this post was submitted on 30 Oct 2024
213 points (100.0% liked)
Privacy
789 readers
48 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Aren't all search queries available to whoever hosts an instance? In my eyes this is much worse to privacy and a much bigger risk unless you really know who is behind your chosen instance. I would trust some a company a bit more with safeguarding this information so it does not leak to some random guy.
As someone who hosts an instance, news to me lol
Edit: Developer says this can't be done currently? Reddit comment
Of course it can be done, check your web server logs.
If you are using GET requests to send search queries to searxng, what you searched for will show up in the logs as
If you use POST requests the server admin can also easily enable logging those.
People hosting searxng can absolutely see what you searched for, along with your IP address, user agent string etc.
Well my instance’s logs are sent to null for this reason already, but thank you for the info!
Thanks for clarification and great that this is not included in project, but couldn't someone change the server side code and somehow see more info that goes through?
I know there is that HTML check in https://searx.space/ to see if search interface code is not heavily modified, but on server side anything could go on.
If requests are encrypted in a way that searxng does not see contents then it probably is not trivial to do, but there always is a possibility something clever could be done.
It doesn't bother me one bit of you know my search history. You'll learn I search a word to see if I know your to spell it properly and that I DIY a lot of stuff lol
Billions of Chinese also aren't bothered that they live under surveillance, but it isn't right.
Good thing it only happens to the Chinese...
Companies are definitely selling your data. Use a VPN.
A VPN will not save you, they are easily worse for privacy in terms of user tracking. It centralises your entire web traffic in a single place for the VPN provider to track (and potentially sell).
You either trust the ISP or a VPN. Its a tool not a blanket of protection. Opsec and knowing how to move is most important.
But you pay more for what is essentially the same with a VPN. You have to buy a VPN subscription on top of your internet subscription, get less speed because your internet traffic is being routed through a different country and get no benefit to privacy. The only use case for a VPN is when you have to bypass georestrictions.