Francois Marier
Francois Marier
Ok, so it sounds like there are a few cases where the warning pops up before of insecure websites, but mostly it's local network services that's the problem. It's indeed...
@pmorange Presumably your NAS is using an IP address like `192.168.x.x` or `10.x.x.x`?
> as I said a user shouldn't have to search github and apply workarounds himself just to download a file from his LAN Agreed. The trick is to figure out...
> What is your opinion on this topic as Security engineer at Brave? It would be a great feature to have. It's not a quick one however because there are...
> How does Brave provide encryption at rest for the userdata? That does depend on what you mean by "rest". It's a little bit like data is encrypted at rest...
cc @aguscruiz and @rmcfadden3 who are working on revising the private/tor window newtab page
@rmcfadden3 If you have two private windows open and you're logged into a Facebook account for example, then the login cookies won't be cleared from memory until all private windows...
Upstream appears to be preparing to roll this out to Android: https://chromium.googlesource.com/chromium/src/+/f12eac9342eb88971851d46e31c97af8c2c27%5E%21/
This is now working in Brave for Android and so we should enable too. This was done on desktop in https://github.com/brave/brave-core/pull/8750.
It's probably just a matter of removing the check for Android here: https://github.com/brave/brave-core/blob/44a98b1a20d935db5eab9899361871740695d29b/chromium_src/net/http/transport_security_state.cc#L17-L25 and then testing it like this: 1. Going through the test plan at https://github.com/brave/brave-core/pull/22540 2. Opening https://pinning-test.badssl.com/...