Connect with us

Biz & IT

Brave launches version 1.0 of its privacy-focused browser

Published

on

Brave, the company co-founded by ex-Mozilla CEO Brendan Eich after his ouster from the organization in 2014, today launched version 1.0 of its browser for Windows, macOS, Linux, Android and iOS. In a browser market where users are spoiled for choice, Brave is positioning itself as a fast option that preserves users’ privacy with strong default settings, as well as a crypto currency-centric private ads and payment platform that allows users to reward content creators.

As the company announced last month, it now has about 8 million daily users. Its Brave Rewards program, which requires opt-in from users and publishers, currently has about 300,000 publishers on board. Most of these are users with small followings on YouTube and Twitter, but large publishers like Wikipedia, The Washington Post, The Guardian, Slate and the LA Times are also part of the ecosystem. Using this system, which not every publisher is going to like, the browser replaces the ads on a publisher’s site with its own, based on the user’s browsing habits. Users then receive 70 percent of what the advertisers spend on ads, while Brave keeps 30 percent.

As users view these ads, they start earning Basic Attention Tokens (BAT), Brave’s cryptocurrency, which they can keep or give to publishers. In its early days, Brave actually started with Bitcoin as the currency for this, but as Eich noted, that quickly became too expensive (and since the price was going up, users wanted to hold on to the Bitcoin instead of donating it).

Brave also comes with a built-in ad blocker that is probably among the most effective in the industry, as well as extensive anti-tracking features. “Everybody’s bothered by the sense of being tracked and bothered by bad ads,” Eich told me. “But I think ad aesthetics are not the problem. It’s the tracking and the cost of tracking which is multifarious. There’s page load time, running the radio to load the tracking scripts that load the other scripts that load the scripts that load the ads, that drains your battery, too.” Eich argues that with Brave, the team found a way to tie this all together with anti-tracking technology and an approach to ad blocking that goes beyond the industry-standard blocklists and also uses machine learning to identify additional rules for blocking.

For those users that really want to be anonymous on the web, Brave also features a private browsing mode, just like every other browser, but with the added twist that you can also open a private session through the Tor network, which will make it very hard for most companies to identify you.

At its core, Brave is simply a fast, extensible Chromium-based browser. That’s also what the company believes will sell it to users. “The way you get users, […] I think speed is the first one that works across the largest number of users. But you can’t just leave it at speed. You want to have all your benefits tied up in a pretty knot and that’s what we have done,” he said. For Brave, speed and ad/tracking protection are obviously interconnected, and all the other benefits accrue from that.

Looking beyond version 1.0, the Brave team plans to implement better sync, with support for tab and history syncing, for example. Brave also aims to make participating in Brave Rewards an experience with much lower friction for the user. In the early days, before it was on Android, the opt-in rate was around 40 percent, Eich told me, and the team wants to get it back to that.

If you want to give Brave a try, you can download it here.

Source link



Source link

Continue Reading

Biz & IT

Debit card fraud leaves Ally Bank customers, small stores reeling

Published

on

Enlarge / Ally debit card owners are reporting fraudulent charges at a steady cadence over the past week.

Getty Images

Ben Langhofer, a financial planner and single father of three in Wichita, Kansas, decided to start a side business. He had made a handbook for his family, laying out core values, a mission statement, and a constitution. He wanted to help other families put their beliefs into a real book, one they could hold and display.

So Langhofer hired web developers about two years ago and set up a website, customer relationship management system, and payment processing. On Father’s Day, he launched MyFamilyHandbook.com. He’s had some modest success and has spoken with larger groups about bulk orders, but business has been mostly quiet so far.

That’s how Langhofer knew something was wrong on Friday, August 11, when a woman from California called about a fraudulent charge. He checked his merchant account and saw nearly 800 transactions.

One of thousands of charges sent out from Langhofer's site earlier this week, as seen from a customer's Ally Bank app.
Enlarge / One of thousands of charges sent out from Langhofer’s site earlier this week, as seen from a customer’s Ally Bank app.

“My heart, it sunk,” Langhofer told Ars on Thursday. He immediately contacted his payment vendor Stripe, who he said told him about card testing—a scheme in which online card thieves use tiny charges from an account to test for valid cards. Stripe said it would issue a bulk refund, Langhofer said. Knowing his payment processor was aware of the issue, he went about his weekend.

Langhofer awoke early Monday morning to a flurry of missed calls.

He said his site had attempted nearly 11,000 more transactions, each for $1, most of them initiated by email addresses minutely different from one another. Many of them involved Ally Bank cards, Langhofer said. He’d only ever had two phone calls to the forwarded number listed in his online store, but now his phone wouldn’t stop ringing.

“My dad always taught me to have a good name, so this hurts,” he said. “I don’t have a big staff, but I have a great name in Wichita, in this state. Now my business is tied up in this, and I have no idea what’s next.” In text messages before an Ars Technica interview, Langhofer said the ordeal “consumed my entire week and caused more panic than I recall having in a long time.”

For sale: debit cards, barely used

Langhofer’s business appears to be a victim in a chain of fraud that has affected thousands of debit card customers over the past week. Most prominent among them are Ally Bank customers, who have been tweeting and posting in the r/AllyBank subreddit about charges on cards, some they’ve never activated or used. They’ve reported (and Ars Technica has seen) phone support wait times of up to an hour or more.

There’s an overwhelming sentiment that something is happening, but the major parties have yet to confirm anything.

Screenshot of r/AllyBank the morning of Friday, August 19.
Enlarge / Screenshot of r/AllyBank the morning of Friday, August 19.

Ars Technica has reached out to Ally Bank numerous times, by phone and email, for comment on this story. We’ve also contacted Shopify. We will update this post if we hear back.

Two of those wondering what’s happening are Stephen Fuchs and Curt Grimes, a Chicago-area couple who spoke with Ars Technica and shared their documentation. They opened their joint Ally checking account in March 2022. Both had debit cards tied to it, each with different numbers. Fuchs never activated his card. Up until last week, Grimes had only used his card once, to send about $5 to someone via Apple Cash.

On August 10, a charge for $15 from a quirky software site appeared on one of their cards, but it went unnoticed. On Friday, August 12, Grimes received an SMS fraud alert from Ally, alerting him to charges from two different Shopify stores for nearly $200. Grimes flagged the charges as fraudulent, and Ally (and Apple Pay) reported that the card was suspended. After spending almost an hour waiting on the phone for Ally on Saturday, August 13, Grimes disputed the earlier $15 charge and saw in his Ally app that a new card, with a new number, was on its way.

Continue Reading

Biz & IT

Netflix’s ad-supported plan likely to have another drawback: No video downloads

Published

on

Getty Images | Bloomberg

The presence of advertisements apparently won’t be the only major difference between Netflix’s ad-supported and ad-free plans. Text reportedly found in the code of Netflix’s iPhone app suggests the ad-supported plan won’t let users download movies and shows for offline viewing.

The text says, “Downloads available on all plans except Netflix with ads,” according to a Bloomberg report yesterday. The text was discovered by iOS developer Steve Moser, who wrote about it on his blog. Unsurprisingly, the Netflix app “code also suggests that users won’t be able to skip ads—a common move in the streaming world—and playback controls won’t be available during ad breaks,” Bloomberg wrote.

Netflix has been offering video downloads in its apps since late 2016. A Netflix spokesperson told Ars, “We are still in the early days of deciding how to launch a lower-priced, ad-supported tier and no decisions have been made. So this is all just speculation at this point.”

Moser’s blog post said he also found Netflix app text from a setup process for new subscribers who select the ad-supported plan. The text refers to the use of personalized ads. “Now, let’s set up your ad experience. We just need a few details to make sure you get the most relevant ads on Netflix. It’ll be really quick, we promise!” the text says.

Hulu similarly makes downloads available only to users on its no-ads plans. HBO Max also requires an ad-free plan for downloads.

Ad tier planned for early 2023

After years of resisting ads, Netflix Co-CEO Reed Hastings announced in April that the streaming service will offer an ad-supported tier. Netflix says it plans to launch the ad-supported tier in early 2023.

Netflix prices in the US range from $9.99 for “Basic” to $19.99 a month for “Premium.” Netflix says the “lower priced ad-supported subscription plan” will be offered “in addition to our existing ads-free basic, standard, and premium plans.”

Netflix hasn’t said what the ad-supported plan will cost or whether it will have other limits like the ones in Netflix’s cheapest current plan. The Basic plan, which is currently the cheapest option, does not provide high-definition video and has two other notable limits: Basic users can’t watch on more than one screen at a time, and they can only download videos on one phone or tablet.

The $15.49-per-month Standard plan allows HD video and lets subscribers watch on two screens simultaneously and download videos on two devices. The $19.99 Premium plan allows 4K viewing, the ability to watch on four screens simultaneously, and downloads on up to four devices.

Netflix losing subscribers

Netflix is also cracking down on account-sharing by testing an “extra member” fee in some countries and an “extra home” fee in others. A Netflix letter to shareholders said the company aims to complete a broader rollout of sharing fees next year.

Netflix last month reported a loss of 970,000 paid streaming subscribers in Q2 earnings after having lost 200,000 customers in the first quarter of 2022. Worldwide paid memberships decreased from 221.64 million to 220.67 million in Q2, and revenue growth has slowed dramatically.

Netflix says the ad-supported tier is key to improving revenue and profits. “While it will take some time to grow our member base for the ad tier and the associated ad revenues, over the long run, we think advertising can enable substantial incremental membership (through lower prices) and profit growth (through ad revenues),” Netflix’s quarterly letter to shareholders said.

Netflix hired Microsoft to provide advertising technology, saying that “Microsoft offered the flexibility to innovate over time on both the technology and sales side, as well as strong privacy protections for our members.”

Continue Reading

Biz & IT

Zoom patches critical vulnerability again after prior fix was bypassed

Published

on

Enlarge / A critical vulnerability in Zoom for MacOS, patched once last weekend, could still be bypassed as of Wednesday. Users should update again.

Getty Images

It’s time for Zoom users on Mac to update—again.

After Zoom patched a vulnerability in its Mac auto-update utility that could give malicious actors root access earlier this week, the video conferencing software company issued another patch Wednesday, noting that the prior fix could be bypassed.

Zoom users on macOS should download and run version 5.11.6 (9890), released August 17. You can also check Zoom’s menu bar for updates. Waiting for an automatic update could leave you waiting days while this exploit is publicly known.

Zoom’s incomplete fix was reported by macOS security researcher Csaba Fitzl, aka theevilbit of Offensive Security. Zoom credited Fitzl in its security bulletin (ZSB-22019) and issued a patch the day before Fitzl tweeted about it.

Neither Fitzl nor Zoom detailed how Fitzl was able to bypass the fix for the vulnerability first discovered by Patrick Wardle, founder of the Objective-See Foundation. Wardle spoke at Def Con last week about how Zoom’s auto-update utility held onto its privileged status to install Zoom packages but could be tricked into verifying other packages. That meant malicious actors could use it to downgrade Zoom for better exploit access or even to gain root access to the system.

Continue Reading

Trending