5/29/2023 0 Comments Chrome http snifferAs we can see later, Brave continues to proxy even these requests through. This allows Brave to query a local resource rather than making numerous calls out to a third party. Brave uses the Update API, which downloads a list of URLs suspected to be harmful. There are 2 ways to interact with this service: the Lookup API, and the Update API. This is a large collection of URLs that are known to be harmful. If at least 2 of these resolve to the same host, Brave will suspect the ISP or network of advantageously inserting content into the user’s session (often times the ISP may be showing ads).Īnother set of familiar requests we’ll see in later reviews is for Google’s SafeBrowsing service. You may spot similar requests being made by other Chromium-based browsers later. In this case, it’s to kgcemqlxlymf, jlejbuhy, and skxrkyaibq. We then see Brave issue 3 very peculiar requests to invalid host names. This file instructs Brave to add a custom HTTP header to certain partner requests, enabling Brave users to anonymously enjoy free access to things like premium content on, and more. This request returns 271 bytes of JSON that serves as a replacement for a unique user-agent string. Next up is a request for /promo/custom-headers. Brave will check later to ensure ongoing user privacy and security. All of those requests return with confirmations that these extensions do not need to be updated at this time. Once these have downloaded, Brave initiates the routine process of ensuring all extensions are up to date. The next 5 requests (to brave-core-ext.s3. and ) are the actual downloads taking place. Instead, Brave continues the practice of proxying all requests through the domain, shielding the user’s device from Google servers. All of the URLs provided come from Google, which Brave doesn’t call directly. The call to results in 1.8 KB of JSON informing Brave where the CRLSet can be downloaded. Instead of JSON instructions, the server uses HTTP headers to inform the browser that it should request the CRLSet (Certificate Revocation List) from. The first 4 requests result in about 465 bytes of JSON telling Brave where it can find the requested extensions, as well as how to test them for authenticity. Instead, they reply with further instructions. None of these requests actually return the extension itself. This information helps the server to know which variant of an extension is appropriate for your device. Each request contains 617 bytes of JSON data including your Operating System, and version of Brave. Each of these is requesting a different component of the browser. We start by seeing 5 requests to /extensions. Lynx was also tested, but predictably uneventful □ In the end, the primary browsers tested were Brave 0.68.132, Chrome. Initially I only tested a couple of browsers, but people soon began to request others. Today, I’d like to cover the results as a whole, as well as talk a bit about how you can do a similar review. I reviewed several web browsers’ network activity on their first-run, and shared some commentary and explanation for what was found via Twitter. I decided to explore this topic more thoroughly a couple of weeks ago. But what happens between the moment you open your browser, and when you finally have it configured and augmented to your liking? Revelations from a short, informal exercise Many users have developed something of a ritual of downloading their preferred browser, then beginning the sometimes arduous process of hunting through web stores for security and privacy extensions to enhance their experience. These aren’t always features offered by other browsers out of the box. It also prevents fingerprinting, auto-play of media, crypto-mining, and access to media input devices. By default, Brave blocks third-party trackers (and the ads that rely on them). What this post explores today is how browsers behave by default, on their first-run, with no preexisting user profile. All of this information is part of your Profile in the browser. Browsers also record and adhere to user configurations, such as blocking popup windows, preventing fingerprinting, or blocking trackers and privacy-invasive ads that depend on those trackers. It may even be storing (if you agreed) your passwords, payment details, and other highly sensitive bits of information. The browser already has your history, bookmarks, open tabs, and more. As such, we’re picking up where we left off. By and large, we’re usually re-launching a browser that we were using hours before. One of the first things most of us do when sitting down at our computer is launch a web browser. What does a browser do when you first launch it?
0 Comments
Leave a Reply. |