Privacy

31238 readers

1475 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

313

Brave appears to install VPN Services without user consent (www.ghacks.net)

submitted 11 months ago by GlitzyArmrest@lemmy.world to c/privacy@lemmy.ml

79 comments fedilink hide all child comments

If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

Brave Firewall + VPN is an extra service that Brave users may subscribe to for a monthly fee. Launched in mid-2022, it is a cooperation between Brave Software, maker of Brave Browser, and Guardian, the company that operates the VPN and the firewall solution. The firewall and VPN solution is available for $9.99 per month.

you are viewing a single comment's thread
view the rest of the comments

[–] hottari@lemmy.ml 0 points 11 months ago (1 children)

This is actually very close (just tested and confirmed it). I somehow stand corrected about requiring manual enablement but this is just using the package manager to do the dirty work for you.

However the program itself cannot write into those directories without root permissions. You still have to allow your package manager to do this with root permissions as mentioned.

[–] GlitzyArmrest@lemmy.world 2 points 11 months ago (1 children)

Installing as user does not require root, to be clear. You can use systemd without root by specifying user.

[–] hottari@lemmy.ml -1 points 11 months ago* (last edited 11 months ago) (1 children)

Installing a package requires root which will automatically give the package manager permission to write anywhere on the system. To create a systemd service in user that will automatically start at boot requires root, someguy here commented with the how.

However you can run any installed binary via Desktop files as a user (no root) on login by writing to ~/.config/autostart.

[–] GlitzyArmrest@lemmy.world 2 points 11 months ago* (last edited 11 months ago) (1 children)

My comment wasn't about installing the package. You seemed to think that systemd required root, which it does not. Further, you can have systemd user processes start at boot. I do this exact thing with Duplicacy, no root required.

[–] hottari@lemmy.ml -1 points 11 months ago (1 children)

The entire premise is for a package/manager to create a running/permanent service that will be started after boot AND does not require user intervention (for the avoidance of doubt, enabling the systemd service counts as intervention).

One way to do this is to create the service file and do the symlink to a folder that systemd automatically runs on boot. For both user and system systemd files you require root to make these modifications.

Another way is to create a Desktop file in the path I shared.

If you have more ways I'd be happy to hear them.

[–] GlitzyArmrest@lemmy.world 1 points 11 months ago (1 children)

Again, it's not true, so you don't need to keep acting like it's the case. You do not need root to create systemd entries for a single user. Systemd is pretty much just symlinks all the way down. You can test this yourself, so I don't know why you're saying it's not possible when me and many others in this thread have told you that you were incorrect in the first place.

[–] hottari@lemmy.ml 1 points 11 months ago* (last edited 11 months ago) (1 children)

I was correct you need root to create systemd-wide systemd service that will run on boot , user systemd files can't. What they can do, is run after login. Which has more or less the same effect for a single-user setup. And I did admit I was partially wrong.

[–] GlitzyArmrest@lemmy.world 1 points 11 months ago* (last edited 11 months ago) (1 children)

This was never about runlevel 0 or 1 programs. This was always about whether or not a user can use systemd without root. Why would Brave need to start a VPN service at an init runlevel (before most networking services)? It would make more sense to start at login.

[–] hottari@lemmy.ml 1 points 11 months ago (1 children)

You entirely misunderstood my argument(s). The title says "Brave appears to install VPN Services without user consent". My comment was an exploration of this using Linux's tools (systemctl). But nevertheless, creating a VPN network requires elevated permissions.

[–] GlitzyArmrest@lemmy.world 1 points 11 months ago* (last edited 11 months ago)

Then why did you say "you don't know what you're talking about" and are just now bringing up systemctl? Moving goalposts maybe?