Brave AND uBlock Origin?

I really cannot trust brave, because it doesn’t appear in their best (business) interests to block all data hungry services

We don’t have to dig deep: by default, the toggle to “”“allow Facebook (and Twitter!) embedded posts” is ON ;(

And I believe in the past there were some shenanigans with them not properly filtering out facebook/linked in and whatnot

But at the same time, I’ve heard often it’s for some reason not recommended to mix brave shield and ublock origin. why, and what are the potential downsides?

There is no technical reason, just that every extension installed is an additional security/privacy risk.

I’ve been using Brave Desktop (trackers and ads blocking: disabled) with uBO for several years now, works perfectly.

Quite the contrary. Brave’s business model is exactly why they block data hungry services. Their revenue comes from their own privacy respecting ad network. Besides, they have multiple revenue streams as well.

As for the social media stuff, that’s just a UX compromise. If average users install a browser and every embedded tweet or facebook comment section is a blank white square, they’ll uninstall it thinking the browser is broken. It’s easily toggleable for power users who want strict privacy.

As for mixing brave shields and uBlock Origin, you definitely shouldn’t do that. Both use the exact same filter lists (easyList, etc.). Running both causes race conditions where they fight to block or redirect the same network requests, leading to broken websites, wasted ram, and slower page loads. Just use brave shields, it literally uses the same filters as uBo.

Brave’s built in ad blocker is written in Rust directly into the browser. Shields is completely immune mv3 restrictions. Which, by the way, I know the brave team is still keeping up the reanimated corpse of mv2 for as long as they can, but it’s time to move on as it’s becoming a security risk.

Shields is so efficient that a major gecko browser, (Waterfox) have recently announced that they’re going to be using Braves ad blocking engine.

I’m happily going to switch the instant they add dynamic filtering but that’s likely not going to happen.

AFAIK Chrome still hasn’t removed MV2 support from their codebase, and you can still use it with a terminal flag. So it is still somewhat maintaned.

Right now I think that’s just coasting on the enterprise loophole, which they were supposed to shut down around late 2025 to early 2026. It takes a while to totally rip out foundational architecture, plus, some downstream legacy browsers will still have those remnants hanging around longer.

But it isn’t actually being maintained in any real capacity, it’s completely abandoned. A bit like a developer dropping an app on a store and ignoring it for three years with zero plans to update it. You can still access it for the time being, but nobody is steering the ship. And after the news about Mythos just dropped, if people weren’t freaking about about the security risk of chromium MV2 before, they should be now.

I am pretty sure that legally it doesn’t matter. If there is a vulnerability, they would still have to fix it.

Also Chronos doesn’t change anything. Existing extensions will not be more or less secure, and new extensions like always can be fishy. In fact, it will make anyone able to analyse an extension for vulnerability scanning.