Gregory's Server@henry_barreto @jcrabapple @TheBreadmonkey Even if Kagi promises privacy, I have a hard time trusting that it's 100% guaranteed when using their service requires a subscription and login.
|
14 comments
 @eighthourlunch @henry_barreto @TheBreadmonkey they're also adding Privacy Pass integration this month.  @jcrabapple @eighthourlunch @henry_barreto @TheBreadmonkey Ooo, that part (privacy pass) is interesting -- do they have more details on this somewhere? (This _should_ allow users to prove to Kagi that they have a valid subscription without revealing who they are -- but of course the details are very important here ;) @meejah @eighthourlunch @henry_barreto @TheBreadmonkey yes that is the goal, but it was just mentioned on their 2024 year end call. There should be more details coming soon. @jcrabapple @eighthourlunch @henry_barreto @TheBreadmonkey Cool. I've previously worked on a privacy-pass based payment system, so I'm very curious how they're using it here :) @jcrabapple @eighthourlunch @henry_barreto @TheBreadmonkey Just watched that segment: super cool! This sounds ideal, and great use of Privacy Pass. I would still like a few more details (like when they rotate server keys, how many tokens are issued per request, and how those token-issuing requests work). In any case, the answers to those will only slightly affect what Kagi learns; they will _not_ be able to associate searches to particular users (just that a user is legitimate). @jcrabapple @eighthourlunch @henry_barreto @TheBreadmonkey May have to take a look at Kagi when that lands... @eighthourlunch @henry_barreto @jcrabapple @TheBreadmonkey huh, isn‘t it actually the other way around? Only by requiring a subscription, and making money from me as their customer they can offer true anonymity in searches. Because they don‘t need to scan your content to serve you ads. Very happy Kagi user. @Mastokarl @henry_barreto @jcrabapple @TheBreadmonkey Unless I'm looking at the source code and know that's what's in production, or have trusted a third party that can reasonably ensure the same, then no. Even then, they still collect personal data for payment and login. I'm open to evidence, but I'm still wary about creating yet another login and monthly cost. Search used to work reasonably well without either. @eighthourlunch @Mastokarl @henry_barreto @jcrabapple @TheBreadmonkey I'm in this boat: I like the _idea_ of Kagi, and am certainly open to paying for service / lack-of-ads / lack-of-"AI" -- but I do not love "look-aside" claims of anonymity. That is, a "trust us, we're not logging the data that we definitely have access to". I'd rather have a protocol which doesn't give them access to these data (and this is why mentions of "privacy pass" are exciting). @eighthourlunch @henry_barreto @jcrabapple @TheBreadmonkey fully agree that an open-source search engine would be the one and only proof. For me, Kagi is a good compromise between privacy and power/usability. @eighthourlunch @henry_barreto @jcrabapple @TheBreadmonkey that makes me trust them more. That means you are the customer, not advertisers.  @eighthourlunch @henry_barreto @jcrabapple @TheBreadmonkey You can use @brave Search anonymously and for free, it is independent, it doesn't rely on Google like Startpage or on Bing like DDG. |
@eighthourlunch @henry_barreto @TheBreadmonkey From their privacy policy:
Searches are anonymous and private to you. Kagi does not log and associate searches with an account.
We do not log or store your IP address. Your IP address is used only temporarily when enriching location/maps searches, and is not shared with any other party.
We only store cookies needed for site functionality.
We do not use any web browser analytics or other frontend telemetry.
We do not display any ads, or have any first-party or third-party tracking in service of ads.
We collect only the data needed to provide and protect the service.
We proxy all images to prevent tracking from third parties.
We use HTTPS encryption everywhere. All passwords are hashed and salted.
Of course, if you don't trust privacy policies or any third parties you can self-host SearXNG or Whoogle.
@eighthourlunch @henry_barreto @TheBreadmonkey From their privacy policy:
Searches are anonymous and private to you. Kagi does not log and associate searches with an account.
We do not log or store your IP address. Your IP address is used only temporarily when enriching location/maps searches, and is not shared with any other party.
We only store cookies needed for site functionality.