You provide (partially) outdated information here:
> rewards.brave.com, api.rewards.brave.com, grant.rewards.brave.com
That is no longer the case. There was an issue in the early phase of the implementation of Brave Rewards where the internal Brave Rewards extension was running even when the feature was turned off, though no ads were displayed. Brave has since fixed this bug and those connections are no longer being established by default.
Yeah, that’s the telemetry domain. Telemetry can be turned off under brave://settings/privacy
> Brave today? thats like FF pocket, is that opt in by default? or is it opt out?
Opt-out, I think. Not a privacy issue.
OK, so Brave downloads a non-personalized list of ads (ads = consisting of a text and a hyperlink in Brave’s case) even if the Brave Rewards feature is turned off. While not fantastic, it is again, not a privacy issue, and I assume that they do it so that Brave Rewards is immediately ready in case it is getting turned on spontaneously.
However, lack of privacy implications aside, I’d be inclined to agree that this should only happen when Brave Rewards is enabled.
This is being used to fetch necessary plugin information, and as you can tell by the name of the connection already, they proxy this request to Google, so that Google never gets in direct contact with you.
> Brave is not perfect, brave tells you the telemetry reveals no personal user information, but FF says the same.
Yeah, except that Brave’s telemetry 1) can actually be turned off right in the settings menu (so no hidden about:config settings or out-of-browser telemetry here), 2) it is limited to the browser and does not install system level tasks, 3) is actually being processed by Brave Software, while Mozilla relies on third parties like Google Analytics, 4) is actually limited to what features you use, e.g. it doesn’t collect your default browser which is none of its business if it isn’t Brave (by contrast, Firefox collects the default browser no matter what).
Apples and oranges, I believe. Yes, it’s telemetry in both cases, but I think you fail to account for things like how easy it is for users to disable it or the general invasiveness of the telemetry.
> Can that telemetry be turned off in the Brave browser gui so that brave makes no connections?
Yes, under brave://settings/privacy …
I guess you mean the “telemetry” connection here, not “all” connections. If you don’t trust connections at all (not even the necessary ones Brave establishes for good reason), then feel free to run Ungoogled Chromium which is being crippled in order to avoid any connection (so no easy application updates, no extension updates by default, no cert revocation(!) etc.)… Don’t know if that’s better, the answer for me would be “No.”…
> just curious, have you configured it to make no connections anywhere on first run just by using the basic browser gui?
You can first run the Brave with related startup flags, just like you can insert a user.js file before first starting up Firefox. Whether or not that is necessary is up to the user, I think it is more important to stop the CONTINUED transmission of RELEVANT data.
By the way, here is a list of connections Brave currently establishes (article contains Firefox’s connections as well), if you are interested: