98
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 02 Oct 2023
98 points (100.0% liked)
Privacy
31904 readers
277 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Kagi can claim whatever they want in their privacy policy. Where's the code of their servers? Because I see none. How do we know they aren't keeping logs that could be easily correlated (by themselves or a third party who access their servers)?
Even if we had the code, I would still be skeptical, we can't be sure what code are they exactly running on the server side and having an account linked to every search is just awful.
SearXNG is anonymous while offering the very same features, if not better.
You aren't wrong about not knowing if SearXNG instances are running a modified version of SearXNG that tries to log you.
Fortunately, we don't need to trust those instances. They do not require you to login, so there's not an unique identifier (like an account) to associate your searches with other than your IP address which you can hide with a VPN, or even better, using a .onion instance (something that Kagi does not have at all AFAIK).
For using Kagi, no matter if you switch your IP address every time, if you delete cookies after closing your browser or if you buy a new laptop for every search query, you're uniquely identified because you need to log into your account.
And for that account, you have to use a payment method. Sure, you can try and pay with a Monero to Bitcoin exchanger and do not give any personal information (and if we're being realistic, we know most Kagi clients aren't doing this). Even if you paid anonymously, you can only achieve pseudonymity because you're associated with your account.
With SearXNG, I could use a different .onion instance for each query and be completely anonymous (that's completely overkill, but it illustrates my point well).
No. Kagi's fault is needing an account, a unique identifier which all searches could be correlated to.
SearXNG could leak your IP if your VPN provider was keeping logs? Definitely. And so does Kagi. Tor could be attacked by a three letter agency and compromise your .onion connection to SearXNG? Definitely. And it would be easier to de-anonimyze you when connecting to Kagi, which doesn't have an onion domain. Do you need to give SearXNG your email and/or payment information? Not at all. But Kagi requires it. Can you look like two completely different users when doing two queries to SearXNG? Easy. Not possible with Kagi. Do we have the server's code? We do for SearXNG instances. We don't have Kagi's.
I think it's pretty clear the privacy compromise here.
That’s a good point that I hadn’t considered. I do like the idea of SearXNG, but didn’t have great results when testing it. Maybe I should give it another shot on another instance.