I personally use Metager. Open source, and funded by a nonprofit. Its also carbon neutral which is really nice.
this post was submitted on 02 Oct 2021
6 points (66.7% liked)
Privacy
35064 readers
343 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
thanks. now I'm using it too.
You're right, it's a very interesting search engine and it complied on its promise to be good for the environment.
There cool and around since forever. Sadly according to their privacy policy they forward parts of user agent and ip to third partys to show "non-personalized ads". But you can use them via their onion service :)
There's a certain irony to a page that's accusing DDG of being "a privacy abuser in disguise" whose site causes this:
I looked at the information they provided, and Gabriel Weinberg really made NamesDB.
I looked at the malformed certificate and said "I'm not stepping past this point".
I'm not sure what point you're trying to make here. I've written code that is still used by SWIFT to this day. Does that make me a banker apologist? (Also which of approximately 10,000 projects named NamesDB?)
The certificate isn't "malformed" it's just not signed by one of the holy approved certificate authorities.
Allow me to rephrase.
I looked at the dodgy certificate and said "I'm not stepping past this point".
You certainly didn't miss anything, but the certificate isn't any more dodgy than that of any other site.
Self-signed certificates are too silly to bother with. Might as well go straight http if you're going to go self-signed.
A CA-signed cert reduces the chance of a bad actor between me and the target site. A self-signed cert opens the door to trivial MitM attacks.
A CA-signed cert reduces the chance of a bad actor between me and the target site.
Because bad actors that can hijack your traffic are unable to get a fake certificate signed?!
A self-signed cert opens the door to trivial MitM attacks.
How would that be?
Getting a fake certificate signed requires state level opposition or entities with that level of resources, and frankly if your opposition is state level, you're fucked anyway.
Self-signed certs let Jimmy-Joe-Bob's Rifle Range and Real Good Hacker Script Kiddie Ring fake you out in minutes.
Getting a fake certificate signed requires state level opposition or entities with that level of resources
Yeah like I said, if they can hijack your traffic, they can easily get a fake cert signed.
Self-signed certs let Jimmy-Joe-Bob’s Rifle Range and Real Good Hacker Script Kiddie Ring fake you out in minutes.
How? They would have to steal the CA key and could only impersonate the site with the self signed cert. (At least if you don't add it to your certificate store)
The cert is self-signed. There is by definition no CA key! Anybody accessing that sight, unless they did something phenomenally stupid, is going to have to validate access by self-signed cert on each access. And that means that any MitM isn't going to flag any alarms ... because they'd be inserting themselves as a self-signed cert.
~~it's been~~ i have seen it pushing link tracking into their html(non-js) site. that has prompted me to quit.
i'm using qwant for the time being although it kinda sucks for things that i research.
i use a searx instance(google) for one of my browsers on mobile.
the best solution is going to have to be to build something custom.
And it should be custom, beautiful, and open source.
It is not more beautiful than you. uwu