Online privacy is an aspect almost every internet user has to consider, especially at a time when malicious actors (and even some governments) may not be fully aligned with that idea. This is why manyrely on VPNsto mask their online activity and keep the prying eyes away. While some free-to-use VPNs are notorious for sharing data with third parties, other, more reputable services that charge a subscription fee generally have a more robust infrastructure in place to prevent such practices. Makers of the privacy-orientedBrave Browserprovide a VPN service of their own for $9.99/month. The team has now acknowledged its controversial decision to bundle a couple of VPN services with the Windows app, even if the users didn’t ask for it.
Following GHacks' reporting, Brave’s VP of Engineering, Brian Clifton, acknowledged the issue onGitHubwith a thread titledWindows should not install VPN services until VPN is purchased/enabled. Here, Clifton claims that the browser started bundling the Brave Vpn Wireguard Service fromversion 1.57.47onwards, though only for users with admin privileges. Meanwhile, the other service — Brave Vpn Service — supposedly has been around for a few months.
It’s worth pointing out that despite being bundled with new installs, these two services are set to Manual and Manual (Trigger Start), respectively. Furthermore, these services will only launch if the user has purchased a Brave VPN subscription. To check if these add-on services are installed on your machine right now, just open Services via the Run box (Windows+R), typeservices.msc, and press Enter. The two services mentioned above should appear from the list here if you’ve recently installed or updated Brave Browser on your Windows computer.
Thankfully, there’s an easy way to get rid of these services. You can either set these services from Manual to Disabled, as GHacks points out, or simply delete them from the list. The latter option, however, doesn’t fully eradicate the issue, as the two services could pop up again in a future update. So the fix will certainly have to come from the developers, with Clifton saying that the team will remove service registrations during installation for both VPN services in the future.
The folks at Brave Browser aren’t new to controversies.Back in June 2020, an eagle-eyed user pointed out that the browser would autofill URLs to crypto wallet sites Binance, Coinbase, Ledger, and Trezor with Brave’s own affiliate links, thus earning a cut for new registrations made using the URL. However, the backlash that followed eventually led to the company pulling back from this scheme.
