1/ We made a mistake, we're correcting: Brave default autocompletes verbatim "binance.us" in address bar to add an affiliate code. We are a Binance affiliate, we refer users via the opt-in trading widget on the new tab page, but autocomplete should not add any code.

5:00 PM · Jun 6, 2020

140
88
105
405
2/ Thanks to @airyorange, @j9roem, others for crucial feedback: (a) default autocomplete for a domain should not add anything; (b) redirect even if private client-side, apart from HTTPS Everywhere-type pure wins, has risk of conditioning users to be blind to bad server redirects.
9
6
0
75
3/ With Brave, we're trying to build a viable business that puts users first by aligning interests via private ads that pay user >= what we make on fixed fee schedule, no browser data in the clear on any of our servers, and so on. But we seek skin-in-game affiliate revenue too. +
5
3
1
65
4/ This includes bringing new users to Binance & other exchanges via opt-in trading widgets/other UX that preserves privacy prior to opt-in. It includes search revenue deals, as all major browsers do. When we do this well, it's a win for all parties. Our users want Brave to live.
5
6
5
55
5/ The autocomplete default was inspired by search query clientid attribution that all browsers do, but unlike keyword queries, a typed-in URL should go to the domain named, without any additions. Sorry for this mistake — we are clearly not perfect, but we correct course quickly.
11
5
3
98
P.S. I see mistaken belief that Brave rewrites links in pages. We have never & will not do any such thing. The autocomplete defaults we're removing provide completions to Brave's address bar type-in. No in-page link rewriting apart from standards compliance + HTTPS Everywhere.
5
5
4
59
FWIW there's a setting to disable the autocomplete defaults that add affiliate codes, in brave://settings first page. Current plan is to flip default to off as shown here. You can disable ahead of our release schedule if you want to. Good to hear from supporters who'll enable it.
12
8
1
44
Replying to @BrendanEich
👌
0
0
0
2
Replying to @BrendanEich
1
1
0
55
GIF
Now he needs to explain why BAT
1
0
0
12
Replying to @BrendanEich
I don't see a problem with letting them get some revenue
1
0
0
11
The issue is using methods that aren’t transparent to the user, are opt-out instead of opt-in by default, and “redirecting” a directly typed url to a reference link instead...which could mislead users to think urls should naturally change when typed directly, decreasing opsec
1
0
0
17