←back to thread

Brave taking cryptocurrency donations “for me” without my consent

(twitter.com)
323 points plusCubed | 2 comments | 21 Dec 18 17:48 UTC | HN request time: 0.567s | source
Show context
egypturnash ◴[21 Dec 18 19:55 UTC] No.18736059[source]
I just dug up info on how Brave’s contributions thing works and it feels like such a mess.

According to https://brave.com/publishers/

- once you have accumulated $100 in contributions they email “the webmaster at your site” and the owner of your domain according to the WHOIS. I assume this is “webmaster@domain.name”, which I sure don’t have set up on my personal site.

- you have to “check your balance frequently and transfer funds wherever you choose”, which suggests that there’s no way to just say “send my my balance every month” and forget about it.

This whole model totally breaks down when you remember that there’s a ton of independent creators who don’t have their own sites, but instead post stuff on another site. Is Brave going to realize that I’m following this particular person on YouTube, that person on Tumblr, this other person on Deviantart, etc, etc? And are they going to ping them or are they just gonna tell the people who own the site?

The page where you sign up to receive payments (https://publishers.basicattentiontoken.org) makes it sound like they understand YouTube accounts and nothing else, and as a creator whos interest in pivoting to video is nonexistent, screw that, I’ll stick with Patreon and it’s opt-in model that just transfers money into my bank account every month as long as I have patrons.

replies(8): >>18736102 #>>18736127 #>>18736278 #>>18736428 #>>18736434 #>>18736772 #>>18736773 #>>18737539 #
egypturnash ◴[21 Dec 18 20:21 UTC] No.18736278[source]
Oh apparently they understand Twitch channels too, huzzah, ugh.
replies(1): >>18736359 #
egypturnash ◴[21 Dec 18 20:31 UTC] No.18736359[source]
So I typed my domain into the setup thing and I got this:

"Hello. It looks like you are using WordPress!"

"Your domain is NOT using HTTPS.Uh oh! Your domain is NOT using HTTPS. You will need to fix that before continuing."

"The following error was encountered: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: sslv3 alert handshake failure"

Why do I need to be using HTTPS before you'll think about paying me, Brave? I've been getting along posting comics on my HTTP site for an entire decade, and I'm really not interested in bothering to set that up. You are really not built with any understanding of the level of technical knowledge among people who make art, are you. And I'm unusually technical for an artist.

Oh wait there is a 'choose different verification method'. I can place a trusted file in my domain? Nope. Requires HTTPS. Or I can add a record to my DNS settings; let's try that... looks like I gotta wait for the dns to propagate, that's always fun.

replies(3): >>18736511 #>>18738315 #>>18741276 #
maxencecornet ◴[22 Dec 18 01:36 UTC] No.18738315[source]
I mean, they are not wrong, you should be using HTTPS.
replies(1): >>18741836 #
1. egypturnash ◴[22 Dec 18 18:40 UTC] No.18741836[source]
Why? I don’t have any user accounts on my site. Just stuff. And I’m too busy drawing new stuff to try and get HTTPS working.

I had ads on it just fine without HTTPS. I’ve had PayPal links without it, I’ve had Patreon links. Getting Brave hooked up is a giant pain in the ass compared to everything else I’ve tried.

replies(1): >>18744273 #
2. JCharante ◴[23 Dec 18 03:41 UTC] No.18744273[source]
Because not using HTTPS allows an end user's ISP to inject their own ads on their rendition of your website. Whether these ads are for third parties or are telling them about how much data they have left on their monthly plan, I think we can agree that protecting users from their scummy ISP or potential bad actors on their Network by throwing https onto your site is worth it.