Have they stopped whitelisting Facebook and Twitter in their "tracking blocker" yet?

The BS coming from their blog post surrounding this whitelist makes me distrust them completely: "Loading a script from an edge-cache does not track a user without third-party cookies or equivalent browser-local storage" (...) "Given that most users on the web share IP addresses with other users because of NAT, it is unlikely this can be used to reliably track users"

Not only it's quite possible to know if the user is behind CGNAT or not, meaning the tracking works just fine for millions of users, but carriers have been known to inject user IDs in the replies of users behind CGNAT.

Apparently not. Would there be a way via settings to just explicitly blacklist?

The handling, or the bug itself? Sound like the damage control is fine (although worrying that they have no way to distribute hotfixes more rapidly than this).

The bug in the first place, on the other hand, seems pretty negligent. Not that it's incomprehensible, just pretty stupid.

Anyhow, good luck with brave!

The bug in the first place. That we can't easily rollback this "upgrade" as well.