'Ars Technica: Brave Software, maker of the Brave Web browser, is introducing a news reader that's designed to protect user privacy by preventing parties -- both internal and third party -- from tracking the sites, articles, and story topics people view. Brave Today, as the service is called, is using technology that the company says sets it apart from news services offered by Google and Facebook. It's designed to deliver personalized news feeds in a way that leaves no trail for Brave, ISPs, and third parties to track. The new service is part of Brave's strategy of differentiating its browser as more privacy-friendly than its competitors'. Key to Brave Today is a new content delivery network the company is unveiling. Typically, news services use a single CDN to cache content and then serve it to users. This allows the CDN or the service using it to see both the IP address and news feed of each user, and over time, that data can help services build detailed profiles of a person's interests. The Brave Today CDN takes a different approach. It's designed in a way that separates a user's IP address from the content they request. One entity offers a load-balancing service that receives TLS-encrypted traffic from the user. The load balancer then passes the traffic on to the CDN that processes the request. The load balancer knows the user's IP address but, because the request is encrypted, has no visibility into the content the user is seeking. The CDN, meanwhile, sees only the request but has no way of knowing the IP address that's making it. Responses are delivered in reverse order. To prevent the data from being combined, Brave says that it will use one provider for load balancing and a different one for content delivery. To prevent the load-balancing provider from using the size of the requests and responses to infer the contents of the encrypted data, the service will also use a technique called padding, which adds characters to the plaintext before it's encrypted. The CDN uses several other techniques to preserve the anonymity of users. Among them: stripping out various headers that could be used to identify the person making the request. Furthermore, Brave is also taking steps to shield user information from its own employees. "... [T]he company has configured its account with the load-balancing provider to restrict access to its logging resources," reports Ars. "The load-balancing provider also doesn't provide the ability for customers to use the proxy protocol to inject the requester's IP address into outgoing requests. In case that changes, however, Brave has also entered into a contract with the load balancer that restricts access to logs or use of the protocol, even if Brave asks."' -- source: https://yro.slashdot.org/story/20/12/10/2151244 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 577-5304 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/