TLDR: Brave sends referral header for crypto websites, they introduced Tor browsing inside the browser but that header was still being sent inside a Tor session along with the file created in config that keeps track of it. He reported, was assigned a CVE and brave fixed it.

Write up by the person who reported it https://community.disclose.io/t/how-i-found-a-tor-vulnerability-in-brave-browser-reported-it-watched-it-get-patched-got-a-cve-cve-2020-8276-and-a-small-bounty-all-in-one-working-day/65

(I don’t think Tor on Brave is ready it’s best to not use that feature at the moment; since they have a number of issues in GitHub to improve anonymity and stop leakage etc.)

  • throwaway284921384
    link
    fedilink
    arrow-up
    1
    ·
    4 years ago

    I don’t really like Brave’s business model of replacing ads with ‘ethical ads’. it seems a little shady to me. Yes its there choice but its still shady in my opinion