默认启用媒体路由器会削弱Brave的隐私声明。
所以,Brave 现在在桌面端默认启用投屏功能——而且是在没有明确通知或用户同意的情况下进行更新?这是什么新情况?
一个以隐私为首要卖点的浏览器不应该默认开启网络发现功能,就像这是一个微不足道的设置一样。如果 Brave 团队的运营目标是扩大浏览器的攻击面(比现在更大),那么他们已经迈出了坚实的一步。强迫用户手动选择退出媒体路由器以保护他们的系统和数据,直接违背了“隐私默认”的原则。这正是许多用户离开 Chrome 的原因。
媒体路由器并不是一个无害的便利开关。在其背后,它依赖于本地网络上的自动设备发现协议,如 SSDP 和 UPnP。这意味着浏览器正在积极参与多播发现流量,并探测广告投屏端点的设备。默认启用这种行为改变了浏览器的网络足迹,并引入了额外的代码路径和交互,这些在其他情况下是不存在的。
任何执行自动设备发现的功能都应被视为安全敏感的能力。SSDP 在配置不当的环境中有着被滥用的悠久历史,而扩大浏览器在该生态系统中的参与将增加潜在的攻击面。至少,这会放大可观察的网络活动,并暴露出可能被本地网络上的设备触发的额外逻辑。
在用户不知情或没有解释的情况下静默开启这一功能,正是对负责任的安全设计的反面。用户没有被警告,没有被询问,也没有获得关于该功能的作用或使用的协议的任何透明信息。这并不是“隐私默认”的样子。
如果 Brave 希望其隐私声明保持可信,这种情况必须改变。显然,当涉及便利功能时,Brave 的隐私品牌是可以妥协的。在后台静默启用网络发现功能,正是 Brave 声称反对的那种做法。
查看原文
So, Brave now enables Casting by default on desktop — and does so silently, without explicit notification or consent after an update? What fresh hell is this?<p>A browser that markets itself as privacy‑first should not be turning on a network discovery feature by default as if it were a trivial setting. If the Brave team’s operational goal is to expand the browser’s attack surface (more than they already have) they’ve made a strong start. Forcing users to manually opt out of Media Router to protect their systems and data directly contradicts the principle of “privacy by default.” This is exactly the kind of behavior many users left Chrome to avoid.<p>Media Router is not a harmless convenience toggle. Under the hood, it relies on automatic device discovery protocols such as SSDP and UPnP on the local network. That means the browser is actively participating in multicast discovery traffic and probing for devices that advertise casting endpoints. Enabling this behavior by default alters the browser’s network footprint and introduces additional code paths and interactions that would otherwise not exist.<p>Any feature that performs automated device discovery should be treated as a security‑sensitive capability. SSDP has a long history of being abused in poorly configured environments, and expanding the browser’s participation in that ecosystem increases the potential attack surface. At a minimum, it amplifies observable network activity and exposes extra logic that can be triggered by devices on the local network.<p>Quietly turning this on without user knowledge or explanation is the opposite of responsible security design. Users were not warned, not asked, and not given any transparency about what the feature does or which protocols it uses. That is not what “privacy by default” looks like.<p>If Brave wants its privacy claims to remain credible, this needs to change. Apparently Brave’s privacy branding is negotiable when convenience features are involved. Quietly enabling network discovery features in the background is exactly the sort of practice Brave claims to stand against.