Conversation

Notices

1. Embed this notice
   Jennifer De Broglie-Bohm (maid@shitposter.world)'s status on Monday, 04-May-2026 08:56:20 JST Jennifer De Broglie-Bohm

   in reply to

   • fiat volvntas tva
   • CapitalB
   • racist teto
   @teto @CapitalB @scathach instead of saving your passwords in a browser, why not just use keepassxc completely locally and sync the database across your devices with syncthing
   • georgia likes this.
   • Embed this notice
     racist teto (teto@cawfee.club)'s status on Monday, 04-May-2026 08:56:21 JST racist teto

     in reply to

     • fiat volvntas tva
     • CapitalB
     @scathach @CapitalB @maid its not going into a blockchain I mixed that up.
     
     Heres a brave search AI answer on how it works
     
     Brave Sync operates using a Sync Chain architecture rather than traditional user accounts, ensuring that no data is sent to Google and Brave cannot view or decrypt your content. To establish a chain, the initial client generates a 32-byte random seed which is encoded into a 24-word BIP39 passphrase; other devices join the chain by scanning a QR code or manually entering these words. This process uses HKDF-SHA512 to derive an Ed25519 signing keypair for authenticating with Brave’s servers, while access tokens are generated using network or local time stamps that expire after one day.
     
     All browsing data is protected through strict client-side encryption before it reaches Brave’s servers. The BIP39 phrase is key-stretched using scrypt (N = 2^13, r = 8, p = 11) with a random salt to create a secure key, which is then used directly as an AES128-CTR-HMAC encryption key. While essential metadata like device names and item IDs remain in plaintext for synchronization conflict resolution, all actual content—such as bookmarks, passwords, and history—is encrypted locally on the device.
     
     The encrypted data is stored on Brave-operated servers and remains available as long as at least one device in the chain is active; data unused for 12 months is permanently deleted. Brave Sync v2 is fully implemented on Desktop and Android, with iOS supporting most data types including bookmarks, history, passwords, and open tabs. Because the encryption keys are derived solely from the user's passphrase and never leave the devices, zero-access encryption ensures that even if servers are compromised, the synced data remains unreadable to anyone without the original sync chain credentials.
   • Embed this notice
     fiat volvntas tva (scathach@stereophonic.space)'s status on Monday, 04-May-2026 08:56:23 JST fiat volvntas tva

     in reply to

     • CapitalB
     • racist teto
     @teto @CapitalB @maid ...what keys are your passwords being encrypted with before being stored on their blockchain
   • Embed this notice
     racist teto (teto@cawfee.club)'s status on Monday, 04-May-2026 08:56:24 JST racist teto

     in reply to

     • CapitalB
     @CapitalB @maid yes firefox uses mozillas servers that can be hacked at any point. Brave has no such servers and everything is on a blockchain that every user of the browser is on by simply using it
   • Embed this notice
     CapitalB (capitalb@noauthority.social)'s status on Monday, 04-May-2026 08:56:25 JST CapitalB

     in reply to

     • racist teto

     @teto @maid

     What?!

     Really???

   • Embed this notice
     Jennifer De Broglie-Bohm (maid@shitposter.world)'s status on Monday, 04-May-2026 08:56:26 JST Jennifer De Broglie-Bohm

     in reply to

     • racist teto
     @teto what did Firefox do to you to forsake it
   • Embed this notice
     racist teto (teto@cawfee.club)'s status on Monday, 04-May-2026 08:56:26 JST racist teto

     in reply to
     @maid it syncs my passwords and data with a server instead of a decentralized blockchain
   • Embed this notice
     racist teto (teto@cawfee.club)'s status on Monday, 04-May-2026 08:56:29 JST racist teto
     Oh brave has a debloated version now called brave origin. Guess im switching to that. No crypto crap in there