actually awesome and fast search engine (depending on which instance you use) with no trashy AI and ADs results also great for privacy, if you don’t know which instance to use go to https://searx.space/ and choose an instance closest to you
actually awesome and fast search engine (depending on which instance you use) with no trashy AI and ADs results also great for privacy, if you don’t know which instance to use go to https://searx.space/ and choose an instance closest to you
Aren’t all search queries available to whoever hosts an instance? In my eyes this is much worse to privacy and a much bigger risk unless you really know who is behind your chosen instance. I would trust some a company a bit more with safeguarding this information so it does not leak to some random guy.
I’ve always gotten the impression it was mostly intended to be self hosted. I’ve self hosted it for something like a couple years now, runs like a clock. It still strips out tracking and advertising, even if you don’t get the crowd anonymity of a public instance.
Self hosting doesn’t make sense as a privacy feature because then it’s still just you making requests to google/other SE
It’s not useless, it removes a lot of the tracking cookies and such and sponsored links loaded with telemetry. Theoretically you can also get the benefits of anonymity if you proxy through Tor or a VPN, which I originally tried to do but turns out Google at least blocks requests from Tor and at least the VPN endpoint I have and probably most of them. Google or whatever upstream SE can still track you by IP when you self host, but its tracking is going to much less without the extra telemetry cookies and tracking code it gets when you use Google results directly.
But yes, practically you either have to trust the instance you’re using to some extent or give up some of the anonymity. I opted to self host and would recommend the same over using a public instance if you can, personally. And if privacy is your biggest concern, only use upstream search providers that are (or rather, claim to be) more privacy respecting like DDG or Qwant. My main use case is primarily as a better frontend to search without junk sponsored results and privacy is more of a secondary benefit.
FWIW, they have a pretty detailed discussion on why they recommend self-hosting here.
Companies are definitely selling your data. Use a VPN.
A VPN will not save you, they are easily worse for privacy in terms of user tracking. It centralises your entire web traffic in a single place for the VPN provider to track (and potentially sell).
You either trust the ISP or a VPN. Its a tool not a blanket of protection. Opsec and knowing how to move is most important.
But you pay more for what is essentially the same with a VPN. You have to buy a VPN subscription on top of your internet subscription, get less speed because your internet traffic is being routed through a different country and get no benefit to privacy. The only use case for a VPN is when you have to bypass georestrictions.
As someone who hosts an instance, news to me lol
Edit: Developer says this can’t be done currently? Reddit comment
It doesn’t bother me one bit of you know my search history. You’ll learn I search a word to see if I know your to spell it properly and that I DIY a lot of stuff lol
Billions of Chinese also aren’t bothered that they live under surveillance, but it isn’t right.
Good thing it only happens to the Chinese…
Thanks for clarification and great that this is not included in project, but couldn’t someone change the server side code and somehow see more info that goes through?
I know there is that HTML check in https://searx.space/ to see if search interface code is not heavily modified, but on server side anything could go on.
If requests are encrypted in a way that searxng does not see contents then it probably is not trivial to do, but there always is a possibility something clever could be done.
Of course it can be done, check your web server logs.
If you are using GET requests to send search queries to searxng, what you searched for will show up in the logs as
2024-10-31 123.321.0.100 /?query=kinky+furry+pictures
If you use POST requests the server admin can also easily enable logging those.
People hosting searxng can absolutely see what you searched for, along with your IP address, user agent string etc.
Well my instance’s logs are sent to null for this reason already, but thank you for the info!