This new and improved guide aims to be the most in-depth resource available on private search engines. We’ll examine the best private search engines for 2020, how to keep your data safe when searching, and also some search engines to avoid.
Search engines may help you find what you’re looking for, but it often comes at a price: your privacy.
Most of the big search engines today are essentially data collection tools for advertising companies. Collecting your private data helps these companies to make money with targeted ads, which is a booming industry. Unless you are using a private search engine, your data is ending up in the hands of third parties and you are the product.
Here is the information being collected by some of the larger (not private) search engines:
- Source IP address
- User agent
- Location
- Unique identifier (stored in browser cookies)
- Search queries
Using a search engine can disclose highly personal information about you, such as medical issues, employment status, financial information, political beliefs, and other private details. This data, of course, can be collected, stored, and linked to your data profile (and real identity). The only way to effectively “opt out” is to keep your data safe and out of the hands of the data collectors.
In this new and improved guide, we’re going to take a deep dive into the world of private search engines, while also covering some FAQs and best practices for keeping your data safe and private. Table of contents:
- Best private search engines for 2020
- “Private” search engines with ad-tech owners
- How do private search engines make money?
- Are US-based search engines safe?
- How to keep your searches private
- Considerations when choosing a private search engine
All recommendations in this guide are my own opinions based on extensive testing and research.
Best private search engines
Finding the best private search engine for your unique needs is a subjective process and there’s no one-size-fits-all. You have many factors to consider. Ideally, a search engine would return great results while also respecting your privacy. Unfortunately, there is often a tradeoff here, so it really comes down to the user and what you determine works best for your situation.
Any of the private search engines in this guide may be the best fit for your needs. You can test them all to see which one is the best fit.
Metasearch vs search: Most of the private search engines discussed below are technically metasearch engines, because they pull search results from other search engines, such as Google, Bing, and Yandex. The one exception to this is Mojeek, which is a true crawler-based search engine with its own index (discussed below). There are also a few search engines that fall in the middle by deploying their own crawler, but also pulling results from other search engines.
Note: This list is not necessarily in rank order. Choose the best search engine for you based on your own threat model and unique needs.
Here are the best private search engines:
1. MetaGer – Open source metasearch engine, great features
MetaGer is an open source metasearch engine based in Germany, which gets search results from Bing, Yandex, Yahoo and others, as well as having its own web crawler. It is an interesting project, which started in 1996, and is now operated by a non-profit foundation in Germany called SUMA-EV (Association for Free Access to Knowledge). I tested out MetaGer for this guide and found the results to be good, with some nice features as well:
- Every search result shows the source it came from
- Search filter options (date, safe search, and language)
- Proxy viewing options “open anonymously”
MetaGer also does well in terms of privacy, as they explain here. Similar to Startpage, MetaGer converts search requests into anonymous queries through a proxy server, which also provides the anonymous viewing option with all results. User IP addresses are truncated for privacy, although user agent info is passed along to their search partners. MetaGer does not utilize cookies or any other tracking methods.
For operation stability and security, MetaGer does keep some logs on their own servers (in Germany), but this data is kept no longer than 96 hours and is automatically erased. MetaGer finances operations from user donations, as well as ads that are served through partner networks, such as Bing, which appear at the top of results. If you purchase a membership, however, you can get completely ad-free search results. (Without memberships and personal donations, MetaGer states they would not be able to continue operations.)
MetaGer runs all of its infrastructure on servers in Germany, which is a good privacy jurisdiction with strict data protection laws. Like Searx, MetaGer is completely open source. For those on the Tor network, MetaGer also hosts a .onion site. You can read more about using MetaGer, as well as their apps, plugins, and features, on their website. We’ll close here with an interesting quote I found on their site (translated from German):
Did you know that according to the Patriot Act, all internet servers and search engines physically located in the jurisdiction of the United States are obligated to disclose any information to the intelligence services? Your personal data is at risk even if the servers and search engines don’t store any information: it is sufficient if the intelligence agencies read and store everything at the internet point of connection. All MetaGer servers are located in Germany.
Jurisdiction: Germany
https://metager.org/ (English)
https://metager.de/ (German)
2. Swisscows – Switzerland-based private search engine with zero tracking
Swisscows is a Switzerland-based private search engine that does very well with privacy and security. They promise no tracking or data collection, and even have a “Swiss Fort Knox” data center for their server infrastructure. From their website:
- have our own servers and do not work with cloud or third party!
- have our Datacenter in the Swiss Alps – THIS is the safest bunker in Europe!
- have positioned everything geographically outside of EU and US.
In terms of privacy, Swisscows is one of the top choices, arguably better than many other private search engines. From their privacy policy:
We do not collect any of our visitors’ personal information. None whatsoever. When using Swisscows neither your IP address is recorded nor is the browser you are using (Internet Explorer, Safari, Firefox, Chrome, etc.) collected. No analyses are made, which operating system our users use (Windows, Mac, Linux, etc.); your search are not recorded either. We record absolutely no data from our visitors. The only information we store is the number of search requests entered daily at Swisscows, to measure the total overall traffic on our website and to evaluate a breakdown of this traffic by language and mere overall statistics.
Swisscows completely does away with statistics and analyses on its visitors in order to protect your privacy. Given that we do not collect any information on our visitors, we are also not able to identify your place of residence. Swisscows does not conduct any geo targeting.
Swisscows does not use Cookies which can be used to identify of a user.
In testing out Swisscows for this guide, I found it to provide good results, which are primarily sourced from Bing.
Family-Friendly content – One unique aspect of Swisscows is that they are passionate about family-friendly content. As they explain on their about page:
- We promote moral values.
- We hate violence and pornography.
- We promote digital media education.
While some people may not like the fact that Swisscows filters some adult content, others may see this as a great feature, especially those with children.
Because Swisscows does not pass on user data from search requests, they are unable to effectively monetize their service through ad partners, which means they largely rely on donations and sponsorships to maintain operations (sponsors can get a banner ad at the top of results):
For the reason that Swisscows does NOT monitor users, thus doesn’t spy out data and NO data is sold to advertisers, only few companies are interested in advertising on Swisscows. This revenue unfortunately doesn’t cover the expenses on data center, development, employees, etc.
Jurisdiction: Switzerland
https://swisscows.com
3. Searx – Open source metasearch engine
Searx is an open source metasearch engine that gathers results from other search engines while also respecting user privacy. One unique feature of Searx is that you can run your own instance. The drawback with your own instance, however, is that your search results won’t be mixed with other users. Searx is open source and available on GitHub.
Another great aspect of Searx is that it is very customizable. You can modify exactly what search engines Searx pulls results from in the user preferences area. You can also narrow down results with different categories. It’s all under your control.
One drawback with Searx is that it’s been getting blocked by Google because it scrapes Google results. There does not seem to be a good solution to this issue at this time, other than using other sources for your search results.
SearX can still pull results from other search engines, however.
Be careful with public instances!
Because Searx is open source and freely available for anyone to use, there are a number of different public instances you can utilize. However, just like with Tor nodes, anyone could set up a “rogue” instance and potentially log user activity, as Searx explains here:
What are the consequences of using public instances?
If someone uses a public instance, he/she has to trust the administrator of that instance. This means that the user of the public instance does not know whether his/her requests are logged, aggregated and sent or sold to a third party.
This might mean that governments and other rogue third parties are operating instances, but that is pure speculation.
Jurisdiction: Not applicable (open source, not based in any one location)
https://www.searx.me (gives info about the project and list of instances)
Unfortunately, the people behind the Searx project do not have the resources to run a public instance. Instead, they recommend other public instances run by various individuals or entities. But how do you know they aren’t logging your search results on their server? (You don’t!)
One solution to this is to host your own private instance. For most people, however, this is not a practical solution.
4. Qwant – Private search engine based in France
Qwant is another private search engine that is based in France and primarily sources search results from Bing. Being based in Europe, the data privacy protections are much stricter, as compared to the United States, for example. Qwant promises to protect user privacy (no tracking) and keep people from getting stuck in the filter bubble. Here is an excerpt from Qwant’s privacy policy:
When you use Qwant as a search engine, we don’t put any cookie on your browser that may allow us or others to recognize you or to follow you everywhere on the Internet. We don’t use any tracking device (pixel, fingerprinting…). We don’t collect and we don’t store any history or your searches. When you search, your query is instantly anonymized by being dissociated from your IP address, in accordance with what the French data controller advises. Long story short, what you are doing with Qwant is part of your privacy and we don’t want to know.
Qwant also has good search filtering options, to filter results by different categories (web, news, social, images, videos, and shopping) as well as date filters. The Qwant homepage also includes news stories, trending people, events, and other interest stories. Qwant continues to grow, with over 10 million searches per day, and is one of the most popular websites in France (top 50).
Overall, Qwant is a good option for a private search engine, with many features in place to protect user privacy.
Jurisdiction: France
https://www.qwant.com/
5. DuckDuckGo – Private search engine based in the US
DuckDuckGo is a US-based search engine that was started by Gabriel Weinberg in 2008. It generates search results from over 400 sources including Wikipedia, Bing, Yandex, and Yahoo. DuckDuckGo has a close partnership with Yahoo (owned by Verizon), which helps it to better filter search results.
In testing out DDG for this private search guide, I found it to work pretty well, with relevant search terms being displayed for most tests. Search results for DuckDuckGo are primarily sourced from Bing.
To finance operations, DuckDuckGo generates money through advertisements and affiliates, which is explained here. Similar to Google and other search engines, DuckDuckGo will display ads at the top of your searches. DuckDuckGo has partnered with Amazon and eBay as affiliates.
Searches are saved – DuckDuckGo has a verbose privacy policy that mainly discusses other search engines. It’s only when you get toward the bottom that you learn DDG is saving all your search queries:
We also save searches, but again, not in a personally identifiable way, as we do not store IP addresses or unique User agent strings.
Why is DuckDuckGo saving your search queries?
The privacy policy states, “We use aggregate, non-personal search data to improve things like misspellings.”
History of Duck Duck Go search
In researching the background DuckDuckGo, I uncovered some interesting history. The founder of DDG, Gabriel Weinberg, was also behind a social network called Names Database, which collected the real names and addresses of its users. He then sold Names Database (and all the user data) to Classmates.com for “approximately $10 million in cash” in March 2006.
DuckDuckGo was launched a few years later, in 2008 and was branded as a privacy search engine. It rose to popularity in 2013 following the Snowden revelations. DuckDuckGo remains one of the most popular private search engines to date and is well-regarded in the privacy community.
Jurisdiction: United States (runs on Amazon servers in the US!)
https://duckduckgo.com
6. Mojeek – A true crawler-based search engine with more privacy
Unlike some of the other private (meta)search engines on this page, Mojeek is true search engine with its own crawler. In an open reddit discussion, Mojeek claimed to have indexed 2.3 billion pages, with the goal of doubling that by the end of the year.
For those who want complete search independence from the corporate data monoliths of Google and Bing, Mojeek offers an interesting proposition. When I tested out various search terms, the results were hit and miss. Mojeek staff informed me they will continue to fine tun the search algorithm to improve results.
In terms of privacy, Mojeek does pretty well. It claims to be the “first ever no tracking/privacy orientated search engine” from when it first started. The Mojeek privacy policy details how user data is generally protected:
Mojeek doesn’t implement any kind of specific user tracking, whether that be at the time of visit or subsequently via standard logs, which Mojeek does keep. These logs contain the time of visit, page requested, possibly referral data, and browser information. IP addresses are not recorded (except in rare circumstances[1]), instead the IP address is replaced with a simple two letter code indicating the visitors country of origin. By doing this, Mojeek removes any possibility of tracking or identifying any particular user.
[1] Mojeek does make one exception to this rule, if a search query is deemed related to illegal and unethical practices relating to minors, then the full log including visiting IP address will be kept and gladly handed over to any official authorities that ask. If you’re at all concerned about this exception then Mojeek is not the search engine for you.
Mojeek staffed explained to me via email that this last section relating to illegal content is meant to act as a “deterrent” where they “reserve the right” to log IP addresses. Overall, not a bad privacy policy.
Hopefully Mojeek can continue to improve their search results and one day rival the big players.
Jurisdiction: United Kingdom
https://www.mojeek.com/
7. YaCy – Decentralized, open source, peer-to-peer search engine
YaCy is an interesting private search engine that distinguishes itself from others in that it runs on a peer-to-peer network (decentralized). It was created in 2004 by Michael Christen and is entirely open source. Here is a brief description from YaCy’s website:
It is fully decentralized, all users of the search engine network are equal, the network does not store user search requests and it is not possible for anyone to censor the content of the shared index. We want to achieve freedom of information through a free, distributed web search which is powered by the world’s users.
With YaCy, there is no central server, which could be seized or tapped by authorities. Rather, all peers in the network are equal and can be used for crawling or in “proxy mode” to index pages for other users. To use YaCy, you need to download the free software on your operating system, available for Windows, Mac OS, and Linux (but there is a demo portal here).
Jurisdiction: Not applicable. (Being a decentralized and open-source platform, YaCy does not appear to fall under any particular jurisdiction, similar to Searx.)
https://yacy.net/
Other search engines worth mentioning…
Any of the private search engines above may be a good choice if you are looking for more privacy.
With that being said, there are other search engines on the market that offer varying degrees of privacy, tracking protection, and encryption.
Below are a few search engines that fall into the middle ground:
- They are better alternatives than using Google or Yahoo search; but
- They also don’t meet all the requirements to be featured as a full “private search engine” – for various reasons.
Since people may have questions about these search engines, we’ll take a close look at each option below.
The search engines below may be great choices depending on your threat model, needs, and preferences.
8. Givero – Search with more privacy, plus charitable donations
Another interesting search engine out of Europe (Denmark) is Givero. The basic philosophy behind Givero is to donate a share of gross profits to charities, which the user can specify. (Money is generated through ads, like most search engines.)
In terms of privacy, Givero has both pros and cons. For pros, Givero is based in Europe (with full GDPR privacy protections) and does not log search history or store profile data. By default, however, Givero does not offer the full protections of the private search engines above. This is clear from their privacy policy, where we read:
To display relevant search results and to prevent fraudulent activities, data is transferred to our search partners who only use it to provide better search results on Givero – read more below. [The partners are Bing and CodeFuel.]
The following data is transferred to our search partners when you submit a search request: IP address, user agent string, search term, country and language settings, filter settings for adult content, active search filter settings (e.g. page number information), an optional Bing ID (read more below) and the ID of the organization that should benefit from your search.
This is one drawback with metasearch engines that get their search results from other providers, in this case Bing. Some private search engines are able to work with search partners without compromising any data. Givero is not there yet. (Previously, the people behind Givero worked to create their own search engine called Findx, based on Gigablast, but could not make the project work for various reasons.)
Brian Rasmusson, co-founder of Givero, told Restore Privacy that Bing currently will not allow Givero to mask user IP addresses, but may consider doing this when monthly searches reach a certain threshold. However, Rasmusson also explained that Givero has successfully incorporated other privacy protections for its users:
What we have done is to make them [Bing] turn on their internal “privacy flag” that Bing operates with. This means that data from our users is not used for remarketing, and solely used for the Givero service (e.g. for fraud prevention). So that is always on, and cannot be changed on a user level unlike the Bing ID, which controls personalized results (the “filter bubble”).
Givero has also open sourced their Instant Answers (like DuckDuckGo) and their list of Search Bangs (unlike DuckDuckGo) on Github here.
Main drawbacks:
- Not a “private search engine” by default
- Bing ID is utilized (but can be disabled)
- User IP address passed on to Bing (use a good VPN)
Juridiction: Denmark
https://www.givero.com
9. Ecosia – The search engine that plants trees
Similar to Givero, Ecosia donates a portion of profits to charity. Unlike Givero, however, it is strictly focused on planting trees. Ecosia is based in Germany and it’s promoted as a private search engine. While Ecosia does offer more privacy than the big search engines, it is also lacking in a few areas.
First, Ecosia collects all search queries and then anonymizes this data after seven days. There’s also a fair amount of data collection through website analytics, including your IP address, browser agent, location, and more. Lastly, Ecosia is assigning a Bing tracking ID to every user:
Ecosia also assigns a “Bing Client ID” in order to improve the quality of the search results. This value is a user-specific ID which enables Bing to deliver more relevant search results also based on previous searches. The ID is saved in the Ecosia cookie and retrieved during future visits.
While the “Bing Client ID” can be manually disabled by the user, most people probably are not even aware of it. This is because Ecosia has done a good job burying this information in their privacy policy. To read the full privacy policy, you will need to scroll all the way to the bottom of the page, and then click a light blue “READ MORE” button, which opens up more information.
Does Ecosia meet the criteria to be a “private search engine”? Probably not, but it’s still a good alternative to the big search engines, with commendable charity goals.
Main drawbacks:
- Not a “private search engine” by default
- Bing ID is assigned to users (but can be disabled)
- Search queries are saved for seven days
Jurisdiction: Germany
https://www.ecosia.org/
ALERT: These search engines have ad-tech owners
Now we will examine a few search engines that are at least partially owned by advertising companies.
Why is this important to understand?
Because the business model of advertising companies is to collect as much private data as possible. A “private” search engine could be a massive data collection tool in the wrong hands.
So can ad-tech companies be trusted to run a private search engine and not collect your data?
Can the fox be trusted to guard the hen house?
Proceed with caution.
1. Search Encrypt – A search engine with some big red flags
Search Encrypt is another interesting search engine that claims to offer better privacy by default than DuckDuckGo. Like DuckDuckGo, Search Encrypt uses Bing for search results. Search Encrypt describes the following features on its website:
- Expiring browsing history: Encryption keys for your searches expire when you are done searching.
- End-to-end encryption: Searches are end-to-end encrypted using AES-256 and HTTPS/SSL encryption.
- Privacy-friendly maps search
- Privacy-friendly video search
While Search Encrypt does have some interesting features, the privacy policy has a few red flags. It begins with:
Search Encrypt does not track search history in any user identifiable way.
This cryptic sentence suggests that Search Encrypt does indeed track search history, but attempts to anonymize the data. Their privacy policy further states:
Additionally, we store aggregated search data to improve product performance, but never store IP addresses or unique user identifiers in connection with such searches in order to ensure that none of the information collected in connection with your search activity is personally identifiable.
This is a pretty convoluted statement. Here are a few takeaways:
- “Aggregated search data” is being logged and stored.
- They claim to not store IP addresses “in connection with such searches” – but this does not mean that IP addresses are not getting logged and/or passed on to third parties. Rather, they are merely stating that IP addresses will not be associated with searches. Therefore it appears that IP addresses might be getting logged (another reason to use a VPN).
Search Encrypt also discloses in their privacy policy how they may share data with third parties if you alter the default settings in any way:
In circumstances where you have chosen to alter the default settings, then your personally identifiable information may be shared with third party site operators.
Lastly, it also appears that Search Encrypt may be operating out of the United States. From their Terms page:
Choice of Law and Venue.
This Agreement shall be interpreted and enforced in all respects under the laws of the State of Florida, United States as applicable to contracts to be performed entirely within Florida.
Who’s running the show?
Another question with Search Encrypt is that there isn’t much information about the company. The contact page shows an address in Cyprus and the legal venue is Florida (United States). The developer for the Search Encrypt Firefox extension is “SearchIncognito” – with a history of other “private search” extensions:
How does Search Encrypt make money?
Like some other private search engines, Search Encrypt makes money through affiliates, as they explain here:
In some circumstances, we may append an affiliate code to certain sites linked to our Search Encrypt product, either directly or through search results delivered to you. In doing so, we may collect a small commission in connection with your activity, but do not pass any of your personally identifiable information to any such third party sites.
This of course could be quite profitable with the right deals and enough users. DuckDuckGo also utilizes affiliates with Amazon and eBay for revenue, in addition to advertisements. (We’ll explain more about how private search engines make money below.)
I reached out to Search Encrypt asking for additional clarification on their data collection and user privacy policies. My emails were not answered.
Main drawbacks:
- IP address and other data may be collected
- Data may be shared with third parties if you modify default settings
- Runs on Amazon servers in the US
- Non-transparent company
Jurisdiction: Contact address is in Cyprus, legal venue is in the United States (owners in China? below)
https://www.searchencrypt.com/
Update: My suspicions proved to be warranted. An article on Medium has revealed that “Search Encrypt” is basically a Chinese data collection tool for advertising companies.
How a Chinese Company Built a $250 Million Search Hijacking Empire
2. GhostPeek – A clone of Search Encrypt?
It appears that a carbon copy of Search Encrypt has been unveiled, which they are calling “Ghost Peek” and claim to be another “private search engine”.
Someone on reddit did some digging and found the same pattern and ties to China that we saw above with “Search Encrypt”
Ghostpeek, the supposedly “private” search engine, is run by a sketchy shell corporation, which in turn is owned by a personal and mobile data aggregator based in China
3. Startpage – Acquired by US ad-tech company in 2019
Startpage was previously one of my top recommendations for private search engines. However, news surfaced in October 2019 that Startpage was at least partially acquired by System1 and the Privacy One Group. As described in my article on Startpage and System1, there are some remaining concerns:
- The fact that System1 has acquired a large stake in Startpage.
- The history and business model of System1, which includes gathering “as much data as possible” and profiling users.
- The board of directors change at Surfboard Holding BV (parent company of Startpage), to appoint the System1 co-founder and an outside investor.
- The long delay in alerting the public to these changes.
- The contradictory business models of System1 and a private search engine.
Of course, choosing the best private search engine is largely about trust, and only you can decide who to trust.
Jurisdiction: Netherlands (officially, but at least partially owned by a US company)
https://www.startpage.com
Private search engine FAQs
Below we will answer some FAQs (frequently asked questions) with regards to private search engines:
- How do private search engines make money?
- Are US-based search engines safe?
- How to keep your searches private
- Considerations when choosing a private search engine
How do private search engines make money?
Generally speaking, there are three ways private search engines make money: contextual advertisements, affiliates, and donations. Let’s examine each of these revenue streams on their own.
1. Contextual advertisements
Just like with Google and Bing, many private search engines make money by placing advertisements in the search results, usually based on the search terms you entered. Unlike with Google and Bing, however, private search engines should only be serving ads based on your search term, rather than from all other data collection sources (email, browsing, etc.).
With some private search engines, IP addresses or truncated (anonymized) IP addresses are passed off to the search partner, in order to serve relevant ads for your general location.
2. Affiliate revenue
Another way that private search engines make money is through affiliates. DuckDuckGo is an example of this, with both Amazon and eBay:
DuckDuckGo is part of the affiliate programs of the eCommerce websites Amazon and eBay. When you visit those sites through DuckDuckGo, including when using !bangs, and subsequently make a purchase, we receive a small commission.
You may also see “online shopping” options above your search results, which are another form of affiliate revenue. Both Qwant and DuckDuckGo utilize affiliate “shopping” results for revenue.
Side note: When you buy something through an affiliate link, it never increases the price you pay. Rather, it simply transfers a small percentage of the profits (i.e. a commission) to the affiliate, which in this case is the private search engine.
3. Donations
Private search engines may also make money from donations. Anybody can donate to the project, regardless of whether it is an individual developer, a non-profit organization, or a private for-profit business.
If a search engine does not have other sources of revenue or good advertising deals with partners, donations become very important to ensure continued operations. For example, Swisscows, MetaGer, and YaCy all have donation options.
Are US-based search engines safe?
Choosing a private search engine is all based on your unique needs and threat model. Therefore a private search engine that Bob considers to be safe, may not be adequate for Alice.
With regards to US-based search engines, and any other US businesses that handls (or has potential access) to private data, there are a few things to keep in mind:
- The United States has extensive surveillance programs, which are carried out by various branches of government, such as the NSA.
- The US has a long history of working with (and forcing) private tech companies to facilitate bulk data collection efforts – see the PRISM program for details. (This raises questions about private search engines that are being hosted on Amazon infrastructure, a large US-based company.)
- US companies could be served National Security Letters or other lawful data collection demands, while also being prohibited from disclosing this due to gag orders.
These laws and capabilities essentially give the US government the authority to compel a legitimate privacy-focused company into a data collection tool for state agencies.
If a privacy-focused business were to be compromised, it would likely happen behind closed doors, without a word (or warning) to the users. This was the case with Lavabit, and rather than comply with the data requests, the founder was basically forced to shut down the business.
As a general rule, Restore Privacy does not recommend services that are based in the US. Nonetheless, it all depends on your threat model and how much privacy and security you need.
How to keep your searches private
Here are five basic tips for keeping your searches (and data in general) more private.
1. Use a private search engine
Using one of the private search engines in this guide will help keep your data safe from third parties. Choosing the best search engine all comes down to your unique preferences, needs, and threat model.
2. Use a private and secure browser
Just like with search engines, your browser can also reveal lots of private information about you to third parties:
- Browsing history: all the websites you visit
- Login credentials: usernames and passwords
- Cookies and trackers: these are placed on your browser by the sites you visit
- Autofill information: names, addresses, phone numbers, etc.
- Metadata, which can be used for tracking and identification (browser fingerprinting)
And speaking of browsers, many of the private search engines in this guide offer browser extensions to replace the default search engine for your browser.
See our guide on secure browsers here.
3. Use a good VPN service
If you use a good VPN service, you won’t have to worry about search engines logging your IP address and location. A VPN will encrypt and anonymize your traffic, while also replacing your IP address and location with that of the VPN server you’re connected to. There are many other uses for VPN services and they are an important privacy tool, especially since internet providers in many countries are now collecting browsing history.
Below are the top five recommendations from the best VPN list. Hit the VPN name to read the review.
- ExpressVPN [49% discount + 3 month free]
- NordVPN [68% discount coupon]
- Surfshark [81% discount coupon]
- VPN.ac
- Perfect Privacy
4. Use a good ad blocker
A reliable ad blocker is another important privacy tool since most advertisements pose a major threat to your privacy by quietly collecting data for third-party advertising networks. Generally speaking, ads are tracking and data collection tools. Ads can also be a security threat (see malvertising), so it’s best to simply block ads and tracking networks.
There are of course many other privacy tools to consider. However, a good private search engine, a secure browser, a reliable VPN, and a safe ad blocker are the top priorities for basic digital self defense.
5. Log out!
Lastly, it’s also good to stay logged out of your accounts (Gmail, YouTube, Yahoo, etc.) when surfing the web, since trackers will record your browsing activity and link this to your data profile.
Another option is to utilize a specific browser for staying logged into various accounts, but then use a separate browser for general browsing activity (browser compartmentalization).
Considerations when choosing a private search engine
Here are a few different considerations when looking for the best search engine for privacy:
- Search results – Some search engines may do well in the privacy category, but they don’t return very good results.
- Privacy – Consider what information the search engine is logging, as well as the data that may be passed off to third parties and search partners (such as Bing).
- Jurisdiction – Jurisdiction is an important factor to consider because it ultimately affects your data and privacy. Services based in the US, for example, are subject to the Patriot Act, National Security Letters, and may also be forced to collect user data without being allowed to disclose anything (due to gag orders).
- Features – Some private search engines offer useful features, such as anonymous viewing (via proxy servers), search result filtering options, plugins, extensions, and more.
- Trust – Trust is difficult to quantify and measure, but it’s a very important consideration. When considering the trust factor, you may want to look at the history of the company and the individuals behind it.
Finding the best search engine for your needs is a subjective process, and there’s no single “best private search engine” that applies to everyone. Test and research the different options to find the best fit for you.
Last updated on September 9, 2020.
Hi Sven,
In this article, under “4. Use a good ad blocker”, you wrote, “There are of course many other privacy tools to consider, but these four are arguably among the most important for achieving a baseline level of privacy and security.”
However, in this section you did not name “these four” ad blockers, and the adjacent hyperlink that is attached to “many other privacy tools” takes one to a long article that does not contain a specific list of 4 recommended ad blockers (as far as I could see when skimming it).
Had you meant to attach a hyperlink to the words “these four” which leads to the following article by you — https://restoreprivacy.com/ad-blocker/ ? It describes four ad blockers that you recommend.
I would suggest that you go ahead and paste that summary list of 4 from the ad blocker article to this article, since it doesn’t take up much room, and it would give the reader of this article some good, relevant information without having to leave this article to go read a different article.
Hi Bobo, I was referring to the four privacy tools mentioned being top priority: private search engine, secure browser, VPN, and ad blocker. I updated the article to clarify that.
Mr. Taylor I don’t really mind the privacy, the fact and the biggest point of contributing to Google services is helping kids out with internet and educating the parents with it as well not to alienate children from it. But to let their children know how useful it could be When it comes to school and education! It Is earnings that I should be getting from contributing to the google board and Google Translate. Among other sites like Facebook and Instagram That Have access to personal information and sell my work to Businesses and corporations for their own profit. I have developed different platforms for the Facebook and Instagram that I have seen in other mobile devices such as iPhone, and I use an android!!! I was receiving earnings from Google, payments from 900 to 1200 dollars A-day About 3 years ago. I did not have a bank account to link it to those digital payments by the time I opened a bank account I could not access payments. And I believe that Facebook and Instagram have a lot to do with that. I have been keeping screenshots And recordings and send myself emails from one email to another proving upgrades on Instagram And Facebook That have later being used by those sites. My phone is encrypted and I believe Facebook & Instagram have infringed my work.
I do I have many many ideas and I would like to received some earnings from them I would like to partner up with an investor that sees the future of the Internet and digital advertisement. The ideas i have Are a win win situation. I have worked in different older model Mobile devices And developed widgets that help upgrade without Without spending big dollars on newer device model .
Hi Sven,
My fourth comment tonight… a couple of observations about DuckDuckGo.
Since the start of DuckDuckGo, I have been wary of trusting the founder’s promises due to some of his prior shady business decisions (I read a blog by him years ago where he apologised for those, so it’s not like he denies them), and I have never been bowled-over with the search results.
However, because of Startpage’s recent problematic privacy issues that your website clued me in on, I’ve been using DuckDuckGo on and off lately, to see if I could learn to like it better (setting aside for the moment its problematic privacy issues).
I still don’t like it.
I generally have the Brave browser and Ublock Origin set to not allow Javascript at the start (tailoring their levels to each site I want to view, according to my risk tolerance per site), and I have learned that for DuckDuckGo there are 2 sites that will work when Javascript is not allowed:
non-Javascript site: https://duckduckgo.com/html/
lite site: https://duckduckgo.com/lite
I guess that the lite site is for mobile use, I am not sure. The search results of both those sites are the same. The lite site is more basic and harder to read; the html site is more nicely-formatted (but not great).
Unfortunately, both of those sites often return results in Russian, Czech, and Greek, even when I have my region on the sites set to US English. It’s not like those foreign language results are, say, just 10% of the results… they are more like 60% of the results, and that means skimming down a list of search results to find what you are looking for is pretty time-consuming.
Sven, you might want to mention those 2 alternate DDG addresses in your overview above, for people who would rather not have Javascript on for searching.
I have just noticed that the Brave browser shield detail thing (when you click on the lion’s head on the right side of the address bar at the top of the page) shows some weird behavior when I go to DuckDuckGo.com. On the “scripts blocked” area, it has:
“7 scripts blocked
metager.de (2 scripts)
duckduckgo.com (5 scripts)”
Why would go to DuckDuckGo.com on a new tab on a cleaned-up browser engage 2 MetaGer scripts? Is that normal?
I don’t have any tabs or windows open with MetaGer at the moment.
MetaGer is not the default search engine on my browser.
I had run the Brave browser’s “clear browser data” setting (I deleted everything possible) after I looked at MetaGer earlier this evening.
Dear Sven,
This is my third comment tonight, about my brief, unhappy experience with Qwant:
I have spent the past hour trying to use Qwant for the first time, but it’s not working for me.
A. When I first typed in the address of the Qwant site (after I sorted out the issue I describe in point B below), it redirected me to Qwant Lite, for users without Javascript enabled. That makes sense, because generally I have Javascript off in my Brave browser and Ublock Origin.
However, I tried making the Brave “shields” totally down, and turning Ublock Origin off completely, and still when I typed in the Qwant.com address, I was redirected to the Qwant Lite site.
I don’t mind using a “Lite” site, which I sometimes do with DuckDuckGo, but I’m not sure what problem with my computer the main Qwant site is running into, since my Brave shields are down and Ublock Origin is turned off.
B. When I first tried to go to the Qwant site, several IP addresses were stopped by my Peerblock program and the Qwant page would not load.
Some of my Peerblock block lists are for all IPs from specific countries, and the following Qwant IPs were coming up on Peerblock as being from Poland (which I have blocked on Peerblock):
194.187.168.99, 194.187.168.100, 194.187.168.101, 194.187.168.110, 194.187.168.117.
I allowed them through on Peerblock temporarily, but then I had the issues with Qwant that I described in point A above.
C. After I got the Qwant Lite page to show up, when I tried to do my first search, another IP address was blocked by my Peerblock — it was identified on Peerblock as a “Google” IP. It was 172.217.6.163.
Question for you: Why is Qwant connecting through my computer with a Google IP? Does it always do that on everyone’s searches? Does that mean that Google can identify that particular search instance (the term used) as being from my IP address?
(Note: I recollect that I have noticed that another one of the search engines you list here sometimes makes contact with a Google IP that is stopped by my Peerblock — it is either DuckDuckGo or MetaGer, and neither one of them is supposed to be getting results from Google, only Bing (generally). Whichever search engine does that — and it might be both of them, I don’t remember actually — the fact that that Google IP is not allowed through by my Peerblock setup does *not* stop the search in general from going ahead and returning results, so I’ve never temporarily allowed that Google IP through Peerblock, and I haven’t noted down what the IP number was. But why would any of the “more-private”, Bing-reliant search engines connect to Google?)
D. Even after I temporarily allowed the “Google” IP and the “Poland” IPs through Peerblock, the search I then attempted on Qwant Lite said it had “no results”.
That was weird, because I had used the same search term that I had already tested tonight on other search engines you mentioned in the above article, including DuckDuckGo, MetaGer, six different instances of SearX, and SwissCows, and it’s the one-word name of a mainstream product that is sold in every supermarket and drugstore/pharmacy in North America and the U.K., so all the other search engines had hundreds of results for that name — therefore, to have no results at all on Qwant was a peculiar search result. (And that was with the Brave shields entirely down and Ublock Origin off, as well as the 5 Poland IPs and 1 Google IP allowed through temporarily.)
I then tried a few generic search terms that would get many, many hits on any search engine, but on Qwant Lite it said that they had “no results”.
I don’t know what the problem is. I’m not going to disable Peerblock entirely (along with having the Brave shields down and Ublock Origin off) in order to test Qwant further, because I’d never do all that just to use a search engine.
This is my second comment on Qwant. (I hope this will show up as appended to my first comment on Qwant.)
Just a brief note —
Tonight I have been looking into the back-and-forth that the Privacytools people have been having about re-listing Startpage as a recommended/trusted search engine, and that led me to the Privacytools Reddit forum, where I noticed the following recent question that someone posted about Qwant:
——
source: https://www.reddit.com/r/privacytoolsIO/comments/gdfic8/qwant_lite_doesnt_work_anymore_is_this_because/
“Qwant Lite doesn’t work anymore.. Is this because they partnered up with Huawei and now they want to collect data on users via forcing JavaScript? or is this just an unfixed issue?
Qwant Lite doesn’t seem to work anymore, whatever I type in and search for it just displays “No results found”… the regular version of Qwant works but I don’t want to use it because it’s much slower and requires JavaScript which is a no no for a privacy based engine.
Has anyone else been having this issue as of late? I tried from different connections, different VPNs and everything with no luck. I really like Qwant results but don’t want to use DuckDuckGo or Startpage, anyone has a clue what’s the issue here? Maybe I’m being paranoid but this has happened around the time they partnered up with Huawei so what’s going on here?”
—
Two thoughts –
a. Depending on what their relationship with Huawei is, that may be something Sven wants to mention in his article above?
b. My attempts to use Qwant and Qwant Lite didn’t work (as I described in my comment above),
so it was interesting for me to see on the Reddit forum that someone else this week was also getting a “no results” message on Qwant Lite, no matter what he/she tried to search for (even though he/she used to use the site with no problem).
Dear Sven,
Following on from my comment about MetaGer, now a comment about SwissCows:
I have not used it as much as MetaGer in the last few weeks, but I also find that a number of its search results (like MetaGer’s) when clicked on, are stopped by my Brave browser and Ublock Origin with the message: “uBlock Origin has prevented the following page from loading: http://www.smartredirect.de/redir…(etc.)…”
This happens with the same kind of external sites that MetaGer would call “Partnershops” (for example, with search results that go to links at Walmart.com).
However, SwissCows does not seem to admit anywhere what is going on with those redirects.
Questions for you:
What is the purpose of these redirects, for SwissCows?
Are they getting paid when computer users click on them, like MetaGer is?
When the links are clicked on, do they send the computer user’s search terms and IP address to the external website, like MetaGer does?
SwissCows doesn’t seem to offer a proxy function (“open anonymously”) like MetaGer does, but “bare” links are able to be copied directly from the SwissCows results list and pasted into a new browser window manually, if one wishes to bypass the redirect (when it happens).
Unlike MetaGer, SwissCows requires me to allow Javascript through my Brave browser and UblockOrigin, to even see the SwissCows site. Their site layout, when it comes to the text search results, seems to be more more easy on the eye and quickly skimmable than MetaGer’s site layout, but maybe that’s due to the Javascript (I don’t know much about that sort of thing).
(The SwissCows “semantic map” graphic drives me up the wall, but I just don’t like those sorts of results-cloud thingamajigs. And I know that they offer a way to turn that off.)
The SwissCows results appear to be only from Bing, but for some reason their Bing results seem to be a little more “on point” and relevant than the MetaGer Bing results. (Maybe that’s because there’s no Scopia results falling in between the Bing results on SwissCows the way they do on MetaGer; I haven’t compared the two sites closely on the very same search terms.)
Also, a couple of weeks ago, when I was first trying out SwissCows, in the “advertise here free as a sponsor” box (which doesn’t make sense – surely the sponsorship itself costs something) that appears at the top of the SwissCows search results page, for a day or two it consistently showed me a US-focussed “political opinion” message along the lines of “fringe conspiracy theory”, which surprised me, especially since it’s a site that filters out certain themes in order to be “child friendly”.
The combination of:
a. the problem of many of SwissCows’ links being sent through unexplained redirects which were then halted by Ublock Origin
b. having to turn off my Brave and Ublock Origin’s javascript blockers to even see the SwissCows site
c. the SwissCows’ sponsor’s conspiracy-theory-esque ad (which I found a little disturbing) appearing at the top of the search results pages for a while
d. the small annoyance of the “semantic map” taking up so much of the page (even when the semantic map was turned off, that wide area of the page was just left blank)
e. the fact that they only use Bing for search results
…made it a search engine that I didn’t really wish to return to, after I had tried it out for a couple of days.
At least with MetaGer,
a. They at least admit (albeit in a somewhat hidden fashion, on a secondary page) that they are sending the computer user’s search terms and IP address to some of the destination websites when certain MetaGer links (of “Partnershops”) are clicked on
b. I can see it without taking the time to allowing all Javascript through Brave and Ublock Origin
c. They don’t have (as far as I can see) any unavoidable ads from sponsors
d. They don’t have a semantic map kind of graphic
but — e. — it may just be a mistaken impression on my part, but based on a brief usage, it seems that their Bing-derived results are a little less useful, and definitely less easy on the eye, than SwissCows’ Bing-derived results.
Hi Sven,
Regarding MetaGer, two topics:
A. In your description of MetaGer in this post, you wrote, “MetaGer is an open source metasearch engine based in Germany, which gets search results from Bing, Yandex, Yahoo and others.”
However, I have noticed when using MetaGer (in the English language) that the only two search engines it references are Bing and Scopia.
Additionally, those two search engines are the only ones they claim to use (on *my* searches, anyway): On any MetaGer search page in my browser, at the top of the results are some buttons for “settings” and “filter”, and when “settings” is clicked, it goes to an informational page where MetaGer says,
“Below are all the search engines available for this focus.
Bing
Scopia”
Also, the observation that MetaGer only uses those two search engines is mentioned by the commenter “Restorer” in a April 25th comment in this discussion thread.
Question A1: Is there a way that I can get MetaGer to also use Yahoo and other search engines for my searches with them, or is that functionality now gone from MetaGer?
If Yahoo, Yandex, etc. are no longer used by MetaGer, please update your article here accordingly.
—-
B. Regarding MetaGer’s Bing results on my searches, many of those search results have the word “Partnershop” encircled to the top right of the individual search result, and my browser setup (with Brave browser and Ublock Origin) does not allow me to see anything at all when I click on those links. (There is a message saying, “uBlock Origin has prevented the following page from loading: https://www.smartredirect.de/redir/clickGate.php?….(etc.)….”
This is what MetaGer says about their Partnershops: “Whenever you see results with a label that says ‘Partnershop’, this is just a regular result. It is not ranked differently or prefered. The result link is associated with a company that pays us a small amount for every time the link is clicked, so that MetaGer can be financed. The result also shows the company’s logo. Your data is only transmitted to te websites of these companies when you click the result. The transmitted data includes your MetaGer search phrase and your IP address. In order to avoid the transmission of such data, you may use the ‘OPEN ANONYMOUSLY’ button, but if you do so, we do not get paid for the click.”
When I do as they suggest, and click the “Open Anonymously” button, the resulting webpage is a lot of gobbledegook, even when I allow all Javascript through the Brave and Ublock Origin settings, and refresh the proxy page.
Therefore, all the MetaGer search results I get when the target website is a “Partnershop” are unreadable (unless I want MetaGer to go ahead with their procedure of “Your data is only transmitted to te websites of these companies when you click the result.”)
Unfortunately, often the “Partnershop” results are the search results that I am looking for in relation to my search query and would be helpful for me to view.
One way to get around it is to hit the “Open Anonymously” button, see the gobbledegook page, copy the link address that shows at the top of that page, open a new browser tab, paste the copied link address, and click “enter”, which usually shows the desired page just fine (so I don’t understand why the MetaGer proxy view can’t show the page “as normal” if an unproxied view of it appears fine – without my having to undo any of my Brave and Ublock Origin settings – ?).
Doing that copying and pasting is a hassle and takes extra time… and it affects a good percentage of my searches on MetaGer.
I would suggest that you mention this issue in your article’s description of MetaGer above, to let readers know that MetaGer says it sends out the computer user’s IP address and search phrases quite freely to its “Partnershops”: “Your data is only transmitted to te [sic] websites of these companies when you click the result. The transmitted data includes your MetaGer search phrase and your IP address.”
Question B1. What protections in the typical setup of Brave browser and Ublock Origin would I need to momentarily turn off, in order for me to be able to see a readable facsimile when I click on MetaGer’s “Open Anonymously” proxy view of an external webpage that is owned by one of their “Partnershops”?
(Actually, going to the hassle of individually adjusting the Brave and Ublock Origin settings just to read one webpage probably would take more time than opening a new browser tab, clicking on the MetaGer proxy page link, and copying and pasting the intended destination page’s unobfuscated url from the proxy page to the new browser tab.)
—
When I’ve clicked on a few MetaGer “Scopia” results, I’ve actually had my Norton Internet Security warn me that they are dangerous sites, so lately I have been avoiding clicking on those results.
This leaves me with only MetaGer’s Bing results, which seem to offer a selection that is even worse than simply going to Bing (which I’ve never liked as a search engine) would provide.
Of course, using Bing (or Google or Yahoo) “straight” would be at the cost of privacy, and I’ve always been willing to endure quite a lot of hassle to keep whatever small bits I can of my privacy.
However, if a lot of MetaGer’s Bing results are through Partnershops, and MetaGer always sends the Partnershop websites some of the computer user’s personal data (“The transmitted data includes your MetaGer search phrase and your IP address”), then using MetaGer (without having a private subscription to MetaGer, which apparently is the only way to stop MetaGer from sending the computer user’s IP address and search terms to the external websites it links to which have a “Partnershop” arrangement with MetaGer) doesn’t seem like it’s as great of an option as it seemingly was in years past (when it sourced from more search providers).
Im new to this so lets just put that out of the way
Im wondering since im currently configuring firefox for relatively good security and privacy as well as pairing it with express vpn. Im just wondering what the currently best default search engine to use on firefox is. I still want to get relevant searches to what im actually searching for so NO not 100% secure but still private enough as I hear ddg is not really trustable because of the fishy activity by the owner.
Try Qwant.
I’m trying to choose between Qwant and DDG. On the one hand, DDG is open source and Qwant is not, but on the other, DDG is in the US and Qwant is outside the Five Eyes. How would you weigh the pros and cons of those two options?
Most search engines are either based on Google and Bing hence meta search engines as they don’t have their own crawler. Each of them may or may not tweak the search results obtained from the provider. So you don’t really have much variety.
DuckDuckGo—Yandex, Yahoo, Bing
Qwant—Bing
Swisscows—Bing with family filter
Peekier—Bing
Yippy—Bing
Startpage—Google
Gibiru—Google
Searx—DuckDuckGo, Qwant, Bing, Google
Metager—Bing, Scopia
DuckDuckGo has a shady history but it’s better than Qwant in terms of optional POST request and no IP logging. Qwant does not do POST, logs and anonymizes IP. No log is better than anonymized IP.
Searx has many instances. Try https://search.fuckoffgoogle.net
Good information Restorer !
Can we get a list of any few as in meta search engines that do have their own crawler. Of course looking at users privacy overall.
Thanks
Infinity Search is a new private search engine that is also open source.
https://infinitysearch.co/
https://gitlab.com/infinitysearch/infinity-search
@Usering apr 16th,
“Swisscows passes users through SmartRedirect.de when clicking on SERP links.” Elaborate please help us to do the same…
How did you find this out, seriously I’d like to know how for my own research in private search engines.
http://www.smartredirect.de . CNAME . 21041 . [aload-480426436.eu-west-1.elb.amazonaws.com] of the DNS info. [https://who.is/dns/smartredirect.de]
Domain name swisscows.ch – [https://www.nic.ch/whois/]
There are millions of pages on the web, but none are more important to digital marketers than search engine results pages, or SERPs.
Search engine optimization specialists and PPC advertisers alike vie for the same precious real estate in the most prominent parts of the SERPs, but competition is fierce and technological developments in search mean it’s more important than ever for digital marketers to know how search works and what they can do to maximize their visibility.
As one not wanting the tracking and profiling as the modem web allows.
First contact to the web is through a search engine usually for anyone.
Thanks for sharing *
Hello, I just checked and Cliqz (same browser) has a secure search engine too, you can take a look. Still in beta
https://beta.cliqz.com/
Thank you for this. A note: Swisscows passes users through SmartRedirect.de when clicking on SERP links. In addition to breaking some pages, this domain belongs to adgoal.net. Any thoughts?
Hello Sven
Can I just advise you and your users to be careful with Metager.
In its Privacy Policy it states that “In addition to donations and membership fees, we must finance our operation through non-personalized advertising on the results page. To receive this advertising, we give the first two blocks of the IP in connection with parts of the so-called user agent to our advertising partners.”
A true privacy firm should not be giving ANY part of a users IP address or User Agent to any advertising partner or third party.
I’m not sure if I would have Metager at number one in the list and would possibly mention this in its summary to let users know that these things are being recorded and sent to “…advertising partners”.
With the controversy going around about fuzzed information going to, and being found out by, third parties, it may be wise to warn users of this and the Metager privacy policy.
Many thanks.
Hi Sven,
Thank you very much for this great overview.
I have used and recommended Startpage/Ixquick for years, but I am trying out the Brave browser and Ublock Origin and I noticed some strange behavior with Startpage when I was looking at what was being blocked by Brave and Ublock Origin when I used Startpage, so I did a search on it tonight and found this article.
Until I read this tonight, I had not known that they changed direction a few months ago, and I am sad to lose this relatively-private resource that I and my extended family have relied on.
Also, I have always felt and voiced trepidation about DuckDuckGo, as I knew about the shenanigans that the founder got up to in the early part of this century, and it seems that they collect some data and have some ads, so I don’t see why they would deserve the public’s 100%, or even 75%, trust. I don’t know why privacy experts continue to be so blase about the relatively recent, relatively shady business ethics/actions of the founder. Maybe because it’s the least-worst American-based search engine, which isn’t saying much.
I am writing this comment because there is a topic missing — you introduce it in the FAQ introductory/summary paragraph, but it does not appear later in the text in the claimed position. Maybe you have just switched the content to another part of this article, or maybe you decided to remove the specific topic.
This is what I am talking about:
In the following section —
“Private search engine FAQs
Below we will answer some FAQs (frequently asked questions) with regards to private search engines:
How do private search engines make money?
Is DuckDuckGo really private?
Are US-based search engines safe?
How to keep your searches private
Considerations when choosing a private search engine”
— the second question – “Is DuckDuckGo really private” – is not addressed anywhere in that section, but the other 4 promised FAQ topics are discussed.
In your main (earlier) description of DuckDuckGo in this article, you don’t specifically say whether you think it is “really private”, but you imply that you don’t think it is as private as many people, even privacy/security experts, claim it is.
Hi Bobo, with the last update, I combined the bottom section on DuckDuckGo with the section on DuckDuckGo above, which discusses both Pros and Cons. Having both sections on DDG was repetitive. I just erased the reference you mentioned, thanks for pointing that out.
As noted in the DDG section, it’s not quite as private as some other alternatives I mentioned, but it all comes down to user preference.
This BIG NEWS goes out to non-Geeks (which I’m surely one in ranks) – as of a small bit in a byte count about people trying to help people, without any malicious intent of purpose. Though, the contributions they offer (myself included), needs done the proper vetting by yourself(s) as understanding of, (to secure Bits & Bytes in facts) – if the help indeed does meet up to your own Privacy and Security hygienic’s…threats logic model. So today this is but a small fraction of a danger to looking at using all Browser Extensions !!!
PLEASE NOTE: – this is a general overview not exact nor at all complete…
Browser Extensions aka add-ons, – – are not the same things as the known browser Plug-ins. Because – Plug-Ins, for example – – cover the things like Adobe Flash, Oracle Java, and Microsoft Silverlight. These plug-ins breeds having existed to allow for devices advancement towards the modern websites to embed and render content especially related to Java applets, PDFs content, Flash movies, and/or possibly some online gaming that are rendered with the needed use of a plug-in.
Plug-ins remain common targets for attackers because websites can load them and hackers can exploit the bugs concerning them. While Browser Extensions are all together very different. The websites you visit can’t use your Browser(s) Extension(s) to do anything. Essentially, the main differences are that Browser Extensions add features you can use in the devices browser on your system, while then your web or internet use allows the Plug-Ins to add features that websites can use. One of the only things they share in common is both must work in some complicity with/through the browser. The focus discussed here today is not about these Plug-ins but, going forwards addressing the Browser Extensions or add-ons if you prefer that term.
In theory, Browser Extensions you have elect to use, and by that use, you will grant them a license to “read and/or change all the data on the websites you visit”. Browser Extensions can see the websites you have browsed to, make changes to those webpages and report back to its creator with all the information they have done and/or log captured. So for a users Browser Extensions basic knowledge extensions can read, modify, and transmit extensive contents from all the webpages you visit. This could include keystrokes of sensitive information like your passwords, phone numbers, and credit cards as some items personally identifiable back to you – in adjacent to becoming nefarious ploys.
Browser Extensions are built on the web technologies like HTML, JavaScript, and CSS. This so much has lowered the entry barrier for developers or even hobbyist coders and enables them to write Browser Extensions with relatively little assets and resources. And as if things are not bad enough using Browser Extensions, they had an ability to installed from third-party websites through something called the inline install API. Browser Extensions most generality are automatically updated. So, even if you took the necessary precautions before hand and did your research in vetting prior to installing an extension to the browser, the extension could be turned around at a later phase – then that before prior vetting had you to believing of it. The browser extension can also be subject to changing hands (owners). The original developer may sell their extension to another company and/or it may even get compromised and become the target of a supply chain attack.
Many browser extension developers have suggested they benignly using this sensitive user information, but there is always the danger that the all-access licensed user pass. You’ve given consent to will be abused or that at worst it becomes rogue software grabbing up keystrokes, login information, account numbers and other private data. Malware makers have hijacked or even bought legitimate browser extensions from their original developers and used their access on a device to pump invasive advertisements into webpages and still more evils deeds to users.
Using just an Ad Blocker browser extension as but one example for your understanding – of a browser extensions abilities. Most of the users data it would collect is about your browser and how you use this Ad Blocker browser extension, and it can be tied to a unique user-ID. That unique ID can be said as is randomly generated when you install this Ad Blocker extension, so not specifically tied to you personally – this is the vetting of facts you’d need to do in your understanding what the extension has a license to do. Not overlooking the real fact still remains it’s very possible for it to see, read, log any keystrokes of your sensitive information you have to enter for access to online accounts.
An ad blocker browser extension works or should by : 1) blocking a web page’s requests to download ads from the servers that host them, and 2) hiding any ads that can’t be blocked by method #1.
To do that, the browser ad blocker extension needs to see every page you open so that it can work on every page you visit. This also means that the ad blocker extension knows the URL of every page you visit which can be logged.
– It also sets at the end – your end of the VPN encrypted tunnel if your using a VPN for your protection from the whatever eyes of the web. It has a front seat to your opened browser window of view, like a total stranger setting right beside you…
Cause it see’s all the data on the displayed webpage to find any ‘unblocked ads’ amongst all the other content. Also it means that this specific ad blocker browser extension (as like so many extensions themselves) can see any forms you submit and your browsing history on that browsers opened tab or any tab you switch too.
(All extensions) as this one work in changing the data on the webpage by adding some HTML, CSS, and JavaScript code to the webpage to it’s ability of beings an ad blocker in blocking the ads or to hiding unblocked ads.
…Past victims – – Over 20,000,000 of Chrome Users were Victims of Fake Ad Blockers… [https://adguard.com/en/blog/over-20-000-000-of-chrome-users-are-victims-of-fake-ad-blockers.html]
As to your own proper privacy and security hygiene, make sure you really need the browser extension. Then by creating a new dummy Browser Profile for checking out any possible extensions first by it’s testing purposes is a reasonable precaution that you can help prevent a lot of shed tears later. Separate your real world home/business browser, where you will have all your online accounts open from time to time, from the testing dummy browser profile and you have added a simple as easy additional layer of security.
Before you install any browser extension, it’s a good idea to read the company’s privacy policy and know what the software can do, and plans to do, concerning that with your data. But such an honor system is only as effective as the people who are writing it. If you accept every permission a browser extension asks for without a second thought nothing can be done if you suffer loss from using it.
Many browser extension add-on’s quietly do their jobs without grabbing your data, but if online privacy and security concerns you at all, consider skipping the convenience of the browser extension, or thoroughly read its creator’s privacy policy so you know what you are agreeing to share when you install the software. Periodically checking if it’s changes owners, then check for any updates to date and any security audits on it. SEEK MULTIPLE ways of vetting it. Read real users reviews where your able to ask questions and get answers.
I personally think I’m better off using Win 8.1 Internet Explorer 11 for it’s closed eco-system to browser extensions adding and prefer going with an installed software program to do my privacy & security part from that venue. As opposed to trusting the use of any browser extensions! I limit them in other browsers I have used to need just the same of their offering tracking protection.
VPN’s being used should never be of the browser extension type, then it needs installed to the system (not browser), from there it depends on where your DNS requests are being sent as to which priority handles these calls. However, if all your network traffic is going via an encrypted VPN and it’s own DNS servers, no your hometown or local ISP chosen will not see it routes – but have you given thoughts that the VPN’s own needed ISP provider will of course see your tracks across the web? Which is another topic I hope Sven and the site team explores soon along with (CDN) A content delivery network, or content distribution network.
primus inter pares – first among equals / that is what contributors are…
Thank you
also see:
[https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/]
Good find, Sonar. Thanks!
Most of these search engines return results with a URL that contains the search terms. Most ISPs are required to cache all URLs that a subscriber visits for at least 6 months, so that it is searchable by government agencies and hackers. I don’t know how any search engine that does this can call themselves private.
Of course one can avoid this somewhat by using a vpn, but this should not be necessary. Some search engines allow the choice of using POST to transmit search terms, and to generate a URL to set this on every visit. Still, it seems to me that most search engines, including those listed here, effectively violate users privacy by default in this way.
I always prefer search engines that use POST for the same reasons you listed, Johnson.
From what I’ve gathered, only a few use it. Searx and StartPage use POST by default. Whereas for DuckDuckGo, you have to toggle an option in their settings area, unless you use their lighter versions — duckduckgo.com/html/ or duckduckgo.com/lite/.
Would be great if this article listed which ones use POST submission.
Yes but if the search engines use HTTPS connection, ISP can only see the domain name (e.g. example.com) and not the full URL (e.g. example.com/q?search+term). So POST is good as well as using DNS that is encrypted and not the default by ISP. VPN is good too. Also, make sure browser and website uses trusted certificates.
Right now, http://www.metager.de does not automatically use HTTPS.
This is deeper and only remotely related, but it’s concerning at heart and deals with this sites purpose to inform users. So I’m building on your reply ; )
Trusted Certificates: All SSL-intercepting Proxy Appliances MUST provide a fraudulent spoofed certificate containing a public key for which it has the matching private key, and that private key cannot be the same as the actual remote server’s because private keys are a closely held secret and no one knows any server’s private key.
This means that no matter how much any SSL Proxy Appliance might want to duplicate a remote server’s certificate . . . it cannot. It is impossible. And the certificate’s fingerprint, which can be easily viewed through any web browser’s user-interface, completely gives it away the a lie.
The remote server’s REAL certificate and the SSL Appliance’s FAKED certificate MUST HAVE AND WILL HAVE radically different fingerprints. They will not be remotely similar. Verify their connection fingerprints, as one type of certificate which, when properly handled, as they have been in the Firefox and Chrome (and Chromium), but not Internet Explorer . . . CANNOT BE SPOOFED at all! In Firefox and Chrome, only 100% authentic Extended Validation (EV) certificates will display the extra “Green” indication!
What about this?
Aggressive adware applications (anti-malware security products), and some very popular one’s I must say, can break the trust between HTTPS – (HTTP Secure) websites and it’s users – have been at the center of controversy amongst the very nature of your use to employ them to secure your devices. Where their not checking the revocation status of SSL certificates before they will replace them with their new ones that are signed using a root certificate installed locally. These products use this technique in order to scan the encrypted HTTPS traffic for potential threats. This mean they turn to connecting to the remote web server, the browser is “securely” connected, only to the local Proxy Appliance which is decrypting, inspecting, and logging all of the material sent from the browser. It inspects all content to determine whether it abides by whatever arbitrary policies the local network is enforcing. It’s users have NO privacy and NO security.
If a website’s certificate has been revoked by an certificate authority for example, because it was issued fraudulently or because its private key was compromised by hackers, affected these anti-malware security products as it will still accept it as valid. More importantly, as part of their HTTPS scanning feature, they will convert the revoked certificate into a certificate that local browsers will trust, despite the fact that under normal circumstances those browsers would reject the original certificate.
The client asks for a secure-connection and the server says sure and we’re off to handshaking our way to a secure connection. The client, typically a Web-browser but it can also be an e-mail, cloud-storage or VPN as some other kind of network service client, replies with what kind of SSL it can handle and the client and server compare notes on identity certificates and cryptographic keys until they come to an agreement that they can set up a secure transport layer. At this point, most of you assume that you have a secure end-to-end connection.
INTERNETS PRELUDE:
The Internet is a cooperative PUBLIC DATA NETWORK. Its data traffic flows around the globe freely, transported by an incredible variety of intermediate carriers. These carriers cooperate because they need each other equally: “I’ll carry your traffic if you’ll carry mine.” And the system works. But with all of this traffic zipping around all over the place, in full public view, how do we KNOW that we are really connected to our bank, our medical records database, or any other public or private website? Websites are (obviously) easy to create, so copying a popular website and redirecting it’s traffic there to a malicious set up one would not be difficult. And, unfortunately, the world has no shortage of people who would like to do that.
The original un-secured HTTP web connections never attempted to authenticate or encrypt their connections. Users who knew enough to wonder and worry only could only hope that they were actually interacting with the website they intended. And that was fine back when the Internet was just a curiosity based interest. But the Internet has grown into a foundation resource where people conduct business, place orders, exchange stock, refer to their medical histories, perform their banking, and everything else in very much a manor as they do in the physical world or that same personal information being used. For the “cyber versions” of these activities to be feasible, users expect, need, and must have security and privacy in mind to conducting eBusiness actives.
The “S” added to the end of the “HTTP” was to mean SECURE.
(Or at least it was supposed to.) By the Lock Icon seen in the browser.
The presence of the unbroken key or the lock icon on the web browser once meant that the connection between the user and the remote web server was authenticated, secured, encrypted . . . and not susceptible to any form of eavesdropping by any third party. Unfortunately, that is no longer always true.
Some time ago, NSA could actually intercept and break Secure-Socket Layer (SSL) protected Internet communications. As too, any anyone could with an SSL interception proxy program or device place in the right logical position. If your company can do this at your business firewall junction couldn’t the NSA do something like this at a tier-one ISP? At a major company’s Web hosting facility? I don’t see why not. After all the NSA set up Room 641A at what was then AT&T’s 611 Folsom St. building in the mid-2000s for surveillance.
Does anyone know of a Chrome, FF or another browser extension that works with Facebook and other sites stripping the redirect links when you click on the link? Each time I try to send the link to someone else I see a tonne of crap embedded within the link. I can remove the junk manually (sometimes) but it’s quite time consuming.
I’m not sure ok but see if these can help, then see any ‘Related’ at their page bottoms to.
[https://chrome.google.com/webstore/detail/fix-url-links-redirect/ngcknmhpnonbbekommfpihpddphgiojd]
[https://chrome.google.com/webstore/detail/url-tracking-stripper-red/flnagcobkfofedknnnmofijmmkbgfamf]
Maybe you should request this in “Trace” many extension see every site you visit and having many add-ons are privacy nightmare concern. As most extensions are just block the servers which track you, Trace goes the extra mile by adding in protection you wouldn’t otherwise have, such as:
Canvas Fingerprinting Protection, Audio Fingerprinting Protection, WebGL Fingerprinting Protection, HTTP Cookie Protection, Control over Referrer Headers, Removal of Special Chrome Headers, User-Agent Spoofer, Hyperlink Auditing Prevention see the link -[https://absolutedouble.co.uk/trace/]
You haven’t given your OS and this may be of help.
[https://www.reddit.com/r/Adguard/comments/fe7380/how_do_i_block_redirects_from_a_specific_website/]
Use the ClearURLs extension.
From a craftsman who can make nearly anything, but has found ones mind repels IT information almost phobicly! 😏
I try – but…. Have conceded after many years – I’m ‘Techlexic’.
And I liked your article – enough info to help, not too much to confuse.
… Untill I foolishly attempted all the following queries and replies.
But I learnt stuff, and it was encouraging to see your passion for this overrides your ego… It was good to see you keep an open mind…and went back, rechecked previous info, followed up others suggestions, and you had no problem accepting if your findings weren’t complete , or if someone had more to complete it.
And that’s respectable! 🙏
When one has passion for what they do – the learning never stops.
And your attitude to your work made me realise something:
Ive always associated the word ‘craftsman’ with those who have good knowledge of old school skills of ‘ making useful stuff’…with style 😁
And a craftsman is always looking to ‘make even better’.
And I can see, that in the modern world… Craftsmanship is there too, always looking to make things the things we use better. ( Not so much the companies, but those who understand the needs of the users. To help them find the right jigsaw puzzle of Tech, programs, apps and tools ( and lawd knows what else) , to make their experience and use of technology easy , safe and unproblematic as possible.
I know a good knife from a bad.
I know quality design.
And I know whats just overpriced crap.
But here, I don’t!… I can’t tell one from the other.
So your article was great.
And Dude, never lose the integrity of your passion for quality… It’s what makes you a craftsman in your field.
👍😊
Hey rightly so, all we old types that can relate to this having lived long enough to know real differences in any choices given us thru the decade of ages. Then with the advertising hype’s of today can be associated to selling one on something not necessarily needed and beneficial. As opposed to it’s stand on merit(s) in (quality & functionality) of itself selling a customer covering a users real needs of fulfillment and true purpose as quality, usefulness, and pride driven class.
I believe you’ve described an artist here as the hearts passion matters to excel and grow in their attained lived perception skills of an overall attitude needed to be the unique work. As a craftsperson develops this overtime in a field but, to be limited of the one trade becoming a master of it’s specialty (master electrician ex.), singled out by just a timed vision on it and to it’s caliber sought by completeness.
What marketing used to do, is take something that is fungible (generic) and in marketing it adding slogans, brands, and sometimes additives to make it have a distinction over the other like goods, service, things. Even the additives being added are fungible as generic based. Gasoline as it is, is a fungible based product as is grain and wine, etc… Since we are a wheat, corn and soy based society you can understand this by the choices in what we’re given to consume. BECAUSE OF THIS it’s often the hype added to offering something over something else costing and causing the tenor and tiers of pricing for all these things that are at their core the same.
I remember a time – then if your old enough, we’ll remember product sponsors of the 50’s 60’s prime shows , that held only a few sponsors spots of that show as a marketing ploy for them to get noticed.
Bonanza – Cambells soups.
Dobie Gillis – Phillip Morris and Pillsbury alternated sponsorship.
ROUTE 66 – two primary sponsors, General Motors Chevrolet division, and Philip Morris Marlboro, you get a lot to like in a Marlboro/Fillter, Flavor, Pack and Flip-Top box}.
Lawrence Welk – started out with Dodge automobiles, then Geritol and I think Sominex sleeping tablets towards the end.
The FBI SHOW TV Series – Ford Motor Company, pushed Lincoln/Mercury
where you saw the ride claimed so smooth they had a diamond cutter cut a diamond during the commercial’s ride.
Throughout the 1950s and into the 1960s, television programs were regularly sponsored by one or maybe two companies, sometimes with a primary sponsor and an alternate sponsor. These companies paid the production costs for the programs and in return were featured more or less exclusively during commercial breaks, although certainly other commercials could be shown as well as time went on. There were often integrated commercials featuring the cast that tried to seamlessly work the sponsor’s name and the names of its product(s) into the show.
In some cases, the sponsor’s name made it into the title of the program: Hallmark Hall of Fame, Texaco Star Theatre, The Colgate Comedy Hour, and Kraft Television Theatre.
Honestly, there is no such thing as a private search engine. Its all interconnected. People trying to make money, setting up search engines and at times appear to you as masking their referrals, while receiving commission. Its all sticky, whether its the rented RF bands utilized by the “alleged” ISP, built in OS, baseband, and more. On top of all of that, all nodes and modes must be in FCC compliance. You may dodge a few third party ads at best.
-Ghost
At Ghost, I get it and where does the search engine reside but the browser most of the time, I recommend Adguards Stealth Mode for
General:
Hide your search queries when you proceed to the website from Google, Yahoo or any other search engine, this option hides the search query you used to find it.
Send Do-Not-Track header:
Sends a Do-Not-Track (DNT) HTTP header to queried websites that requires web apps to disable tracking of your activity.
Remove X-Client-Data header from HTTP requests:
Forbids Google Chrome to send its version and modifications information with requests to Google domains (including Double Click and Google Analytics).
Strip tracking parameters from URLs:
If you enable this option, AdGuard will strip tracking parameters like utm_* and fb_ref from pages’ URLs.
Tracking methods:
Self-destructing third-party cookies
Websites store your information and preferences with cookies – e.g., they remember the language you chose, the location or even the list of goods in your cart. When you get back to the site, your browser sends back the cookies belonging to that website, which allows it to “recall” your data.
Third-party cookies are those implemented by a website that is different from the one you are browsing at the moment. E.g., cnn.com may have a Facebook “Like” widget on it page. This widget will implement a cookie that may be read by Facebook later on. Some advertisers use such cookies to track what other sites you visit where their ads are posted.
Put a time period (in minutes) by the end of which all third-party cookies will be destroyed. Set the timer to 0 in order to block them completely.
Self-destructing first-party cookies (*I do it anyway at around 15 mins)
We do not recommend enabling this option as it may severely interfere with the work of certain sites.
Put a time period (in minutes) by the end of which all cookies will be destroyed. Set the timer to 0 in order to block them completely or higher as you require to work on the site logged in – preference is yours and a password manager quicken relogging in.
Disable cache for third-party requests:
When the browser addresses a page, the server assigns it an ETag, which the browser then uses to cache the contents. Upon subsequent requests it sends the ETag to the corresponding server, thus letting it learn the visitor’s identity. While the site files are cached, the ETag is sent every time your browser addresses this site. If the site has content embedded from another server (e.g., an image or iframe), that server will also be able to track your activities without your knowing it.
Block third-party Authorization header:
“Authorization” header value is cached by the browser, and then is sent alongside every request to that domain. It means that it can be used for tracking purposes just like cookies.
Browser API:
Block WebRTC, WebRTC (Real Time Communications) is a technology that allows streaming of data directly between browsers and apps. It can let others know your real IP address even if you use a proxy or VPN.
Enabling this option can disrupt the work of certain browser applications, such as messengers, chats, cinemas, or games.
Block Push API:
Push API enables servers to send messages to web applications regardless of browser status. This means you may see notifications from various websites even if your browser is hidden to tray or not launched. Enable this option to block browser Push API completely.
Block Location API:
Enabling this option will prohibit the browser from sending GPS data that could be used to find your location and modify your search results or otherwise influence your web experience.
Block Flash:
The Flash Player plugin has become increasingly vulnerable to online threats like viruses and hackers and can also have a significant negative impact on loading time for websites. When this setting is on, AdGuard blocks browsers’ ability to detect components (like plugins and ActiveXObject objects) that allow Flash to display content. This effectively means that browsers are unable to support Flash.
Block Java:
Some websites and web services still use old technology of supporting Java plugins. The API, which is the basis of Java plugins, has serious security issues. You can disable such plugins for security purposes. Nevertheless, even if you decide to use “Block Java” option, Javascript will still be enabled.
Miscellaneous:
Hide Referer from third-parties, Referer is one of HTTP headers for browser-to-server request. It contains the URL of request source. If you advance from one page to another, Referer will save the URL of the initial page. The server is often equipped with software that analyzes Referer and extracts various information from it. Enabling this option hides the current website from third-party sites by changing the HTTP header.
You can also set Referer of your choice by typing it into the Custom Referer field. Leave the field empty to use the default Referer.
Hide your User-Agent:
When you visit a website, your browser send the server its information. It looks like a text line that is a part of HTTP request beginning with “User-Agent:”. It usually includes the name and version of the browser, operating system, and language settings. We always replace your operating system with Linux as we consider *nix system users as less interesting for advertisers.
You can also set User-Agent of your choice by typing it into the Custom User-Agent field. Leave the field empty to use the default User-Agent.
Hide your IP address:
Stealth Mode cannot hide your IP address. However, we can conceal it so that websites you visit will take you for a proxy server. Sometimes, it helps, and websites ignore your real IP.
You can set a random IP that you would like to be perceived as yours by simply typing it into the corresponding field. Leave the field empty to use the default IP address.
Ghost don’t think that I don’t use all of them because I actually do…
AdGuard top of the line https://restoreprivacy.com/ad-blocker/
Very comprehensive list, thanks for putting it together.
Just for you to consider in case you were not aware,
+ Cliqz (https://beta.cliqz.com/)
+ Seznam (https://www.seznam.cz/)
They are both full independent search-engine with their own index. Mojeek is not the only exception, but one of the very few.
What about this?
https://search.privacytools.io
Tor > User Agent Switcher > PrivacyTools = FTW
Here are my two cents: Swisscows.com does not work with JavaScript disabled.
Perhaps they did not have enough resource for SSR’d pages, but even a highly rudimentary UI would be grateful in making JS-disabled experience usable.
I just dont understand why qwant forces one to install an extension for Firefox. It just should be able to set it as default search engine without the extension. And watch out, their default extension hijacks your homepage. They do have a extension called “Qwant basic” which doesnt do that, but still, it is an unnecessary extension. This for me shady behaivour makes me stick to duckduckgo.
I would also be careful with DDG.
Owned and based in America it too has a few things with it. Even @Sven has pointed some things out elsewhere on the site.
My personal favorate search is SwissCows. There are a couple of others but SC seems the best out of the list.
As far as browser, I was using Cliqz (if I remember correctly). The only downfall was you had to use THEIR pre-selected search. I just downloaded the SC app and used that, but that got combersome.
Hope this helped.
What do you mean with forces you? You can just use a custom url. (preferences > home)
No need to install the extension. Pretty happy with qwant to be honest.
Just realized Peekier was removed from the list of other search engines worth mentioning. No wonder @Mike brought it up recently..
Why remove it though ?
The copyright info on their page is 2017 and seems very dated. I also couldn’t find much info about Peekier.
Here’s what I found, Sven. Feel free to share it:
– Peekier is made by an indie developer, Tony aka fivesigma on Hacker News and ninesigma on Reddit.
– He announced Peekier on Hacker News on December 13 2016, stating it uses Bing mainly and also custom crawler.
– fivesigma also developed an HTML5 game called Airmash which he shared on Hacker News on December 10 2017
– The original Airmash is discontinued since Nov 23 2018 (server shut down April 24 2019) but from 2019-2020 today, other people have set up alternative servers to run the game based on original code.
– The developer is no longer active on both Hacker News (last comment Dec 10 2018) and Reddit (last comment Jan 19 2018)
– Although Peekier doesn’t get much publicity as Airmash, it survives longer and still runs today on original server (Feb 2020). There’s no telling how much longer will the service last which is quite unfortunate
– Peekier is a unique if not original concept in search engine, using visuals ie screenshot as search result preview. This saves people time and effort from clicking on search results as well as protecting their privacy
– There are no ads or trackers on Peekier. It doesn’t seem to use Bing and Code Fuel together like Ecosia and Givero
That’s all I found out. Peekier seems all right to use, no malicious intent albeit a bit recluse. It’s hard to juggle between life, career and personal project as an indie developer anyway.
Sources:
https://www.janwillemboer.nl/blog/posts/2019-11-airmash-history/
https://news.ycombinator.com/submitted?id=fivesigma
Thanks for the info.
dropicon.com is a privacy-respecting search engine with a unique drag and drop UI
Hi James, could you explain a bit how to use Drop Icon? I’m not sure how to use it.
Each icon represents a keyword. So for example; if you were searching for US restaurants you would drag the American and Restaurant icons into the search box and hit the search button.
Very helpful list, Sven. Thanks very much! I have also found out about Lukol, Gigablast, Peekier, Search Discreet, and Gibiru. Have you had a chance to look these search engines over? If so, what do you think about them?
Hey Mike, I haven’t looked at those too closely yet, but feel free to share what you learn.
Gibiru and Lukol are proxy services similar to Startpage. Gigablast seems to be its own search engine and is open source. I am unsure about Peekier and Search Discreet though all state they respect the privacy of their users and do not record their searches. One other search engine, Yippy, is very good and I will use it or Gibiru. I like the fact on Yippy you can preview a page before opening it. Peekier has this same feature.
Discrete Search appears to be under the same company as Search Encrypt which Sven doesn’t recommend in the article due to its vagueness.
Not much is known about Lukol, its privacy policy is basic and vague.
Peekier looks fine, digging thru the Net and it appears to be the work of a small developer who once promoted his/her engine on hacker news. The engine still works but no update on the website since 2016. There’s no visual search engine like it so far.
Gibiru, Yippy and Gigablast are welcome alternatives.
@Mike, have you tried dropicon.com and izsearch.com ?
On lukol – “We obtain search results via Google custom search.
We use cookies to personalise content and ads, and to analyse our traffic. We also share information about your use of our site with our advertising and analytics partners who may combine it with other information you’ve provided to them or they’ve collected from your use of their services. If you wish to opt out of Google cookies you may do so by visiting the Google privacy policy page.”
[https://policies.google.com/technologies/partner-sites?hl=en]
WHO is the advertising and analytics partners ? To ME it’s GOOGLE
No thanks…
Question: big as G is wouldn’t it be worth it to tap the smaller search’s claiming privacy to only add more users data, if there’s not a defined separation printed out on the site covering this?
Give me one without the ads and we’re closer to ideal for users.
Then off-topic why does the Walton family (Walmart) have a Bank (almost entirely owned) by them?
[https://en.wikipedia.org/wiki/Arvest_Bank]
I would not call searx.me an official instance per the creator’s comment (I noticed the Wiki also corrected this a few months ago).
“Searx.me isn’t an official public searx instance.” – asciimoo
“It has infrastructure issues nowadays, sorry for the inconvenience. I should stop the instance while these issues are unresolved.” The site is now down.
https://github.com/asciimoo/searx/issues/1809#issuecomment-573887189
Sven, I’m interested in your opinion of etools.ch from a privacy angle? (No affiliation.) Reason: I’m interested in something to replace StartPage, yet a search engine that does not primarily rely on Bing.
eTools.ch is a private meta search engine, meaning it sends queries to multiple search engines. 16 in fact: Ask, Base, Bing, DuckDuckGo, Exalead, Faroo, Fastbot, Findx, Google, Mojeek, Moose, Search, Tiger, Wikipedia, Yahoo and Yandex.
Google-based alternative to StartPage would be Gibiru.
Hi I was mistaken about DNS calls from duckduckgo browser
the calls continued after i uninstalled the app, the weren’t related to the browser.
using malware bytes i found out my phone has a preinstalled virus like the blue phones(fota, addup),in system update.
i will have to get a new phone.
what do you think of the pinephones.
The PinePhone looks really good. I think they are shipping soon.
What does it take to become a data scientist?
Thanks for sharing this. It’s unfortunate that Startpage sold, because I loved Google’s results in a “private” package.
Today I alternate between DDG and Ghostpeek.com. You might be interested in trying this one out. It uses the same encryption as Search Encrypt, but without all the ads.
I can’t tell if you are a paid shill for Ghostspeek, or if you are actually serious. But anyway, for anyone else reading this:
Ghostpeek, the supposedly “private” search engine, is run by a sketchy shell corporation, which in turn is owned by a personal and mobile data aggregator based in China
Thank goodness you replied with the warning about ghostspeek Sven. I was just about to check it out… hard to trust posters nowadays. BTW, do you give the free version of ProtonVPN a yea or nay? I’m only interested in the free versions of software at this time.
Thanks again….
Hey Charles, yes, that’s about the only “free VPN” I would consider, but it’s quite limited on server selection and features. Overall not bad, but if you can afford it, the paid version is much better and offers all features and servers, while also supporting the company. Seee the ProtonVPN review
Charles,
I used the free VPN for a while before upgrading. I highly recommend them. When you can, I do suggest upgrading as the company is doing some really good things and it is good to support these types of companies.
I also noticed that Ghostpeek has annoying ads. I searched for the very easy to find “firefox extensions”
Ghostpeek told me: “No Results Found. Try some of our Sponsored Search Terms:” and then showed ad-links for Flights, Amazon, Ebay and so on. Not very trustworthy.
Hi i tried duckduckgo browser in android out of curiosity, while using dnsfilter from f droid.
duckduckgo make frecuent dns calls to umeng(alibaba).
i am doubting duckduckgo search engine now.
Thanks for reporting this. I think that DuckDuckGo has partnered with eBay and Alibaba for affiliates, but I’m not certain. I’ve also heard that DDG has not disclosed how it acquires data for targeted ads on its users.