Mullvad's privacy-focused search engine Leta is now free for all users | Leta acts as a proxy for Google and Brave search results
-
I don't like how it tells you when the results were cached. You can tell if and when a query was searched for by someone else.
-
I do like it because when I'm trying to find out more information about break8ng events I want to know if I'm getting outdated information. Also, knowing that someone, somewhere in the world entered the same search terms as you within the last 30 days tells you absolutely nothing about that person.
-
I wonder if they're using the (paid) Google and Brave APIs, and are running Leta as a loss leader, or if they have some way to get around it
-
Unless the terms include a name or location. Plus Leta is not widely used.
Suppose you tell someone in secret that you were arrested. You know they use Leta, so you look up "John Doe arrest" later and see that it was just recently cached. You only told one person so it must have been them. You now know what someone searched because they used Leta.
-
Surely it has to be the paid APIs. You can't build a service hoping Google won't notice your bots running searches.
-
Searx can provide a much better experience.
For example, on the instance I'm using if a search result is a Google thread, the link will direct you to a redlib reddit proxy.
-
I guess you would need a lot of proxies. And they probably need to be on Googles good side to keep their VPN extension in Chrome
-
I guess you would need a lot of proxies
-
uh-oh
Leta is not widely used.
Please everyone, help click
-
That would be incredibly slow
-
Unless the terms include a name or location.
This is somewhat valid but it still doesn't really tell you anything about who searched for that thing. You only know that someone else searched for it and how long ago it happened. You have no idea who they are, where they are, or why they entered that search term.
Suppose you tell someone in secret that you were arrested. You know they use Leta, so you look up “John Doe arrest” later and see that it was just recently cached. You only told one person so it must have been them. You now know what someone searched because they used Leta.
No, you don't know that. You are assuming it.
You don't have a comprehensive list of Leta users and you aren't the only person who knows about your arrest. There's at very least the cops, whatever support staff they have around at the time, and anyone they talked to. Then there's any witnesses to the arrest, everyone who could have seen you in the back of a cop car, and everyone they talked to. Even if you were somehow arrested and processed by a single officer in total secret and then he killed himself in front of you before he could tell anyone else, there's still the possibility that your friend betrayed your confidence and told other people about your arrest.
-
It was just an example but ok, let's fix it.
You want to see if someone is nosy so you lie and tell them you were arrested in 2006. You check and see "John Doe arrest 2006" or "John Doe 2006 arrest" is cached.
You get the idea.
-
Ok, cool. You successfully proved that a person you suspect of being nosy actually is. You probably could have figured that out based on their reaction to you telling them about the fake arrest. Also, your nosy fake friend is a real idiot. They are apparently privacy focused enough to be using Leta but ignorant of the fact that this search is going to be cached and the time ligged. The arrest is from 2006 so it's unlikely anyone else would have searched it. Leta isn't widely used so the smart play is to use literally any other search engine for this one search because the only person they need to keep it a secret from is you. Or maybe they just don't care if you know that they searched for more info on your arrest because everyone already knows they are nosy.
All of this is besides the point though because none of these super specific scenarios are what we're talking about when we discuss privacy on this level. This is meant for keeping Google from harvesting your data. If you decide to use it for baiting people into searching specific things so you can have a weird little gotcha moment that's on you.
-
A privacy-focused search should not potentially reveal to others that you searched something. My examples prove the possibility that it can do that. I'm sure there's other examples that are less "weird".
-
And do you reveal which instance you are using? Or is it a private one?
-
I'd rather let some EU company like Qwant use my anonymized data, to hopefully someday build their own index, than use Google by proxy (except when neccessary, of course).
-
sorry its:
https://searx.perennialte.ch/ -
When you search google it fingerprints your browser then attachs that to the other information it amasses from tracking your other activities from other websites.
By not giving them the search content you reduce what they know.
Scenario a) you search up particular health issues on google, for the US say "how do I know I'm pregnant" then you go to an online pharmacy (Walgreen is the big US one I think) and order "plan b" (anti pregnancy drug). Google doesnt even need to know from walgreens what you ordered it will infer a pregnancy test and/or plan b then from later activity
Scenario b) you use proxy and thus google knows nothing of your search, then you go to walgreens, for all google knows you ordered makeup or hayfever tablets.
Scenario a is or will be illegal in some US states - best not to leak it.
Not a perfect example, i can poke holes in it. The point is searches are usually sensitive info, keeping them out of the hands of the most egregious activity collator keeps more privacy then if you don't. The proxy buries your senstive search in with thousands of others that can't be attached to you
-
DDG has been superb for me for a few years now often returning results I prefer over Google. I’m really pleased with it.
-
I get what you’re saying, but in that case the google.com interface isn’t a search engine; nor the load balancers and proxies between it and the search application backend. And then, maybe those don’t count because there is some special sauce in database procedures that are the real workhorses.
Pedantry all the way down.
