JSJ 437: Inside the Brave Browser with Jonathan Sampson
Jonathan Sampson hops into the Jabber session to talk about the Brave Browser. He and the panel wander through the topics of privacy, browser design, and features.
Special Guests:
Jonathan Sampson
Show Notes
Jonathan Sampson hops into the Jabber session to talk about the Brave Browser. He and the panel wander through the topics of privacy, browser design, and features.
Panel
- AJ O’Neal
- Aimee Knight
- Charles Max Wood
- Steve Edwards
- Dan Shappir
Guest
- Jonathan Sampson
"The MaxCoders Guide to Finding Your Dream Developer Job" by Charles Max Wood is now available on Amazon. Get Your Copy Today!
Picks
Jonathan Sampson:
- Follow Jonathan Sampson on Twitter > @BraveSampson, @jonathansampson
- Office Ladies
- JavaScript: The First 20 Years
- The Office: The Untold Story of the Greatest Sitcom of the 2000s
AJ O’Neal:
Aimee Knight:
Charles Max Wood:
Steve Edwards:
Dan Shappir:
Follow JavaScript Jabber on Twitter > @JSJabber
Special Guest: Jonathan Sampson.
Transcript
CHARLES MAX_WOOD: Hey everybody and welcome to another episode of JavaScript Jabber. This week on our panel we have Dan Shapir.
DAN_SHAPPIR: Hey from Tel Aviv where it's a constant 100 degrees Fahrenheit all day every day.
CHARLES MAX_WOOD: Steve Edwards.
STEVE_EDWARDS: Hello from Portland.
CHARLES MAX_WOOD: AJ O'Neil.
AJ_O’NEAL: Yo, yo, yo, coming in July from Utah where it's approaching Tel Aviv.
CHARLES MAX_WOOD: Amy Knight.
AIMEE_KNIGHT: Hey, hey from Nashville. Still pretty nice here. It's like 65. Perfect for me.
CHARLES MAX_WOOD: Nice. I'm Charles Maxwood from DevChat.TV. This week we're talking to Jonathan Sampson. Jonathan, do you want to introduce yourself? Where do you go by Samson?
JONATHAN_SAMPSON: Samson, there's a lot of Johns in the world, so I've just kind of grown up going by Samson, but either way is fine. Yeah, I work in developer relations at Brave Software, before that at Microsoft in the last 24 years, almost now doing web development.
CHARLES MAX_WOOD: Awesome.
Hey folks, are you trying to figure out how to stay current with React Native? Maybe you heard the Chain React conference was canceled and you're a little bit sad about that. Well, I borrowed their dates and I'm doing an online conference. So if you want to come and learn from the best of the best from React Native, then come do it. We have people like Christopher Chedot from Facebook. He's gonna come and he's gonna talk to us and answer questions about the origins of React Native. We're also going to have Gantt Laborde from Infinite Red and several of the panelists and past panelists from React Native Radio. So come check it out at reactnativeremoteconf.com. That's reactnativeremoteconf.com.
CHARLES MAX_WOOD: We brought you on today to talk about Brave and browsers in general. Do you want to just give the elevator pitch for Brave?
JONATHAN_SAMPSON: Yeah. Oh my goodness. How long is the elevator ride? So Brave is honestly one of the coolest projects I've ever worked on. Before this, I was working on web browsers as well. But one of the neat things about Brave is that it's approaching a different perspective towards making the web a better place. For the last 25 years or so, the last quarter of a century, we've had this growing industry of ads and these ads that are kind of co-opted by trackers. And of course they're harvesting information on users' devices, you know, taking information from our browsing sessions, auctioning us off and sub-100 millisecond auctions to the highest bidder. And a lot of this stuff has just gone unchecked for the majority of this history. And so in 2015, Brendan Eich, the creator of JavaScript, who's I think been on the show a few times, co-founder of Mozilla, he decided that this is maybe a problem that needs to be approached and fixed once and for all. He's taken a multi-pronged solution to this. One is making the web a safer place by blocking these trackers, making it a more equitable place by giving users the ability to earn rewards for their attention anonymously. And of course, kind of closing that loop and tying those rewards back into the creator so that we can continue to sustain the web as we've come to know it and love free content, content that is giving us a reason to keep coming back day in day. And that's what Brave aims to do.
DAN_SHAPPIR: And Brave is built based on the Chromium project, correct?
JONATHAN_SAMPSON: It is so when we first launched we built on the electron project, which itself kind of proxies blink and V8. However, electron was built more for desktop applications, and we built a web browser on it, and that was great. It was kind of low friction, the path of least resistance for us. We got up and running, started kind of gaining momentum. But then we started realizing that electron probably wasn't the best foundation for a browser node API is accessible from within the web content. And so that meant a website could potentially access your file system and stuff. And so we realized pretty soon that Electron wasn't going to be the best approach. And our CISO, Yan Xu, she has an excellent talk on how not to build a web browser. And so we forked Electron, created Muon, which was just a hardened security version of Electron. And then eventually we realized, you know, taking six weeks to do a Chromium version bump is not ideal. We want to be more head to head with Google Chrome and other browsers that are based on Chromium and Blink and V8. And so we made the leap over during our 1.0 release to the Chromium base itself. So now we're a patched version of Chromium.
DAN_SHAPPIR: And how many, if I can ask, how many users or installations do you have worldwide now?
JONATHAN_SAMPSON: So I just checked. Slack this morning and we have more than five million daily active users and we just blew right past 15 million monthly active users, which is unbelievable because I was reviewing my notes from a talk I gave this year and I was at my last slide and the last slide was 2.4 million daily active users. Since that time, we've doubled that, which is incredible. And so we just continue to pick up momentum and build up more steam basically.
AIMEE_KNIGHT: So when we first started talking, the very first thing that came to mind is most browsers are supported by a large company behind them. So I kind of feel like it's important to frame our conversation to talk about the business model of Brave and then how that relates to Ethereum.
JONATHAN_SAMPSON: Right. Yeah, so if you, I'll just kind of go back if it's OK to early 90s for a brief moment here. You know, web browsers in general, they were built and distributed for free at the very beginning. Mosaic was free. Of course, you know, you had a period of time where, you know, Netscape Navigator was not free. Internet Explorer was, I think, in a bundle package that you had to get on the side. And so it made sense how they were making money at that time. But in the early 90s, you had, you know, Marc and Dreeson had put images into the browser, inline images. We had Lou Montulli putting cookies in there, and then those two things together made it possible for other people to profit off of our web browsing activity. They were able to construct these ad apparatuses that could monitor activity online. They could build up these dossiers on us on what we like, what our interests are. And then they could sell those within these sub-100 millisecond auctions whenever we visit a page for each ad slot on the page. And so this entire time, someone has been making a lot of money. I mean, the ad industry itself has just exploded from the early 90s, mid-90s rather. But we also see at the same time, whenever the Netscape plugin API system came out and we could start to build these plugins on top of the Netscape Navigator browser, there was a project called Internet Fast Forward, which sought to block ads and trackers. Their focus was primarily time savings because for anyone who was on the internet in the 90s, it was slow going. I mean, you would get, I think in my case, I usually remember getting like and a half kilobytes per second. And I was only really allowed to be online for 15 minutes a day because we were paying by the minute. And so individuals in the 90s are doing, they were blocking this stuff for the sake of their time, the value that is wrapped up in your time. And so with Brave, we've decided to block all that stuff. And of course, we can't function without revenue. Obviously, no one can. And so we block all that stuff. But we've also incorporated, as Amy was so in 2017 we launched a token cell for the basic attention token. And this would be an ERC20 token that would allow us to utilize all the benefits of the blockchain, this decentralized ledger. We have smart contracts with Ethereum. And so in this case, users would be able to earn anonymously these tokens by participating in the Brave ads, which is this privacy-oriented ad apparatus. And so as they earn these tokens, they can then in turn dish those out to their favorite content creators 5% off of those contributions. So the users themselves would get 70% of the revenue for ads viewed. Brave would get the other 30% in that case. And then whenever users contribute back to websites that they love, Brave takes 5% on top of that. And I think our focus is ways that we can further reduce that in the future as we grow and scale larger and larger.
DAN_SHAPPIR: If I can ask about this mechanism. So let's say I built a website. And my, so I'm not a browser maker, I'm a website maker because the majority of our listeners are obviously working on websites, not on browsers. And let's say it's a blog which I monetize these days by, I don't know, maybe putting Google Ads on it or something like that. Does that mean then that if somebody views it using Brave, then unless I engage directly with you guys, I can't earn money off of my website from visitors coming through Brave, what do I need to do in order to be able to earn, have the blog earn its keep? That's what it this way.
JONATHAN_SAMPSON: Yeah, this is the challenge because we see that smaller publishers, the creators of the content we love, these are YouTubers, these are bloggers, individuals who are really building the web that we love, podcasters as well in particular, they're the ones that are adding all of the value to the web. And then in order for them to get some type of monetary support, they wind up bringing in the third party like Google Ads or any number of competitors in the past. And this is really to sustain their projects. And so this is one thing that we definitely didn't like is with the trend of just ad blocking, it hurts the content creators, it hurts the publishers because they're just trying to keep the lights on. They're trying to pay the server bills, they're trying to pay for the bandwidth. And so in this particular case, as a third party tracker, Google Analytics is blocked. That does mean that the ads that Google would be serving through their iframe, for instance, on your page, those aren't going to be rendered either. That network activity is cut off before it's ever initiated. And so what we decided is we need to have some way for content creators to earn under our model as well. And so we've launched one ad model. We have a second one that's coming as well. The first one was the user ads model. And that's an apparatus where users could participate in privacy-oriented ads, which are all matched locally on their device. So there's no network calls out to third parties. There's no sharing of the user history. Everything is taken care of with machine learning models on the user's device. Those are displayed through native notifications on the operating system. When that happens, the user gets 70 percent. Then by default, at the end of the month, when the user receives all their tokens, the Brave browser is configured to do pro-rata support for verified creators. And so in this case, if Amy Knight has a verified Brave website, and I had spent 10% of my time on Amy's website, then 10% of my monthly contribution would go out to Amy in this case. And so we're trying to find ways to kind of close the loop on this, restore support to content creators without having to ask users to give up their privacy in exchange. And of course, the second ad model coming out is the publisher's model, which will allow publishers to opt in their websites to have privacy, focus, advertising integrated into it unlike what they would get right now with Google or something like that.
CHARLES MAX_WOOD: This is really interesting to me just from the standpoint of devchat.tv is verified on Brave, right? So people can contribute to us, you know, in that prorated way. I mean, I think we've made like $5 as our high watermark in a given month, you know, once we cash out the tokens, but you know, we do appreciate people donating that way. But it's interesting the way you're talking about it. And yeah, I have noticed because I use Brave as my primary browser. It plays nice with the internet. It kills a whole bunch of crap. It's really interesting if you click on the Brave icon, it'll tell you all the stuff that it squashed and some of these websites, it's like, wait a minute, I'm paying for this, I'm signed into it and it's still squashing all this stuff. And I'm not having any kind of degradation on the services I'm getting. So what's all this other garbage?
AIMEE_KNIGHT: One thing I was going to say really quickly, I'll try to find it for the show notes, but it's really interesting. Something I read, something on Hacker News like last week was that the biggest purchaser of ads is Facebook.
JONATHAN_SAMPSON: I would not be surprised.
AIMEE_KNIGHT: All these people are paying for all of that, but then also there's not necessarily data associated with the value of those ads.
JONATHAN_SAMPSON: This is what we see too. I think it was in 2015 when the New York Times did a study on the value of mobile data and tracking. And I believe they'd come out to the realization that the average American on their mobile phone would spend $23 a month not to load content they sought on the web, but to load ads and trackers. And so we would be paying $23 a month for the benefit of being tracked and surveilled. And so it has gotten quite out of hand, I think. And so this is why we look at the community response was this enormous popularity of Adblock Plus, Ublock Origin, all these different types of ad blocking programs and extensions. Those are fantastic. They do a great job of locking out third parties, protecting your sensitive information. Some of them do pay to whitelist, which isn't quite great. Just kind of undermines your entire principles, I think. But all they would do is block. What we saw is this trend of more than 500 million devices were blocking ads and trackers starves the content creators. And so the Brave Rewards program is meant to incrementally build up that support for content creators all across the world and start to put hopefully more than $5 into their wallets with time. I know we have some content creators who are receiving massive amounts of support just because they have such popular domains. Wikipedia is a good example, Washington Post is a good example. The bat is now settling eight figures a month to content creators and so it's getting much better with time. And the beautiful thing is there's no privacy exchange here. You're not handing over any data. You're not making any compromises on the user's end. And so it's nice, it's beautiful, it's elegant, and it's only getting better. So I'm thankful to be part of this.
DAN_SHAPPIR: How is the process of registering to your system? So suppose I'm a content creator and I want to, and I I like what I'm hearing. I want to join in. So question number one, how easy is it to do? And associated with that, let's say a significant portion of my audience is still coming from other browsers, like Chrome or Edge or whatever. So I still want to also use those ad systems. So how well do both worlds work together?
JONATHAN_SAMPSON: People are able to get set up in a pretty familiar process. If you've ever used Let's Encrypt, for instance, you'll have a well-known directory on your website, then you can put a verification text file inside there. The whole process starts with creators.brave.com. That's the plural creators.brave.com. If you're on a WordPress blog, there's a WordPress extension that you can download or a plugin rather that you can install. And then that will generate the verification token for you. Or if you're kind of a DNS hacker, you can make a change to your domain name as well and add. I believe it's an A record on there that has the verification token. And then once you demonstrate ownership, you're set and ready to go. You're able to add Twitter accounts, you're able to add YouTube accounts, GitHub accounts, all that type of stuff. It just goes through OAuth. And so it takes literally about two to three seconds per property. And the neat thing about it is, as a result, I'm able to, I tweeted this out earlier the other day. I went to Wikipedia, I tipped them like two bucks. And then I was within maybe an hour, I was on Twitch watching a streamer over there tipped another dollar or $2, something like that. And then I went on GitHub because someone had a really helpful comment on a PR and I was able to tip them as well. And I was able to do all of that anonymously using the ERC20 BAT token. And all of those users can then convert that into fiat if they want to or Bitcoin or Bitcoin cash or XRP or whatever they want to do with it. And so that's Pretty excellent. The other question though, you're talking about you're still having traffic coming from Google Chrome, from Mozilla Firefox and so forth. In those particular cases, Brave has a referral system as well. And so this is one of the things that we've worked with creators on in the past is offering up to $7.50 for any user they bring to Brave. And so in 2017, we had set up our token sale. We sold a billion tokens for like $34 million within 24 seconds blew my mind like the rate at which that thing went by. It was completely astounding. Maybe that's another story for another time. That morning was unbelievable. But we took 300 million of that and we set it aside into a user growth pool so that we'd have a way to stake users with tokens before they get involved so they wouldn't have to use credit cards and all that kind of stuff to participate, which is what you typically see with most online support platforms is you got to sign up, create another account, put in your credit card details. We didn't want any of that. And then the creators, of course, we have a referral program where they can just share referral code and then they can earn up to seven dollars and fifty cents in that for bringing each user from Chrome or Firefox over to Brave. And so we've been working on numerous different angles that we can offer support to content creators who have kind of been dealt a bad hand for the last decade or so.
STEVE_EDWARDS: This is Steve. I'm still trying to wrap my head around this whole process. So from a user standpoint, I'm not a content creator. I'm a user. I'm using my Brave browser. I think I might have missed this somewhere now. I go online, I buy some tokens in their store or an account and I can donate or how does that work from my end if I want to help these content creators?
JONATHAN_SAMPSON: Yeah. So when we first launched, it was called Brave Payments and you had to buy your own tokens. You had to go and buy Bitcoin at that time. That's too high a bar of entry, like in my opinion, no one should have to put in credit card details to participate in these types of systems, especially that undermines, I think, one of the benefits of the blockchain technology is that there should be a low barrier to entry for everybody. It should be low friction. And so in our case, we set up Brave Ads. This is an opt-in feature of the browser. It's off by default. But the way Brave Ads works is there's a regional catalog. So if we're all in the United States, we would all get the same regional catalog. So there's no way to fingerprint people based on the catalog that they get. And so in this case, our machines would download this regional catalog. They would use local machine learning to identify our browsing interests. And then it would find ads in that catalog that are relevant to us. And then at opportune times, it would show them as notifications on the desktop. When it does that, 70% of what that advertiser paid to get that ad in front of your eyes goes into your wallet in the form of bat tokens. So you don't have to create an account. You don't have to buy anything. You just opt into Brave Ads. You set how many ads you wanna see per hour, a maximum of five, a minimum of one and you just start to rake in the tokens. I think I looked at my earnings this month. I'm pulling it up right now. We show it on the Brave new tab page. I've earned $4.25 just by having a couple of ads pop up on the screen, none of it's silly with no tracking. And so at the end of the month, I'll be able to take those tokens and either have them automatically flow out to the content creators that I visit, or I can do an ad hoc contribution, a one-time tip, which is what I can do typically do. I think I have I've tipped already this month, $20, $22 almost. So 105 that that's a losing game for me, I'm going to have to maybe change that ratio before too long. But that's how it works.
STEVE_EDWARDS: Okay, so yeah, so I'm in my browser now I see a Brave rewards tab that you can turn on. It's telling me the Brave rewards server is not responding. So hopefully that'll get fixed.
JONATHAN_SAMPSON: Oh, no.
STEVE_EDWARDS: Yeah, okay. So that makes a little more sense. So I basically just have a pool of money that I can donate to whoever I want to donate within the British system every month or however long it goes in. And it's not like I'm putting my own money and I'm earning money by viewing ads.
JONATHAN_SAMPSON: Right. So if you want to, the tokens that you receive, they're yours. This is where the user also has not been receiving the value they rightly deserve over the last 25 years or so. Users have just been kind of the cattle. Now we're moved about where we have our value harvested from us. It is sold through you know, the ad exchanges and so forth, the different third parties, it's stored, it's, you know, you have companies like Facebook, which harvest information about us, store it in shadow profiles. And then once we create an account, they're able to reassociate us with all that information they amassed over years prior. And so users have been getting kind of shortchanged as well. And so under the Brave model, the user gets 70% of the ad revenue. It sits in your wallet. By default, it will flow out to content creators. I think the default is like 20 baht a month or something is what the budget would be. You get to configure that. You can say, actually, I don't want anything to flow out. I want to keep it all. And then users can go through Uphold, one of our partners, and convert it all to Fiat. So you can actually have, at the end of the month, you know, your Netflix bill or something like that paid just by having a couple non-invasive, non-tracking ads appear on your screen from time to time throughout the day.
DAN_SHAPPIR: Two quick questions about that. So question number one, those ads that appear, are they inside the browser window? Are they outside the browser window? If the browser happens to be closed, which by the way, it never is, but you never close your browser. But if it's supposed it's closed, do I still get those ads? How does that work?
JONATHAN_SAMPSON: Yes, so the ad catalog itself, the content appears in native notifications. So if you're on iOS, those would be the kind that pop down from the top. If you're on Mac OS, that's like the growl, I think they might be called. It's I'm a Windows guy, so I don't know these things. But they slide in at the top right-hand corner. Yeah, it used to be growl back in my day, whenever I was using the Mac. And so, and then on Windows, they slide in from the bottom right as native notifications as well. And so the beautiful thing about that too, is that they're subject to all the OS restrictions. If you have do not disturb or focus assist enabled, Brave can't it has no way of irritating you with ads. And then of course, it's all configurable within the browser as well. So you can specify whether you want to see one ad per hour or so forth. So you control the entire experience.
DAN_SHAPPIR: And that wasn't actually going to be one of my questions, but I'll ask anyway. And is that sufficient from an advertiser's perspective? I mean, those notifications are usually fairly low-key and small. So do they consider that to be sufficient?
JONATHAN_SAMPSON: It's worked out quite well. I mean, we have three times the industry average of click-throughs. And the beautiful thing is it's not just blindly scattering your ads to faceless individuals out on the web. This is actually able to leverage that machine learning on the device itself. So if you think about a web browser, a phone or something like that, if I were to hand you my phone, there are different tiers of data intimacy that you could have with me where you could look at my browsing history and you could see where I've been in the past. You can look at my bookmarks and see where I plan to go or the sites I visit frequently. And then you could look at something really high fidelity and look at my open tabs and see what is Samson interested in right this moment. And so you think about the browser as this database of largely inert data. It's not really doing anything. My bookmarks aren't doing anything until I click on them and summon a site. And so what the browser is able to do is it has more access to information in a private, trusted and central manner. And so it's able to know you more intimately than any third-party exchange or something like that. So it's able to actually pair you with ads that should be more in tune with your interests and your likings. And so this works out really well for advertisers because they're getting a lot better value for their dollar at the end of the day. They're reaching people that I think are going to be interested in their products and they're reaching the right cohort of users.
DAN_SHAPPIR: And my actual second question was I wanted to ask. So you mentioned or you stated that the primary source of the money that I donate is going to be from the ad revenue that gets shared down to me. But if I do want to donate more, can I put in my credit card safely if I wanted to?
JONATHAN_SAMPSON: You can. So the wallet right now is developed through a partnership with Uphold.com. So you could always go in and you could purchase tokens if you wanted to. Uphold is like a other types of sites, Coinbase and other websites where you can go and purchase Ethereum or purchase Bitcoin or something like that. Well, they've token utility tokens on there as well. So you can purchase that. You can deposit into your wallet if you wanted to. And then you could say, you know what, I want to just go through and do a crazy weekend of tipping. In fact, I think we're doing that today at Brave. We have some people through a new tab page sponsorship with Verizon. We have a lot of tips that are going to be going out today from people who are participating in a Twitter program. And so there's quite a bit of ways that you can fund your own wallet. But the ideal solution was that no user would be compelled to do that. They would have the means to opt in anonymously or, and do all of this without having to ever pull out their wallet. And it's worked out considerably well. But of course there always are individuals who want to deposit their own funds and go above and beyond.
AJ_O’NEAL: I'll come in with some contrarian views here. First of all, I'm liking that you are telling me that these ads are actually valuable because to me, when I hear anonymous ads, I think the first thing that comes in my mind is paying too much money and not getting anything back, right? Like as, as someone who has had products and tried to market them online or not tried, but having marketed products online, like the purpose, I mean, I think the basic premise, we got to take a step back for a minute. The purpose of marketing is not to dishonestly scam people. The purpose of marketing is when you, one person said it in a way that I thought was really great. Like when you feel that you have a moral obligation to let people that can benefit from your work, know about your product so much so that you're willing to pay for it, right? So that's, that's like on the most positive of you know, virtuous side, which obviously is not, you know, not even anywhere near a hundred percent of the cases, but like, you know, if you have a good product, you want to market to people because you believe that your product can help them and you want them to be able to be helped by your product. And you want to get value back out of that. And so, so I'm not quite a hundred percent sold on it because I don't understand all the details, but I like what you're saying there about. This this on-device machine learning, you know, according, according to you is actually effective and perhaps even more effective than other methods, which I could believe that there could be something you've got novel that other people aren't catching onto. You've got some secret sauce that isn't secret cause you're trying to keep it secret, but just because other people in the industry don't recognize it yet. So I think that's cool. And I think that that is, you know, a direction that I'd love to see more on device quote unquote, machine learning, being able to look at history. I mean, I just think about like the way that I interact with music. So I guess that's not contrary. But a couple of things that I do find concerning. One, I just associate Bitcoin with scam, right? So the minute you say blockchain, I'm like, back me the heck away because it's for pyramid schemes, for drug deals, and for weird technical nerds that play moral superiority based on literally a math game that's most similar to Conway's Game of Life. Well, I mean, not technically in the way that it functions, but in that it's a useless toy problem thing. So like I, I just, and I just opened up Brave for the first time and it's like introducing me to crypto wallets and Ledger and Trezor and I'm like, whoa, whoa, whoa, whoa, whoa, like, hold on a second. I don't want anything to do with that. Like I've been earned by that in the past. I think we all know somebody that's been burned by that. We all know somebody who made like a million dollars off of it too. But again, pyramid scheme scam, right? So I find like the amount of focus on crypto with this. And I hate that because it's not crypto cryptography. I feel it is useful, but I find that to be a little scary and intimidating. And, you know, earlier you said something, something Bitcoin, something, something, and we don't want anyone to have to deal with that. I thought you were going to say Bitcoin, but then you said putting in your credit card. I'm like, I'm comfortable putting in my credit card. My credit card has a company that protects me, to make sure that I'm safe. Not to say that I feel that I can't be responsible for my own decisions, but I like that when something goes wrong with my credit card, if a transaction goes to the wrong place, even if I make a mistake, even if it's my fault, I can call them up and say, hey, and I've done this. So that bit actually makes me feel a little less safe, not more safe. And, and, and it with like, I get, well, I don't really get privacy. Like I know, but I don't think anybody actually cares about privacy. I could be totally wrong. It's something that we like to talk about from a moral perspective, but, and you're saying something different. You got 5 million people that are on this bus actively, daily, right? So that's freaking awesome. But most people just don't like they if you ask them, do you care about it? I'm gonna make a bad analogy, but like, I'm Christian, so, and I count Catholics as Christian, so just put that upfront. But you know, you go to some places where it's like high Catholic or maybe high born again or whatever, and you ask them, you believe in Jesus, and they're like, yes. But do you do the things Jesus asks you to do? You know, like, are you living your, do you live your life according to your beliefs? Well, no, not really. Right, like, and so you got the jack the Jack born agains or the Jack Catholics or whatever you have it, right? And I feel like that's how privacy is privacy is like this, it's like this moral thing and we all like to tell people like, Oh, I believe in privacy. And then it's like, okay, so what browser do you use? Well, you got 5 million people using brave, which is awesome. But I just don't, I don't feel like it's got something. I don't see how this is going to go beyond fad into mainstream. If the basis of this is like, get more privacy and get crypto money, because those just seem to be so niche and so like more religious than practical.
JONATHAN_SAMPSON: Right. Well, I think you're making a lot of excellent points. So the first one, let's start with Bitcoin. I tweeted out a few days ago that I think Bitcoin needs better PR, because honestly, the impression you have of it is I think pretty common for people. They see the entire industry. You have the actual engineers behind Bitcoin back in 2008 when they published their white paper. Satoshi, whoever that is or whoever they are, they built a pretty amazing system with finite supply distributed ledger system. It's a beautiful system and it works phenomenally well as an analogy or analogous to money. It's like the money what we have today is-
AJ_O’NEAL: I agree to disagree, but continue.
JONATHAN_SAMPSON: Well, I'm thinking it solves problems like double spin. I could write a check right now for Charles and Amy. And I could send you both a check. I could take goods from both of you. And then the, by the time you try and cash that check, I'm sorry, you know, Charles already got my $10 and Amy gets nothing. And so I need a one check.
AJ_O’NEAL: But checks are peer to peer. I don't have to connect to a third party in order to be able to hand someone check with, with the cryptocurrencies. You have to connect to the blockchain and be validated by this like group consensus before something can happen. So you can't have offline transaction. I'm going to shut up and not go down that rabbit hole.
DAN_SHAPPIR: That's not exactly true. I mean, a check is validated by the bank at the end of the day. I mean, you can't just have the end of the day. You can't just hand me a piece of paper as a blank. I owe you. I mean, no, you can, but you know, it's not the same.
JONATHAN_SAMPSON: Yeah, it's an elegant. So in that case, obviously you would give the check, the individual have to take the check to the bank, the check within check to see if the bank would see if you have enough in your ledger. And the bank is kind of the sole exclusive authority here. If the bank were to be compromised or something, then they could obviously lose money. In the case of blockchain, this distributed ledger, you have a lot of different people that have this consensus protocol where they all have to agree if you have enough money in there. But I don't want to get kind of too in the weeds on that.
AJ_O’NEAL: I don't even want to go into it because I just...
JONATHAN_SAMPSON: The beautiful thing is with Brave, we wanted all the benefits of this because there's a lot of legitimate, I think, benefits to a distributed ledger system. There's a lot of really terrible stuff happening in this space. There's a lot of people who just want to Lambo to the moon or whatever. They want to get rich overnight. They want to co-op this entire space as some type of investment apparatus. And for some people, as you mentioned, it works out quite well. I'm an engineer, though. A lot of people doing some pretty shady stuff in that space. And so, I look at this as an engineer, however. I look at it as you know, whenever, it's like the first time I swapped from MySQL over to Postgres or something like that. It's like you start to see these benefits in place that just work better for certain types of applications. And in our case, we want some type of way for users to anonymously earn rewards. We want to be able to transfer value from real-world fiat budgets of advertisers to users in an anonymous manner. We want them to be able to distribute that to various different content creators and for those content creators to have some type of gateway or bridge for them to convert it back into fiat if they want to at the end of the day to pay their rent or to pay their mortgage or keep their lights on.
AJ_O’NEAL: So for those listeners that have no idea what was just said, fiat is a term that the people of the Bitcoin religions refer to us pagans as. When you hold a dollar in your hand, something you can actually take to the grocery store, that's the evil fiat. Well, it's a words in your mouth there.
JONATHAN_SAMPSON: But yeah, I love it. I at the end of the day, dollars is what people want. Dollars is what I use. And so I want to separate myself from the Bitcoin maximalist out there. I'm not definitely not in the Bitcoin maximalist category. I love and I've had you can see if you look at brave Samsung, the fact that brave launched on Bitcoin and then we pivoted away from it is when you compare it, as you pointed out, AJ rightly. You compare this novel system of Bitcoin with what exists today compared to Visa. Bitcoin can do dozens of transactions a second. Blazing, wow, high throughput. Visa can go up to like 65,000 transactions per second. With Bitcoin, if you send your Bitcoin to the wrong address, it's gone forever. There's no FDIC for Bitcoin. With Visa or something like that, you can recover those lost funds. You're absolutely right that there's a lot of benefits in there for people. And so when Brave launched on Bitcoin, we started noticing that there was just some problems in place. There was network fees and congestion. They just weren't working. We pivoted to something with higher throughput, lower fees, and that was the Ethereum blockchain. And now, since then, we've had explosive growth in the program itself. We have now up to 15 million monthly active users. And so we see are these waves of Bitcoin users coming back, who I think are a little salty that we didn't build this on top of their preferred blockchain. And so we do see some people who are upset.
AJ_O’NEAL: When I, when I, on this show generally say Bitcoin, unless we're actually having a cryptocurrency or blockchain episode, I'm just speaking on behalf of the masses, meaning cryptocurrency. Right. So I don't mean specifically Bitcoin when I'm saying Bitcoin for this context. I'm not talking about specifically Bitcoin. I'm just saying cryptocurrency.
JONATHAN_SAMPSON: Right. I think that's pretty common too. It's one of those, it's like whenever we say TiVo or something, we're talking about the entire recording industry of live television or something. But in this case, we identified that using the Ethereum blockchain as a store of value, a way to transfer value is optimal and super efficient in that case. And so that's what we wound up moving forward with. And it's worked out really quite well. Again, we're able to settle eight figures a month for content creators and so forth users don't have to think about regional restrictions. So for instance, we mentioned putting credit card details in. A lot of those payment gateways, they would exclude you based on your region. So they would say, I'm sorry, you're in Lebanon, or something like that. You're not allowed to participate. And that's less than ideal for the web, I think. Users should be able to participate and have their.
AJ_O’NEAL: And I hadn't thought about that way, but you raise a very valid point, is that you found something that works cross borders. Although the legal on it is shady in some areas, but yeah, like blockchain currencies do work across borders fairly uniformly.
JONATHAN_SAMPSON: It's that too, it's also the fact that, in my case, I don't have to go create a Patreon account, I don't have to go create a YouTube account to do super tips, I don't have to go create these different accounts and have to comply with-
AJ_O’NEAL: But you do create a Brave account, so there's still-
JONATHAN_SAMPSON: Well in this case the user- Fortunately, the user has to do nothing. The user has to create no accounts, there's no credentials, there's nothing. You just have the browser, there's an in situ wallet, that's it. And so you don't have to create anything to participate. You don't have to create anything to give and earn. And so that's what we're talking about, that very low friction that we can't really get with some of the incumbent systems and what users can't really get. Plus you don't have to manage your subscription. I remember a few years ago, this has probably never happened to anybody else, but it happened to me. After my wife and I had gotten married, a few years after that, we were sitting down doing finances because I was terrible at that. And we realized that I had been paying $30 a month to a gym in a state that I no longer lived in. And I'd spent hundreds of dollars at this gym. And so, it was one of those things where I had this existing account that I was no longer actively monitoring. And as a result, it was just slowly bleeding funds from my bank account. The great thing with the Brave approach is that I have this platform-agnostic approach. I can tip anyone anywhere and I don't have to have an account to do it. And so the encompasses on the, uh, you,
AJ_O’NEAL: there's still some form of account though.
JONATHAN_SAMPSON: You, you have the browser
AJ_O’NEAL: and it has the password to the wallet or whatever it is. I mean, there's a, there's a, there's a thing going on. There's an address that has some, some coin.
JONATHAN_SAMPSON: So this is, this is where the crypto that you would appreciate comes into play where we have cryptographic signatures and stuff, where it demonstrates that your browser has the authority to make calls over your balance. But the user, this is one of the things I love about Brave. We've effaced all of this. The user never has to think about any of this. The user doesn't have to think about whether or not they can cryptographically sign a transaction or anything like that. They just opt into Brave Rewards, ad pops up, they have that. They can click a button to send the bat to a content creator. And so there's no accounts for them. There's nothing that's, it's all kind of self-contained within the application itself. And so it makes the-
AJ_O’NEAL: So you're saying if I have two browsers on two computers, there's nothing to link them together?
STEVE_EDWARDS: Yeah, that was gonna be my question too.
JONATHAN_SAMPSON: Correct. Those are two distinct profiles, two distinct devices. You may even use those in two very distinctly different ways. Say if it's a work computer and a home computer. And as a result, Brave Ads will learn contextually what types of information you might be interested in or how you might browse differently on each device. And so on your work computer, you may get services and advertisements that are more oriented towards podcasting and that type of stuff. On your home computer, you might start to see things that are more oriented towards gaming or entertainment, online streaming and that type of stuff.
Early in my career, I figured out which jobs were worth working at and which ones weren't, mostly by trial and error. I created a system that I use to find jobs and later contracts as a freelancer. If you're looking for a job or trying to figure out where you should go next, then check out my book, The Max Coder's Guide to Finding Your Dream Developer Job. The book walks you through figuring out what you want, vetting companies that meet your criteria, meeting that company's employees, and getting them to recommend you for a job. Don't settle for whoever has listed their job on the job board. Go out and proactively find the job you'll love. Buy the book at devchat.tv slash jobbook. That's devchat.tv slash jobbook.
AIMEE_KNIGHT: As a marketer, I can try to target certain ads to specific demographics. So when we're talking about ethical decisions and stuff like that. So let's say I'm advertising for a job. This is something else I read recently. I can, a tech job, I can specifically say, I only want to advertise to an audience in the age range of 20 to 35. Because I think that older developers I don't want this kind of people as submitting for my job. So as somebody who's using Brave, do I have more control over that kind of stuff then?
JONATHAN_SAMPSON: So bad because I'm too old to be at your job.
AIMEE_KNIGHT: I mean, I know. It's terrible.
JONATHAN_SAMPSON: So it's a good question, right? Because advertisers say, for instance, I'm going to sell men's shampoo. Can I advertise to men or I'm gonna sell leg razors, because apparently men and women have different kinds of razors. Can I advertise to a specific demographic? Right now you can advertise to countries, so you can appeal to, you can target Americans, but the beautiful thing about this is, you're able to get the same results, which is the, I'm doing the air quotes here, but targeted advertisements, but it's by a completely different means. So in this case, if you look at the incumbent system, digital advertising works today, third parties are harvesting our information. So if I go online and I type in men's shoes, well now I've disinformed, you know, who knows how many third parties, but one I'm interested, I'm very likely a man because I'm looking for shoes, and then maybe I'm into athletics and apparel and stuff. And so that information goes out to third parties. They can then sell it or rent it to whoever they please because some terms of service thing that is 40,000 words long says that they can. Maybe agreed to it somehow.
AJ_O’NEAL: What's wrong with that? I mean like earlier you're saying oh us poor users like oh no somebody sold my preference on what I like shoes Well, what about like the users are the leeches? The users are the ones that aren't contributing the ones that are taking something for free and not giving anything back 99.9 percent of the time which is why we have the ad system. So I think it's a little you know what I'm saying like like it serves the user to get relevant ads. This is not bad. I mean, no, I in a bad way sometimes, but there's ethical ways to do it. That don't require like the whole anonymity thing or whatever.
JONATHAN_SAMPSON: Well, I think so in this case, the end result is serving the users, good relevant ads. That's what everyone wants. That's what you as an advertiser would want. You obviously do not want as a user. Well, that's what I mean. You as a user, you as an advertiser, it's in everyone's best interest. If the user is getting relevant ads. We saw this, you know, prior to 2009, there was, there was, since 2009, we've had real-time bidding. But prior to that, you would see in many cases, ad spend was just, you know, being scattered by the wayside because they would buy eyeballs as opposed to buying demographics and so forth. And so you could spend, you know, $1,000 and then a quarter of your ads may go to my grandmother's knitting club, who is probably not going to be interested in a JavaScript podcast or something. Probably not using Brave. You'd be surprised though.
STEVE_EDWARDS: We have a lot of people who set up Brave for their grandmother.
AJ_O’NEAL: I mean, that's what Firefox was back in the day too.
JONATHAN_SAMPSON: Yeah. It's, it's the, you know, the, the grassroots where the, the, the little warriors that are going out there and then taking over the web. And so in this case, you definitely want to make sure that users have relevant ads, but is it, you know, we had a, I think before the podcast started, you know, question of moral discussions and stuff. If the user doesn't consent to giving you deep insight into their life do you have the right to collect that information? For instance, if I go online and I look up some medical conditions, things that I wouldn't want to share with anybody, or I look up, you know, therapists who may deal with particular traumatic events that I might have experienced in my life, do I want that information going into a third-party database associated with my identity that could creep up in the future in some other context? Usually, no. You know, if it's sensitive information that I've not willingly disclosed then it's usually something I want to keep private and under my control.
AJ_O’NEAL: Well, I would say I normally open up a private tab if I've got, you know, a medical concern for two reasons. One, because it could pop up with something completely unrelated and mature content instead for, you know, whenever you're searching things about terms of the body and whatnot. But, you know, also because I don't want to start getting ads popping up for.
DAN_SHAPPIR: Yeah, but our listeners would open a private tab or incognito tab or whatever, but certainly not the majority of the people on the web.
AJ_O’NEAL: 100% agree. 100% agree.
JONATHAN_SAMPSON: In this case, private tabs aren't really enough to protect that information because a private tab all they really do, this is kind of an unfortunate thing about our industry. We have private tabs or private browsing or incognito mode and all these do is they clean up the local cache after you close the window. But still, whenever you go online and you search for,
AJ_O’NEAL: Oh yeah. If I were to sign into Facebook in a private tab, now I've linked all my history. Right.
JONATHAN_SAMPSON: You've, you've connected it to your explicit profile, but even if you didn't, your IP address is still the same from a private tab. And so you can match people based on their IP address, whether they're in a private tab or not. And so if you go into a private tab and you look up, you know, therapists who specialize in child abuse or something like that cases, you may have leaked something associated with your IP address that you didn't intend to leak because the private tab.
AJ_O’NEAL: How does Brave solve that? Because Brave still, I mean, is Brave going over a VPN?
JONATHAN_SAMPSON: So Brave actually, we do have a Tor integration in private tabs. Tor is that the onion router, which causes your data to hop through various different endpoints. But the user doesn't really have to think about any of this. They open up the private tab, click Tor, and then you browse as you normally would. But of course, nothing is tied to you geographically or to your IP address or anything anything remotely connected to you.
AJ_O’NEAL: Until you sign into something.
JONATHAN_SAMPSON: If you sign into a service, if you go to Facebook and you sign into Facebook, then what you've demonstrated is somebody from that geographical region with a different IP address has your credentials. It's still not necessarily you because it's not coming from your public IP address, but it shows that someone else has signed into your account.
AJ_O’NEAL: Yeah. Right. Oh, it's just people often use Tor and VPNs to, but they don't do what people think they do. And I just, that's right.
JONATHAN_SAMPSON: That's what I think this is one of the, I think you are a great representative of, I think the majority of people in this case, because when we look at Bitcoin, we look at these, you know, the onion routing and so forth, what people typically see is what we read in the news. We read about, you know, Silk Road or whatever it was called, you know, people selling pharmaceuticals over the web for cryptocurrencies, or we read about people accessing, you know, child pornography or something over the Tor network. And this is one of the frustrating things with the space because this is good technology that is being used by terrible people to do bad things. You know, it's-
AJ_O’NEAL: That's old technology. But particularly these ones attract those types of people. Like it's-
DAN_SHAPPIR: Yeah, but it's like saying don't drive cars because some people are driving car bombs, you know?
AJ_O’NEAL: It's more like saying don't drink because some people get angry drunk.
JONATHAN_SAMPSON: I think those are definitely good analogies in this case. We look at- The ongoing battle between governments and large vendors like Apple over device encryption. You look at just the early days of Netscape Navigator and how they had to have two completely different types of encryption models for their browser because of federal regulations. They had to have a soft or weak encryption model and they could have a strong encryption model. They could not sell a strong encryption model to foreign governments whenever they had the Netscape Navigator because then we wouldn't be able to spy on foreign governments.
AJ_O’NEAL: Well,
JONATHAN_SAMPSON: so this,
AJ_O’NEAL: this was back with the whole, like, uh, well, this was probably before 128, 192, 256 AES. This might've been back in like the triple DS days, but like it, it's not just being able to spy on foreign governments. It it's the military required, like there's classified, ultra classified and like mega ultra classified. And so that before the digital world, there were, there were physical securities that need to take place. In the digital world, all securities are the same. There's no additional cost to having a... 120-bit encryption is as strong as you ever need. You can add more bits to it. It doesn't make it any stronger from a practical perspective. So it's not just the spying on people thing. It's also the old forms of analog world had to translate to the digital world and the legal wasn't ready to catch up with it.
DAN_SHAPPIR: Yeah, again, going back to the, you know, even though this is a technical podcast, going back to the principle of the thing. At the end of the day, you know, we are willing to sacrifice certain aspects of, let's say, security or safety for privacy. We've been doing it forever. I mean, the reason that, you know, you need to get a search warrant to search somebody's house makes life more difficult for law enforcement. But we are willing to live with that because we need the safeguard of our own privacy, and we're willing to pay that price. So I can definitely understand that evil people can use standard encryption means for doing bad things, but I still like that those encryptions exist in the public domain because I want to be able to chat privately with whoever I want to chat. But I actually want to go to a different direction for a minute. You talked about the various ways in which browsers or specifically Brave can block, let's say, transferring of data or collecting data, which isn't legitimate. You said that you don't even make the network requests. You block those in the browser itself. But there are certain types of situations that I can consider where I want to collect information which is legitimate. I think that now in the context of consent policies, there's this distinction between analytics and essential. So maybe I want to collect some data that I need to collect in order to guarantee the quality of service that I want to provide to people. Let's say I'm checking uptime and performance and stuff like that block that as well. And if it does, is there any way in which I can kind of white list it so that it that brave doesn't block it? If again, if I'm collecting, let's say anonymous data for legitimate purposes.
JONATHAN_SAMPSON: So we're we're not really focused on what you're collecting. We're looking more for patterns in our case. And so what we're looking are, you know, third party connections that don't appear to have any immediate connection to the first party. So in this case, it would be like Google Analytics being loaded on a random website. Google Analytics, it's usually not directly related to the website itself. But if it's a first-party connection, for instance, if you had telemetry.mysite.com or something and that looks like it's related to that first party and those cases generally wouldn't be blocked. If it is directly a first party, if it's something hosted on your website itself that is just using XHR transmission back and forth, sending some information about the user session, anonymize preferably that type of stuff. Brave doesn't really mess with first-party stuff because that's not typically what has been plaguing the web over the last quarter of a century. So what we're looking at are these uninvited third-party connections, largely what you see in the ad blocking lists that have been developed over the years from Adblock Plus and Adblock and Ublock Origin and so forth. But to answer your other question too, in this case, the user is always in control as well. So if you wanted to, you could ask the user and say, hey, we'd like to collect this information. We lay it out. Here's what we're going to harvest. Here's how we're going to use it. You can ask the user to just lower their shields in Brave. So within Brave, we have a small line icon to the right of the address bar, which has kind of global shields for a particular domain. You can basically turn off the braveness and reduce yourself to using a Chromium-based browser only. Or you can open it up and you can turn off particular subshields. So if you say, for instance, we use the Canvas elements in our page, we need unrestricted access to Canvas APIs, which Canvas APIs are often used by bad guys for fingerprinting and that type of stuff. But if you say we have a legitimate use of Canvas APIs that we want to use, for instance, a website that draws a graph or something like that, then you could ask the users to lower their Canvas subshields within the or lower the fingerprinting subshields within the brave shields. And so you could always invite the user to, you know, consensually enter into that relationship if they wanted to.
AJ_O’NEAL: Canvas because they can detect screen size.
JONATHAN_SAMPSON: So canvas you're able to, it's going to give you hardware specific kind of noise. If you were to generate noise on the canvas element and by noise, I mean what you would see in Photoshop if you were creating noise or something like that, you're getting, yeah, slight variance in the data based on the hardware of the user's device. And so from that, you could convert that into a hash, for instance, and that hash should be distinct for that particular user based on their hardware. You could further increase-
AJ_O’NEAL: Is that just another reason to buy a Mac?
JONATHAN_SAMPSON: Well, it's gonna happen with Mac or Windows in this case. Yeah, and so if you and I have slightly different computers or slightly different configurations-
AJ_O’NEAL: Well, that doesn't happen on a Mac.
JONATHAN_SAMPSON: We might have slightly different, you know what? I'm not gonna get into the Mac space because that's not my-
AJ_O’NEAL: Well, I mean, it's like it's the same GPU. It's the same RAM. It's the same SSD. Like on a Mac, like every piece of hardware is exactly the same. And, you know, it's that that's why I'm wondering, like, would, would there be something specific about my iMac that is somehow different, different from someone else's iMac that would give a different profile or the same thing? Cause they're essentially the same.
JONATHAN_SAMPSON: If you're looking at just one space, if you're just looking at the GPU or the processor or something like that, then you would probably get the same signature. I think there are going to be some subtle differences if you're looking, for instance, I think I've had two Macs in my life. The first one did not have a high pixel or high-density display on it. This one does. And so you would start to have some variants and things like that where maybe one of them is able to display higher density of pixels than the other one. But the reality is that this is just one cog in an entire apparatus that's used to fingerprint people. And so the canvas is just one of these subshields. You could add onto that the fonts that are supported. You could draw text. I mean, there's little, I don't even know. Some of this stuff is incredibly granular. You can draw a text to the canvas and then measure the text width to see if a font is supported. You can do all sorts of things within what the browser has access to these native APIs that are just available off the global window object that you can create these high fidelity signatures for users. And so this is kind of good timing because yesterday we just released a blog post on what we're going to be doing with fingerprinting in the future, fingerprinting prevention. And so we have this term farbling, which is security or privacy through anonymization, where whenever websites or third parties access some of these APIs, we can slightly randomize the data that they're getting back so that they're never really generating the same fingerprint two times consecutively for a user. And so we reduce the value in generating a fingerprint, but we have to do that without breaking the web as it is today because we've amassed this collection of websites and now applications, full-fledged applications in a browser, which depend on these APIs. And if you randomize all their data to a particular degree above a threshold, you start to break the web. And so we've got to kind of find this balance between preventing uninvited fingerprinting so that people can track me across the web, even if I'm using Tor in that case, if they're able to generate a device specific fingerprint, whether you exit the web on one IP address or another, they can still identify you from this kind of lineup mentality.
AJ_O’NEAL: This just seems so, I don't know what, how to describe it. It'd be like so far down the rabbit hole or cause it's like at this point, look, it doesn't matter what Facebook is going to do, right? Because we all are going to use Facebook and it doesn't matter. Like how many people you see post on like a semi monthly basis, like, oh, Facebook does this thing. I'm going to, I'm now I'm going to quit Facebook. They never quit Facebook. Right. And, and so like, okay, I'm going to visit some random really crap. Like these are the things that we all hate. I think everybody can agree, fight me, but I think we can all agree that the things you hate the most are when you accidentally give into the temptation to click on like how you'll never eat bananas again with this one weird trick. Suddenly your battery life goes down to 30% in a matter of three seconds because of the ads that are loading on the page. Those are like the least ethical ads ever, right? If I'm visiting a shady site like that like when something pops up on Facebook and it's like Find out how Asian you are based on your preferences of music, you know and the way you know when you click on that or you should know hopefully if not Perhaps some education needs to be in order but any type of app like that the entire sole purpose of it is to collect vast swaths of data on people. So you know that you're giving up your privacy in wholesale to allow access to your friends list to see something that probably doesn't have anything to it other than a random generator. I did one of these the other day and I literally did the same thing over and over again until I exhausted all 15 options, completely random, doesn't look at your profile, just gathers your information and spits out a picture, right?
DAN_SHAPPIR: AJ, it works, but it works both ways again. I mean, on the one hand, you're absolutely correct save people from themselves at the end of the day. But on the other hand, some people just don't think of the consequences. I recall that.
AJ_O’NEAL: That was my next question. What are the consequences? What are the real life consequences other than the guilt creepy?
DAN_SHAPPIR: Well, I can give you an example. I can give you an example. There was this aging app that you would put in your picture and it would show you how you would look in 30 years or something like that.
JONATHAN_SAMPSON: Exactly.
DAN_SHAPPIR: And it became very popular and people would upload their own pictures. Well, a database, of pictures associated with certain fingerprinting information of where they're coming from and who they are can be, you know, extremely, can be used in extremely nefarious ways by people who are willing to do that. I mean, like a government can use these things to fake passports, to do all sorts of really, really evil things. And people did not think of the consequences. They just thought, hey, that's cool. I'm going to see how I look when I'm 70.
AJ_O’NEAL: What were the consequences?
DAN_SHAPPIR: The consequences is that certain governments got images of people's faces associated with their names and emails and whatnot.
AJ_O’NEAL: But did they not already have that?
JONATHAN_SAMPSON: I think in this case, you do start to... And this is one of the things where we have to kind of think globally, where I believe everyone here lives in a country that is pretty free, pretty fair, pretty balanced. You have many liberties. It's not always the case for everyone. And so there was, yeah, you know, there are, for instance, I'm only faintly recalling this, but I remember listening to the Security Now podcast with, you know, Steve Gibson, Leo Laporte, and they were talking about at one point, there were third parties that were able to track the movement and associations of Chinese Muslims. And this was information that these individuals would not willingly want to give up themselves because they may be unfairly targeted or something. And so there are many areas in the world where there are you know, religious-based discrimination, other social-based discrimination. And so you may not necessarily want someone to know your affiliation with a particular website, not because you're doing something morally wrong, but because those who are in power over you may seek to do something morally wrong with the power that they have. And so, I think in general, it comes down to people should have the right to privacy as much as reasonably possible. And whenever you look at a hundred percent agree in people having choice for themselves,
AJ_O’NEAL: a hundred percent, a hundred percent agree and having the choice to choose just debating practicality, some of those, right.
JONATHAN_SAMPSON: And I think in this case too, the freedom of choice, the value of that is less substantial if you don't, if you're not properly informed to make that choice. And so in this case, you mentioned, you know, clicking on some of these shady ads and you're like, if you go to a shady website, you should expect some shady business, right? The reality is a lot of this stuff bleeds into otherwise non-shady websites. One of the examples of this was there's another cryptocurrency called Monero. This one was unique from Bitcoin, which requires ASIC, specialized hardware, GPUs to actually solve these math problems. Monero could be calculated just with JavaScript in the browser, but it's so lightweight. This neat feature of it and so we started seeing, started seeing the hardware. There was a Trojan or a virus called low PI or low API that got onto Android devices. And it would just spin until it literally caused the Android device to explode in the user's hands or pockets because it was trying to solve as many hashing problems as it possibly could.
AJ_O’NEAL: Lithium battery, baby.
JONATHAN_SAMPSON: And then we saw this other case where, you know, crypto-jacking became a big thing in 2018. And Brave had saw this happening almost immediately, and we started blocking these crypto-mining endpoints. But what happened was you would open up a browser, it would load an ad, and we see this bitmap of pixels on the screen that the ad is just a picture. That's what most people think. But the reality is, especially on the JavaScript Jabber in our community here, we know that these ads are small applications. They're able to do a substantial amount of work behind that static image. And so in this case, these people were loading cryptojacking scripts into these advertisements and distributing through Google or Facebook's ad networks so that they could get this cryptojacking scripting onto people's devices. And it got so bad that it was all over government websites. It was even getting loaded into YouTube ads so that as you would have a YouTube ad come up, your CPU would spike up to 100% and it would just stick there, stuck at 100% while your computer was being co-opted by faceless third parties to solve these hashing problems so they could generate cryptocurrencies for themselves and you wind up having to foot the electrical bill. Or maybe worse, in the case of a mobile device that just overheats and explodes in your hands.
AJ_O’NEAL: I think we put some responsibility on the engineers of that device, though. We can't put all that responsibility on the advertiser.
JONATHAN_SAMPSON: No, definitely not. This is one of those things where the stuff is going to bleed over. It's not just in the dark underbelly of the web. You know, there's financial motivations for people to get it out of there into the, the, the normal world. I don't know what they say in stranger things, but the upside maybe.
AJ_O’NEAL: Yeah. So then I, I, I agree. Like anything that can be taken advantage of and abused will be. And so you can, you can limit your risk by being more proactive.
JONATHAN_SAMPSON: And I think that's one of the things where education is going to help considerably, but you know, with brave, we realize that there are a vastly diverse types of users on the web. And some of them are very technical, some of them are not. And so I think in our case, we're trying to build a product that appeals to everybody. Now the non-technical folks don't have to think about is this YouTube ad about to hijack my CPU and drive up my power usage and so forth. They don't have to think about these types of things. The technical people, they've been solving these problems for a long time. They've downloaded Firefox or Chrome, they've gone to the extension store, they've installed very specific extensions, and they've been basically equipped to handle these problems themselves for the most part. We have seen some peculiar issues along the way. For instance, ad and tracker blocking extensions in Chrome Web Store and that type of stuff, which are just Trojan horses to get trackers onto your device or crypto mining scripts onto your device. It was even the case where I think it was last year, I was talking with Dan Finley of the MetaMask a Web3 interface to participate with the blockchain on the web. And it's extremely popular. The Metamask extension had fake counterfeits in the Chrome Web Store. And whenever it was reported to Chrome that there were these counterfeits which were doing some unsavory things like stealing people's keys and that type of stuff, Google deleted the official Metamask one and left the imposters in place. And so you'll see that even whenever you have technical people with the backgrounds and the know-how and the savviness, they too could wind up downloading the wrong extension. And so by building a browser that thinks about these things by default, security and privacy on by default, we're able to prevent a lot of those scenarios.
DAN_SHAPPIR: I think that you're also starting to influence a lot of the browser, other browser makers, I think. You're going further than all of them, at least currently, that's for sure. But I definitely see this becoming a discussion point for all the main browsers like this. You ask people from the Edge team, like what differentiates them from Chrome, and they will start talking about privacy and security and stuff like that. So that's a very good thing that you're doing, regardless of your own specific efforts on your own specific browsers, in my opinion.
JONATHAN_SAMPSON: Yeah, I think we're changing the narrative. That was the name Brave itself was chosen for that purpose. It requires users to do something profound, to go block third-party trackers by default. That brings with it a high amount of risk, you think about the false positives, the CDNs and stuff, which aren't necessarily doing anything wrong, yet they may appear as a third party and wind up having jQuery blocked for 87% of the internet or something. Fortunately, we've identified those scenarios and prevented them beforehand, but Brave is distinctly different than other browsers in that regard. We have a considerably different set of principles where first-party and third-party distinctions are important to us. This was something I had recently blogged about was, what does a web browser do when you first install it? Before you've ever even used it, before you navigate anywhere, with whom does it communicate? What data does it load? And when you compare Brave to the gamut of other browsers out there, it's a stark difference in contrast between what we do and what everyone else does. Brave will only ever connect to Brave domains whenever the browser first launches. Almost every other browser, I think Edge was the worst offender connected to more than 130 different endpoints and the vast majority of them were third parties. And it did real-time bidding before you even could focus the address bar. And so you're already having cookies, persistent cookies set on your device and being auctioned off. And you see this with quite a few different browsers across desktop and iOS. And I've got to do an Android version before too long. But yeah, Brave is distinctly different in the industry in this regard.
CHARLES MAX_WOOD: We're basically out of time. But this was really, really interesting. I kind of wanted to dive into how developers think about Brave, but we'll have to save that for later.
A few years ago at a JavaScript conference, I was approached by Nader Dabbitt. And you might know him from the React Native radio podcast. He's also a developer evangelist for Amazon. And when he came to me, we had a conversation about React Native. And the thing that I love about React Native is that it's approachable, it's web technology, and it's cross platform. And it makes a lot of things really easy for developers to jump in and do interesting things on mobile with JavaScript. So we've had this show now running for several years, React Native Radio, where we interview people about the React Native ecosystem, some of the things that are coming out in React and how they affect mobile, and other options that you have for mobile development. So if you're doing mobile development, you're doing it in JavaScript, you're looking for a good option, or maybe you're just trying to stay current with React Native, then go check out React Native Radio at reactnativeradio.com.
CHARLES MAX_WOOD: Let's go ahead and do some picks. Let's start with AJ.
AJ_O’NEAL: Okay, let's see. What book have I been listening to recently? I'll pick that for starters. I've been listening to Predictably Irrational and I highly recommend chapter four. It talks, and it's actually pretty relevant to this discussion. In fact, Samson, I'd recommend you check out Predictably Irrational and see if you get any thoughts from it, but one of the things it talks about is the relationship between, just in this chapter four in particular, the relationship between social norms and market norms, meaning how, whether or not you get paid for something or get a gift for it, or the way that the reciprocity is described to you that will be the outcome of an action, influences your willingness to participate in that action and how you feel about that action afterwards as a result. It talks quite a bit about economics, like price anchoring and and giving people different choices and stuff like that, as far as the book as a whole is talking about the way that we do things that are irrational, but very predictably. But anyway, the chapter four bit is about how, for example, it would be very awkward if you were to offer someone payment for a favor, which sometimes we do, to pay them for gas, but you wouldn't pay them like you would pay a taxi, for example. It would be very awkward to offer to pay someone for Thanksgiving dinner. And then we have these blurs in companies because we want to have this like nice incentive of social organization, but then we also have issues where sometimes it transcends and then it's, you know, an action's tied to a bonus. And, and so there's a lot of gray area where people will saying something in the wrong way can turn it from being something someone wanted to do and was grateful to be able to participate with you to something that a person feels negatively about. And I think this whole discussion around the browser and the getting paid for attention time and all that kind of stuff kind of ties into it the way that perception can change as we view economic models differently. And then also I will pick Dragon Ball Z. I've been watching myself some Dragon Ball Z. And gosh, I'm like, gosh. I have the edited American version and there's stuff that I never saw in the original show. And I mean, like none of it's that bad, but oh my goodness, the tropes and like the, like the 80-year-old men making comments to like sub-adult women and I just I can't believe it. Like I'm pretty sure it was not that way on Cartoon Network because they edited it out for Cartoon Network but man it's like but it's still it's still ignore that for a second. Let's just pretend that like those 30 seconds scattered throughout you know a dozen different episodes just don't exist. Watching it in marathon mode without the commercials every five minutes makes it actually not only a little bit more enjoyable, but I can actually get that there's a story and that there's a culture being developed among the fighters, like this whole, I guess it's like a martial arts style culture of you fight your enemy to show that you deserve respect. And then once you've beaten them, you bring them into your fold and make them your ally, which is kind of in stark contrast to some of the other social norms they're portraying in the show. It's kind of a neat idea that the villains become the heroes as they are defeated by the heroes, which is different from our, I think, American way that we portray these stories. Anyway, it's just kind of cool to be going back through it. That's all.
CHARLES MAX_WOOD: Nice. Dan, what are your picks?
DAN_SHAPPIR: So I'm going to go like a total opposite direction from AJ, and I'm going to go all tech. So it turns out that there were a couple of interesting announcements recently around web performance, which, as I think all of you know, is one of my main topics of interest. Recently, Microsoft, sorry, not Microsoft, we were mentioning Microsoft before, but Google. We were also talking about Google. Google made a couple of interesting announcements. So first thing, they introduced something called Web Vitals which basically means that they recommended certain metrics as the main metrics to monitor when you're looking at considering the performance of your website. Those are LCP, FID, and CLS. And if you don't know what these means, then you should definitely listen to my episode where you guys interviewed me about the alphabet soup of performance measurements, where I explain those and many other performance metrics as well. They also provided a bit of tooling around measuring those items. And interestingly also today, they announced Lighthouse version 6, which is like a significant change to their performance measurement tool. It's not yet in Google PSI, so if you're going there, you're still getting the old one. It's if you want to try it out, the place to try it is in Chrome Canary, if you're still using that browser instead of Brave after our discussion today. One more, actually two more things that I want to mention. One is that turns out we were talking about Ben and Ike because he's like the guy who runs Brave. In this context, it's interesting to mention that last week, JavaScript was 25 years old, I think on May 15th it was JavaScript's birthday. And I think it's appropriate to mention this on a JavaScript podcast. Maybe we should bring Brandon again to discuss JavaScript like reminisce again about how he feels after all these years. And if we're celebrating anniversaries, turns out that I've been eight years on Twitter. So yay for me, and I'm pretty active there. And if our listeners are interested in tweets about JavaScript and web performance, then they should follow me and I'll follow them back. And those are my picks for today.
CHARLES MAX_WOOD: Awesome.
AJ_O’NEAL: Can I add one more thing?
CHARLES MAX_WOOD: Steve, what are your picks? Oh, go ahead.
AJ_O’NEAL: I just want to actually pick this discussion here. And I wanted to say to Samson earlier, just thank you so much. I gave you a really hard time. And I actually I don't know if I'm quite ready to join the Church of Brave. But I definitely feel like it's a good religion to have.
JONATHAN_SAMPSON: I appreciate that.
AJ_O’NEAL: I downloaded it and I'm going to give it a try. I'm going to give it a fair shake.
JONATHAN_SAMPSON: Excellent. I'll keep working on you, man. I mean, I've told people on Twitter, it's like, you know, Brave, we definitely want to earn people's trust in this regard. So we'll keep in touch.
AJ_O’NEAL: The trust I think is the, is it a better browser than Chrome?
JONATHAN_SAMPSON: That's right.
AJ_O’NEAL: That's where it's going to hang for me more than the privacy is. Is it a better browser. I want to thank you so much for seriously answering the questions and, you know, really, you know, allowing those acknowledging and responding to so well my criticisms and skepticisms because I feel like I learned a lot and I hope that other people that are from my side of the fence softened up a bit too.
JONATHAN_SAMPSON: Well, I think you have the concerns and the questions that every sensible person should have when these topics are brought up. And so it's not always the case. I mean, there are a lot of people that they're not familiar with the context. They don't know what's going on in the space and they simply don't ask these hard questions, but you did and I appreciate that. Should I do pics as well?
CHARLES MAX_WOOD: Yeah, go ahead. And then we'll, we'll make Steve do it.
JONATHAN_SAMPSON: Okay. So, so we just kind of coming off of the, the fact that my JavaScript just turned 25 Alan Worf Sprock and Brendan Ike, they kind of worked together on JavaScript the first 20 years it's, I think 160 pages long and it's available online. So if you just do a search for JavaScript the first 20 years, that's really interesting. And then the only other thing that really consumes my time is the office. There's I purchased the book, The Office, the untold stories of the greatest sitcom of the 2000s. And then of course, the office ladies podcast is a podcast between Jenna Fisher and Angela Kinsley. And it's my favorite thing in the world right now. So those would be my picks.
CHARLES MAX_WOOD: Steve, what are your picks?
STEVE_EDWARDS: Yeah, speaking of the office, I think that's one of those things I'm gonna have to get into eventually. My daughter and my son love them and can quote every line. And I've seen interviews with some of the different cast members. You know, and John Krasinski's got his, was it One Good Thing podcast?
JONATHAN_SAMPSON: One Good News.
STEVE_EDWARDS: One Good News, yeah, The Good News thing. He's done the prom and he did the wedding with the Die Hard fans where he brought in the whole cast to do the dance. And so yeah, I'll have to check it out. It's certainly a different type of humor. But yeah, it looks good. I'll have to check that out. So, you know, one of the real popular TV genres that you've seen over the past few years has been along the lines of the home and garden TV or the do it yourself type stuff. You know, the classics are this old house type show and it's just sort of exploded. It's just not my thing usually, but my wife and my nine-year-old son has sucked me into one show for reasons I have yet to figure out. And it's on ACTV and it's called Hometown. And it's a young couple, Erin and Ben Napier, who live in this little dinky town in the middle of Mississippi called Laurel. And the show is about redoing all the houses in their own specific town. It's like, you know, I guess there's a lot of houses that need to be fixed up. And so every show, you know, somebody will come in and have a budget and buy the house. And boy, it's amazing how cheap you can get some houses down there, especially compared to here in the Portland area but they'll buy the house and then redo it. And some houses will need, you know, just a little bit of work and other houses will need to be totally gutted and redone. But I like the couple and they got a good sense of humor. And it's just sort of a fun show to watch. There's four seasons and I think there's 10 episodes in each season and they're on HGTV. Yeah, it's been a fun little show to watch. Nice. I love those house fixing shows. They used to spend a ton of time watching sh
CHARLES MAX_WOOD: ows like that. Amy, what are your picks?
AIMEE_KNIGHT: I have two. So we were talking at the beginning of the show, I've been trying to level up on my networking knowledge. So I kind of went on a deep dive into BGP this weekend, which is basically just the way that routers connect on the internet and like more specifically into BGP hijacking, which is pretty interesting to me. So I am choosing the post that kind of like kicked off my rabbit hole trail down into all of this because it was pretty fun. And then the other one, because I've been trying to get on the bandwagon again about picking like healthy food picks is, I used to, I think I've picked it in the past, something called Amazing Grass, and it's good for you, but it tastes awful in my opinion. And I found one that is actually even better for you, but actually tastes good.
STEVE_EDWARDS: Isn't that the general rule that if it's good for you, it tastes bad, and if it's bad for you, it tastes good?
AIMEE_KNIGHT: Yes, but so the price side-
DAN_SHAPPIR: Isn't it the general rule that eating grass is generally-probably not something that's going to be really tasty. It helps things move better.
AIMEE_KNIGHT: But it's like, it's called eight greens and it actually tastes delicious if you put it in your waters developed by a cancer survivor. So those are going to be my picks for me.
CHARLES MAX_WOOD: Nice. I've been doing keto. So if it tastes good, it's probably good for you. Anyway, I'm going to throw in a few picks. So one of them I've been doing the one funnel away challenge by Russell Brunson and gang over at ClickFunnels. I think it was 100 bucks. And what's funny is that I got on their affiliate program. And if you refer people, it's 100 bucks. But I am digging it. The videos are terrific. If you're trying to get marketing systems set up, they're just totally killing it. So I'm really enjoying that. I've been kind of on a Russell Brunson binge lately. I listen to Expert Secrets, which is a book that he wrote and it's his only book that I could find on audible. But he's also got dot com secrets and traffic secrets, which again, just walk you through the process of creating products and setting up funnels and doing the marketing and stuff like that. And I'm really loving it. So I'm going to pick all of the Russell Brunson stuff and I'll put links to all that stuff in the show notes. And yeah, we'll go ahead and wrap up here. Thanks for coming, Samson.
JONATHAN_SAMPSON: Thank you guys so much for having me. It's been a blast.
CHARLES MAX_WOOD: If people want to follow you online, where do they find you?
JONATHAN_SAMPSON: So, uh, you can find me at Brave Sampson on Twitter. There's a P in there, S-A-M-P-S-O-N. And that's probably the best place.
CHARLES MAX_WOOD: Sounds good.
AJ_O’NEAL: Wait, but the Jonathan Sampson is you too, right?
JONATHAN_SAMPSON: Yeah. So I have long ago always started creating different profiles, like profile accounts for different contexts. So if you're following for Brave stuff, Brave Sampson is where you should go. If you just want to follow me for office quotes and puns, then Jonathan Sampson would be the right account.
STEVE_EDWARDS: Ooh, puns? Oh, sweet. Okay.
CHARLES MAX_WOOD: I know I didn't whip out any dad jokes this time. I know the listenership is disappointed, but next time folks, next time. Need more fan service. All right. Well, we're going to go ahead and wrap up. Thanks again, Samson. And until next week, folks, Max out.
DAN_SHAPPIR: Bye.
AJ_O’NEAL: Adios.
Bandwidth for this segment is provided by Cashfly, the world's fastest CDN. To deliver your content fast with Cashfly, visit c-a-c-h-e-f-l-y dot com to learn more.
JSJ 437: Inside the Brave Browser with Jonathan Sampson
0:00
Playback Speed: