If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

Brave Firewall + VPN is an extra service that Brave users may subscribe to for a monthly fee. Launched in mid-2022, it is a cooperation between Brave Software, maker of Brave Browser, and Guardian, the company that operates the VPN and the firewall solution. The firewall and VPN solution is available for $9.99 per month.

  • @hottari@lemmy.ml
    link
    fedilink
    51 year ago

    I don’t use Windows but if you install a program that requires a service on Linux, the service will be written to your system’s services daemon awaiting your activation. I don’t see what the issue with that is.

    • @citytree@lemmy.ml
      link
      fedilink
      9
      edit-2
      1 year ago

      What’s to stop the installer on Linux from configuring the service such that the service always runs on boot? e.g. systemctl enable malware.service.

      • Possibly linux
        link
        fedilink
        English
        5
        edit-2
        1 year ago

        Linux doesn’t have “installers” as Linux uses package managers. The only way you can get malware is if you manually add a bad repo.

        So it doesn’t really matter in the long run

        • @AtmaJnana@lemmy.world
          link
          fedilink
          11 year ago

          Linux doesn’t have “installers” as Linux uses package managers. The only way you can get malware is if you manually add a bad repo.

          Are you really serious making this claim? lol.

          • Possibly linux
            link
            fedilink
            English
            21 year ago

            Yes, prove me wrong. As long as your running a up to date system there shouldn’t be anything that could be easily compromised.

            • @AtmaJnana@lemmy.world
              link
              fedilink
              1
              edit-2
              1 year ago

              I’ve been using Linux (and UNIX) professionally since the kernel version started with a “1.” I have no need to try to prove anything to you. Linux has installers other than just those invoked by a package manager, and it is laughable that you claim otherwise.

      • @hottari@lemmy.ml
        link
        fedilink
        3
        edit-2
        1 year ago

        You still need to manually enable the service. The configuration of the service has zero effect on its activation or lifecycle.

        • calm.like.a.bomb
          link
          fedilink
          English
          91 year ago

          Huh? Any script can create a service, enable it and then start it. What would make you think the brave package (or just the application itself) can’t do this?

          • @hottari@lemmy.ml
            link
            fedilink
            21 year ago

            Not possible to start or enable a created service without user intervention. You don’t know what you are talking about.

            • Ferk
              link
              fedilink
              11
              edit-2
              1 year ago

              Systemd “enabled” services are literal symlinks… whenever a target runs, it tries to start also all the service files on its “wants” directory.

              You can literally enable any service for next boot by making a symlink in /etc/systemd/system/multi-user.target.wants/ (or whichever other target you want it to run on) as root (and installation scripts are run as root).

              ln -s /usr/lib/systemd/system/whatever.service  /etc/systemd/system/multi-user.target.wants/whatever.service
              
              
              • @hottari@lemmy.ml
                link
                fedilink
                21 year ago

                This is actually very close (just tested and confirmed it). I somehow stand corrected about requiring manual enablement but this is just using the package manager to do the dirty work for you.

                However the program itself cannot write into those directories without root permissions. You still have to allow your package manager to do this with root permissions as mentioned.

                  • @hottari@lemmy.ml
                    link
                    fedilink
                    1
                    edit-2
                    1 year ago

                    Installing a package requires root which will automatically give the package manager permission to write anywhere on the system. To create a systemd service in user that will automatically start at boot requires root, someguy here commented with the how.

                    However you can run any installed binary via Desktop files as a user (no root) on login by writing to ~/.config/autostart.

            • calm.like.a.bomb
              link
              fedilink
              English
              61 year ago

              OK… challenge accepted. Maybe you don’t know about systemd user services.

              Content of mytrojan.sh:

              #!/usr/bin/env bash
              
              echo "Writing the service unit file"
              
              cat > ~/.config/systemd/user/my_test_service.service << EOF
              [Unit]
              Description=Script Daemon For Test User Services
              
              [Service]
              Type=simple
              User=
              #Group=
              ExecStart=/home/user/bin/myscript.sh
              Restart=on-failure
              StandardOutput=file:%h/log_file
              
              [Install]
              WantedBy=default.target
              EOF
              
              echo "Reloading systemd for the user"
              systemctl --user daemon-reload || exit 1
              
              echo "Enabling and starting the service"
              systemctl --user enable --now my_test_service.service
              

              Content of myscript.sh:

              $ cat ~/bin/myscript.sh
              #!/usr/bin/env bash
              
              while true
              do
                  now=$(date)
                  me=$(whoami)
                  echo "User $me at $now"
                  sleep 10
              done
              

              Now run the script (mytrojan.sh) and check service status after that:

              $ ./mytrojan.sh
              Writing the service unit file
              Reloading systemd for the user
              Enabling and starting the service
              $ systemctl --user status my_test_service.service
              ● my_test_service.service - Script Daemon For Test User Services
                   Loaded: loaded (/home/user/.config/systemd/user/my_test_service.service; enabled; vendor preset: ena>
                   Active: active (running) since Thu 2023-10-19 12:15:21 EEST; 6s ago
                 Main PID: 1666383 (myscript.sh)
                    Tasks: 2 (limit: 18757)
                   Memory: 556.0K
                      CPU: 4ms
                   CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/my_test_service.service
                           ├─1666383 /bin/bash /home/user/bin/myscript.sh
                           └─1666387 sleep 10
              
              Oct 19 12:15:21 tesla systemd[1866318]: Started Script Daemon For Test User Services
              
                • Now imagine that the script is set to run as part of the brave installation - you type “yes” please download brave, brave installs brave and runs this script. Linux isn’t immune to malware as you seem to think.

                  • @hottari@lemmy.ml
                    link
                    fedilink
                    21 year ago

                    You would need the power of root to do all these aforementioned things (run a VPN service).

                    And am not saying that Linux is immune to malware, just that it’s not out of the norm to have package managers install services crucial for operation during installation. Since Windows doesn’t have package managers, I’m gonna replace package managers with packages in this reasoning.