At Brave Software, we love browsers. We love using them and we love coding them. As the user interface to the Web, we know how important browsers are to the Internet. And – if you've been following the story of Brave Software – you know that we are very concerned about anonymity, privacy and security. In particular, ad tracking and malvertising have become modern day threats. Even if some people don't care about being tracked, they do care about malware being delivered to their computer or mobile device via an ad. Furthermore, the entire ad network infrastructure constitutes an attack upon low latency and efficient use of network resources: numerous redirects increase network traffic and make it difficult for the browser to render pages quickly and efficiently, particularly on mobile devices.
In two previous posts, we've discussed a better way to do ads: ads that are anonymous and private, ads that do not involve tracking. We know and respect that content on the Internet is largely advertiser supported, so our goal is not to remove advertising, but to put you back in control. Our architecture to do just that is – no surprise – an inversion of the traditional browser advertisement model. The traditional model treats the browser as a "silent partner". You are tracked by multiple third parties as you browse across different sites. Those parties build sophisticated (yet annoyingly incomplete) profiles in private clouds, and then some party (often distinct from the tracker) serves ads based on those profiles.
Our model is different: we call it the anti-cloud. We're not against cloud computing per se (of course!). However, we are very concerned about what and how much of our users’ data goes into the cloud and what the cloud does with that information. So, in Brave's anti-cloud model, all of your detailed information is kept only in the browser. Full stop, end of discussion. Our roadmap includes encrypting and backing up this information across your devices, but our servers will not see your data in the clear.
When non-intrusive ad slots are detected, the Brave Browser contacts the Brave Ad Network and requests ads to fill those slots. The Brave Browser maps browsing history to a fixed set of general "interest" categories. A subset of those categories are combined with categories based on the context of the current page and possibly some "decoy" categories. No other information is disclosed and no unique or persistent identifiers are used. The Brave Browser then selects appropriate ads to display from the list returned by the Brave Ad Network and either ignores the remainder or caches them for later use.
In order to provide aggregated reporting to our partners, Brave Software will operate services in the cloud, but these services are being designed, first and foremost, with anonymity, privacy, and security in mind. As we design these anonymous services, we will blog about them before we implement them, to gather review from interested experts around the world.
Today we are discussing the Brave Ledger, a Bitcoin-based micropayments system for users and publishers. As part of our open source approach, we are sharing the specification with developers for comment and discussion. The code is currently being written, and we expect to revise the code based on feedback. At present, we are planning on having everything running (and released as open source) in our 1.0 Development release later in May.
Let's start with the basics. The Brave Browser operates in either ad-replacement or ad-freemode.
Each mode has a different economic model and some bells and whistles:
Although we talk about being in either ad-free or ad-replacement mode, that's a bit of a simplification: the preferences panel will also let you designate certain sites as being ad-free and everything else as ad-replacement. Indeed as noted above and in that previous post, you can be “ad-free for free” – while we think that content should be paid for, we also realize that not everyone shares this view (although we do think that our view is the majority opinion).
At this point, you're probably wondering how the anonymous-but-accountable part actually works. You'll have to read the specification for all the details! But here's the thumbnail: the Brave Ledger uses Anonize, which enables the Brave Browser and Ledger to agree on authentic user behavior without linking that behavior to users, browsers, or wallets, through the "magic" of Zero Knowledge Proofs!