The Tor leak was already fixed in Brave Nightly when independently discovered. We were fixing as part of a HackerOne bug report, which per standard practice is not disclosed until patched in all releases. The mistake there was not forgetting to disclose, it was not airlifting the fix into Brave Stable and intermediate releases right away. We have already made process fixes; automated network leak testing is the biggest one.
If you don't like crypto-tokens, don't use them. They're optional in Brave. They have no privacy impact.
Cliqz’s Human Web used servers from FoxyProxy to remove IP address info. Will you continue to partner with FoxyProxy (as a matter of outsourcing the “trust us, we’re not tracking your IP”) component? If not FoxyProxy, then who — this 3rd party companies’ reputation matters.
We've used Fastly in the past to drop IP, implemented using VCL. I believe we're using other vendors now as well. Unlikely to use FoxyProxy but the idea is the same. We don't log IPs and don't let them get to us or to Google or other service providers, where possible.
If you are interested, https://brave.com/brave-private-cdn/ describes how we go to even more effort to avoid seeing fingerprints as well as identifiers including IP addresses.
The Tor leak was already fixed in Brave Nightly when independently discovered. We were fixing as part of a HackerOne bug report, which per standard practice is not disclosed until patched in all releases. The mistake there was not forgetting to disclose, it was not airlifting the fix into Brave Stable and intermediate releases right away. We have already made process fixes; automated network leak testing is the biggest one.
If you don't like crypto-tokens, don't use them. They're optional in Brave. They have no privacy impact.