I really like brave, but right now FF is still my main. Brave is still needs some features. The whole syncing bookmarks and wallets thing is really annoying. I'm glad the way they devised is secure, and privacy sensitive, but it's still a pain in the ass.
Have they stopped whitelisting Facebook and Twitter in their "tracking blocker" yet?
The BS coming from their blog post surrounding this whitelist makes me distrust them completely: "Loading a script from an edge-cache does not track a user without third-party cookies or equivalent browser-local storage" (...) "Given that most users on the web share IP addresses with other users because of NAT, it is unlikely this can be used to reliably track users"
Not only it's quite possible to know if the user is behind CGNAT or not, meaning the tracking works just fine for millions of users, but carriers have been known to inject user IDs in the replies of users behind CGNAT.
The handling, or the bug itself? Sound like the damage control is fine (although worrying that they have no way to distribute hotfixes more rapidly than this).
The bug in the first place, on the other hand, seems pretty negligent. Not that it's incomprehensible, just pretty stupid.
> 20 years ago they pretended that their Deep Blue chess engine was in all their IT products
[citation needed] IBM did not do this, though funding the Deep Thought team from CMU was cheaper than a Super Bowl commercial and brought more durable effect.
No, they don't: they're all more severe than what happened at G+ with this vulnerability. Vulnerabilities of the kind we're discussing are utterly routine, and would probably merit a sev:low in an external assessment.
