I’m guessing that you might have flipped a setting that is interfering (Try adding a new profile, don’t change anything in the profile–so you will be at default settings in Brave), and try going there again.
Or, you might have some other firewall or security software on your PC that is interfering somehow.
Second question – adding BitWarden I get a warning – are you using a password storing extension with Brave?
I’m using Bitwarden in Brave. I tried adding Bitwarden to a new (default) profile and it added fine. Again, I am guessing you might have some other software on your PC that is interfering somehow.
There are Pros and Cons. I love it for any of my music needs. It is lightweight, fast, and accurate. Then con=mes the cons. Amazon music was the first problem. They refused to run about a year ago on Brave. Claimed they only wanted me to use IE and firefox. There were a couple of others that had hiccups claiming it was not worth their time to work with. I feel that any site that works with Giggle, Edge should also be able to run brave, as it was essentially the same without the tools trick and overhead of the others..
I have tried comparing Brave, Firefox, and Edge Chromium for speed. I see little difference. The only reason I would switch browsers is speed on Windows 10.
I tried Brave after changing a few settings and it was good. Yet I have gone back to firefox. Firefox out of the box does not compete with brave browser, but a ‘hardened’ version does. After hardening the security & privacy settings [ https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/#disable-telemetry-and-error-reporting ] firefox does compete, at least for my requirements. I will continue with firefox, for now, but keep Brave in reserve.
There are two concepts of browser protection-security & privacy.
When it comes to security, Chromium-based browsers are more secure than Firefox because of its inherent security weaknesses. Poor sandboxing, poor exploit mitigations, and most of the code is written in a non-memory safe language. Changing a ton of settings can’t overcome these limitations. That’s why security experts recommend Chromium over Firefox. Here is a good article explaining this in detail https://madaidans-insecurities.github.io/firefox-chromium.html
When it comes to privacy, the idea is to not stick out from the norm. Configuring or “hardening” the browser by changing a bunch of about:config settings, such as privacy.resistFingerprinting, you’re making yourself stand out and are effectively reducing privacy. The only real approach to preventing browser tracking/fingerprinting is by using a browser that is designed to prevent this by default.
Good points. I may reconsider Firefox.
Thanks JD, food for thought. That reading does make much sense. Your argument does tip the balance in favour of Brave technically. I’m struggling to ‘like’ Brave, which I realise sounds silly, but there you are. Perhaps I just need to get used to Brave a little longer? I believe in privacy on principle, not paranoia, so on balance, I think I will keep both.
Familiarity, or the devil you know, is a difficult thing to overcome. I think that’s a good plan, to keep both. However, try and stick with Brave for a while and I am pretty sure you’ll be converted. 🙂
Not only did I not have ad blocker extemsions but this was a brand new clean install, as I had also slashed and burned the registry entries for Brave the last time it did not work.
What is the site you are having issues with?