Brave’s Privacy Browser Exposed For Auto-Adding Affiliate Links to URLs In A Hidden Way

  • Brave Browser in the spotlight after a user noticed the privacy-focused browser adds its affiliate links in an autocomplete feature for a number of websites including Binance, Trezor, Coinbase, and Ledger.
  • The CEO of Brave, Brendan Eich, has since apologized and the autocomplete feature is now removed.

In a tweet sent out on Saturday, one user made public a “silent scheme” by Brave browser to redirect users to its Binance affiliate links, earning them commissions. The browser added the affiliate link “ref=35089877″ once you type Binance.us website, as an autocomplete feature.

Once the Binance affiliate link was publicized, the community looked through Brave’s open-source code to find more affected websites including Coinbase, Trezor, and Ledger hardware wallets.

As soon as the post went viral, Brendan came forward apologizing for “the mistake” and said the dev team was working to remove this. Eich tweeted a thread on the fiasco stating,

“We made a mistake, we’re correcting. […]We are a Binance affiliate, we refer users via the opt-in trading widget on the new tab page, but autocomplete should not add any code.”

According to Eich, the autocomplete default feature arose from the “search query client-id attribution” the same way as Google Chrome and other browsers do. But for Brave, they did have additions of the affiliate links, a move that Brendan promises will not occur any more on the privacy-focused browser. He added,

“Sorry for this mistake — we are clearly not perfect, but we correct course quickly.”

In Brave’s defense, Eich said the affiliate redirect link is the browser’s way of making a “viable business” by offering the user a privacy-focused and client ad-paying platform. He explained,

“What we make on a fixed fee schedule, no browser data in the clear on any of our servers, and so on. But we seek skin-in-game affiliate revenue too.”

However, it is important to note that the affiliate links did not expose any user data – the browser’s affiliate link is the only exposed information. While this is only a first for Brave, some sections of the community are condemning the move as a break of trust to its users.

Recently, it was reported that the Brave browser sees a total of 15 million monthly user visits and 5.3 million daily active users on the platform.

Read Original/a>
Author: Lujan Odera

Poloniex Exchange Users Urged to Reset Passwords After Email Data Leak on Twitter

The Poloniex crypto exchange is once again in the spotlight after the firm confirmed that the password and email data of their clients had indeed been leaked on Twitter. The exchange has since sent out an email to all its users warning of potential account hacking threats following this incident.

Given the sensitivity of the leaked data, Poloniex has opted to force all current traders to reset their passwords.  According to an email sent out on Dec 30, the U.S based digital currency exchange saw this as the best course of action to protect its users;

“While almost all of the [leaked] email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses that do have an account with us, including yours.”

As it stands, the damage caused by this leak has yet to be quantified in terms of any compromised accounts. It seems Poloniex might just be cautious and trying to avoid any real hacks. In addition, Poloniex is still uncertain as to how the passwords and email addresses were posted on Twitter.

The Poloniex customer support team has consequently found itself in a difficult situation as some users of the exchange did not take the warning email seriously. In fact, one user took to Twitter claiming that the email was a scam claiming there wasn’t a need for any actions. This comment was quickly addressed by the Poloniex team who emphasized that the email sent out is real and urged the client to reset their password.

Poloniex and Tron 2019 Highlight

This recent threat to the Poloniex exchange is a big deal and could affect the platform’s volume. The firm has made considerable milestones over the course of 2019. Circle let go of the platform and informed US customers to remove funds by Dec 15th. Tron’s founder, Justin Sun became an “investor” and then the exchange has taken a heavy affiliation with TRX products.

Poloniex moved to acquire the TRXMarket as part of an expansion strategy of its line of products. The exchange went on to further add a super representative from the TRON team. Analysts within the industry speculate that their spin-off from Circle and integration with TRX is a step in the right direction for capital growth.

Read Original/a>
Author: Lujan Odera