Description of the issue: How can this issue be reproduced?
Expected result:
Brave Version( check About Brave):
Additional Information:
The Brave browser is a fast, private and secure web browser for PC, Mac and mobile. Download now to enjoy a faster ad-free browsing experience that saves data and battery life by blocking tracking software.
I am here to say you lost a user and you should correct your behaviour. Be transparent or lose.
Hopefully this will bring awareness of this bad practice and you correct it in time, i might come back when this has been addressed.
They admitted mistake. It’s being worked on…
opened 05:53PM - 18 Oct 23 UTC
OS/Windows
setup/installer
OS/Desktop
feature/vpn
## Background
Starting with product version [1.59.117 on Windows](https://githu… b.com/brave/brave-browser/releases/tag/v1.59.117), WireGuard is used as the default for Brave VPN.
With product version [1.57.47](https://github.com/brave/brave-browser/releases/tag/v1.57.47), Brave will install a service `Brave Vpn Wireguard Service` if a user has admin privileges. This service is marked as `Manual` start and is not started. The binary is also installed on disk in the directory the the browser binaries are installed.
This change was introduced here:
https://github.com/brave/brave-core/pull/18565
The pull request links to the devops issue where we compile the binary and also to the privacy/security review where this was vetted. Originally, this work was all behind a feature flag exposed via `brave://flags`.
There is also a `Brave Vpn Service` that is installed (also set to `Manual` start, not started) which has been there for a longer time. This service was added here:
https://github.com/brave/brave-core/pull/15915
That change went live with Brave product version [1.50.114 on Windows](https://github.com/brave/brave-browser/releases/tag/v1.50.114). This service was added to provide an OS level way to stop leaking of DNS due to a Windows feature called `Smart Multi-Homed Name Resolution` and is only used when a customer has purchased VPN and the VPN is connected. More information about Smart Multi-Homed Name Resolution and why this service was created can be found here:
https://github.com/brave/brave-browser/issues/25489
Here is a picture from `services.msc` courtesy of [ghacks.net](https://www.ghacks.net/2023/10/18/brave-is-installing-vpn-services-without-user-consent/)
These services will only be used when the person buys Brave VPN (via account.brave.com) and engages with the UI in the product.
## Description
On Windows only, there are two VPN related services (`Brave Vpn Service` and `Brave Vpn Wireguard Service`) registered with Windows when Brave is freshly installed. They can be viewed in `services.msc`. They are both set to `Manual` start and are not used until a person 1) uses Brave and 2) purchases Brave VPN and then 3) connects to Brave VPN.
At that point, a config (with the VPN details) is written to disk and the service is started.
These services are installed at install time - since the installer is already doing a UAC prompt (admin escalation). The ideal situation would be to move these services to be installed when VPN is first USED (post purchase) and not at install time.
## What does the fix look like
As we solve this issue, here's what we plan to do
- Remove the service registrations during install (for `Brave Vpn Service` and `Brave Vpn Wireguard Service`). This will prevent new users from having the service installed.
- "Componentize" the binaries for these services, similar to Tor and IPFS. Those can be viewed in brave://components. There would be a new entry here like `Brave Vpn Services (Windows)`.
- Update the VPN code to download/install the component at time of use
- Remove the service registrations during upgrade - so folks who have this service installed will have the service removed.