• nooj@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    No it’s not horrible for privacy it’s literally just for billing which payment can be made anonymously too. They don’t even verify the email address you use. So much misinformation in this thread. Go Google your info before you present it as fact.

    • bh64@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      1 year ago

      it is a fact. you have to be logged in to do a search or use an API key which directly associates your search query with your account.

      Let’s say you don’t give them a real email, that’s good. Maybe you’re using Tor or a VPN and they don’t get your IP. And somehow you manage to make your payment anonymously. That’s great.

      Well, Kagi is still getting all your search queries which are directly associated with one account. We don’t have their server’s code. We don’t know how or what are they logging. They can claim whatever in their privacy policy, I don’t care. A single entity is receiving all your search queries directly linked to your pseudonymous account. This gives them a vast amount of data about the person using it, even if they do not know who you are, probably very sensitive information too.

      Let’s make a huge assumption and assume they are not correlating your search queries and they do not use this information for anything. Well, a third party actor with access to their servers could very well make use of this vast amount of personal data, whether it is a government, their hosting provider, a malicious actor, a security breach, etc.

      And that’s considering the best case in which you were covering your tracks hiding your IP all the time and making anonymous payments, which, being honests, most Kagi users don’t do. So yeah, Kagi is a privacy nightmare.

      • nooj@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        To say it’s a privacy nightmare in the context of a Google thread is just not accurate. If they associated search queries with your account then they’d be breaking their own privacy policy and opening themselves up to lawsuits.

      • cybersandwich@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I feel like this is a fair, even if incredibly skeptical, take on kagi. I am a kagi user and I had that exact thought when I started using it. How can you even function as a search engine if you dont capture searches at least in aggregate–so you can tune or shape your algorithms?

        That said, I didn’t start using them strictly for privacy. I started using them because they were giving me the best results I’d gotten from any search engine in a long time. And I didn’t have to

        And while I wouldn’t necessarily say Kagi is the gold-standard for privacy, their business model is, at the very least, aligned with providing good search results. Google is an advertising company masquerading as a search engine. They have some incredibly perverse incentives for how they delivery results.

    • long_chicken_boat@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      wtf that was not misinformation. you need to be logged in when making searches, they can log everything you search server-side and tie it to the same person.

      every time I search something in SearXNG they have no way of telling I’m the same person if my IP has changed. but this is impossible with Kagi. they need to know your account.

      they have basically 0 transparency of their server side, we don’t have any code. It’s like trusting a VPN provider not to log your every connection because “trust me, bro”. this is a necessary risk for using a VPN but not for search engines and I wouldn’t recommend anyone to take such a risk when better alternatives exist.

        • long_chicken_boat@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          a privacy policy, as I said, is a “trust me, bro”. they don’t give any actual proof.

          that by searching through a SearXNG instance in a .onion domain they have no idea of who I am and they can’t associate it with any other of my searches, is a verifiable fact.

          that Kagi isn’t correlating search logs, isn’t.

          I’ll trust verifiable facts over blind trust any day. and you should too.