actually awesome and fast search engine (depending on which instance you use) with no trashy AI and ADs results also great for privacy, if you don’t know which instance to use go to https://searx.space/ and choose an instance closest to you

  • OfficerBribe@lemm.ee
    link
    fedilink
    arrow-up
    21
    arrow-down
    2
    ·
    23 days ago

    Aren’t all search queries available to whoever hosts an instance? In my eyes this is much worse to privacy and a much bigger risk unless you really know who is behind your chosen instance. I would trust some a company a bit more with safeguarding this information so it does not leak to some random guy.

    • sandwichsaregood@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      23 days ago

      I’ve always gotten the impression it was mostly intended to be self hosted. I’ve self hosted it for something like a couple years now, runs like a clock. It still strips out tracking and advertising, even if you don’t get the crowd anonymity of a public instance.

      • ILikeBoobies@lemmy.ca
        link
        fedilink
        arrow-up
        2
        ·
        23 days ago

        Self hosting doesn’t make sense as a privacy feature because then it’s still just you making requests to google/other SE

        • sandwichsaregood@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          22 days ago

          It’s not useless, it removes a lot of the tracking cookies and such and sponsored links loaded with telemetry. Theoretically you can also get the benefits of anonymity if you proxy through Tor or a VPN, which I originally tried to do but turns out Google at least blocks requests from Tor and at least the VPN endpoint I have and probably most of them. Google or whatever upstream SE can still track you by IP when you self host, but its tracking is going to much less without the extra telemetry cookies and tracking code it gets when you use Google results directly.

          But yes, practically you either have to trust the instance you’re using to some extent or give up some of the anonymity. I opted to self host and would recommend the same over using a public instance if you can, personally. And if privacy is your biggest concern, only use upstream search providers that are (or rather, claim to be) more privacy respecting like DDG or Qwant. My main use case is primarily as a better frontend to search without junk sponsored results and privacy is more of a secondary benefit.

          FWIW, they have a pretty detailed discussion on why they recommend self-hosting here.

      • Derp@lemmy.ml
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        23 days ago

        Of course it can be done, check your web server logs.

        If you are using GET requests to send search queries to searxng, what you searched for will show up in the logs as

        2024-10-31 123.321.0.100 /?query=kinky+furry+pictures
        

        If you use POST requests the server admin can also easily enable logging those.

        People hosting searxng can absolutely see what you searched for, along with your IP address, user agent string etc.

        • Mac@federation.red
          link
          fedilink
          English
          arrow-up
          2
          ·
          23 days ago

          Well my instance’s logs are sent to null for this reason already, but thank you for the info!

      • OfficerBribe@lemm.ee
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        23 days ago

        Thanks for clarification and great that this is not included in project, but couldn’t someone change the server side code and somehow see more info that goes through?

        I know there is that HTML check in https://searx.space/ to see if search interface code is not heavily modified, but on server side anything could go on.

        If requests are encrypted in a way that searxng does not see contents then it probably is not trivial to do, but there always is a possibility something clever could be done.

      • tooclose104@lemmy.ca
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        23 days ago

        It doesn’t bother me one bit of you know my search history. You’ll learn I search a word to see if I know your to spell it properly and that I DIY a lot of stuff lol

      • Derp@lemmy.ml
        link
        fedilink
        arrow-up
        6
        arrow-down
        2
        ·
        23 days ago

        A VPN will not save you, they are easily worse for privacy in terms of user tracking. It centralises your entire web traffic in a single place for the VPN provider to track (and potentially sell).

        • OhVenus_Baby@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          23 days ago

          You either trust the ISP or a VPN. Its a tool not a blanket of protection. Opsec and knowing how to move is most important.

          • notprogrammer@programming.dev
            link
            fedilink
            arrow-up
            1
            ·
            23 days ago

            But you pay more for what is essentially the same with a VPN. You have to buy a VPN subscription on top of your internet subscription, get less speed because your internet traffic is being routed through a different country and get no benefit to privacy. The only use case for a VPN is when you have to bypass georestrictions.