I put your comments forward to the duckduckgo.com forum and received this reply. While I am sure duckduckgo.com is a good search engine , and says
that logs are erased nightly , is this enough? why keep logs at all?
Thx! Anything in particular you want me to comment on?
> SSL version w/ HTTPS everywhere.
Scroogle also has a SSL version, which is used in T(A)ILS.
HTTPS everywhere means that for major sites the organic links are automatically changed tho their https versions.
> Tor hidden service (about).
What would be the advantage in T(A)ILS?
Not sure how T(A)ILS works, but the advantage is speed if you're on Tor. The end point is our server.
> POST/Refcontrol settings.
> Privacy Settings
> For more info on these privacy settings, check out the Privacy Policy.
> Redirect:
> If On it prevents sharing of your search with sites you click
> on.
This hides to the clicked websites:
- the fact the user is coming from DuckDuckGo
- the search that was performed, in case GET is used -> see the
second "privacy" setting
On the other hand, I wonder how this is implemented without telling
DuckDuckGo what site the user is going to visit... which would be
pretty bad privacy-wise.
The referer says duckduckgo.com, but the search terms are not there. We do not store ips or user agent so we have no idea what you in particular are clicking on. And right now we do nothing with this information anyway, and it is erased nightly.
> Address bar:
> If On, searches will appear in your address bar (GET vs POST
> requests).
I fail to understand the privacy enhancement this brings. Could
someone explain? I can clearly see the privacy downside in case
referrers are not disabled.
This is a) an over-the-shoulder privacy enhancement and b) makes it harder for someone to looking through your browsing history on your computer.
> HTTPS:
> If On, searches on the site will always go to the encrypted
> version.
This would be a great thing to have.
> they are on by default.
According to the settings page I just visited the HTTPS setting is Off
by default.
This just means if you land on our homepage with that setting on, it will submit searches to the https version. If you start on the https version always, it isn't needed.
Worried about how the default settings could be changed, I have had a
quick look to their website and it seems this can be done using [URL
parameters](https://duckduckgo.com/params.html) rather than cookies,
which is probably desirable in T(A)ILS context. We should be careful
about this though: using a non-default set of URL parameters would
help DuckDuckGo fingerprint T(A)ILS users.
We don't store user agents. I'd also be fine with scrubbing these parameters from the logs nightly.
-------- Original-Nachricht --------
> Datum: Sat, 15 Jan 2011 21:14:39 +0100
> Von: intrigeri <intrigeri@???>
> An: "The T\\(A\\)ILS public development discussion list" <tails-dev@???>
> Betreff: Re: [T(A)ILS-dev] search engine
> Hi,
>
> tim smy wrote (15 Jan 2011 18:35:50 GMT) :
> > I would to suggest duckduckgo.com as the default search engine it
> > has a tor page and has good privacy panel
>
> We already had a TODO item about this[0] in the todo/discuss state.
> Thanks for the heads up!
>
> [0] https://amnesia.boum.org/todo/DuckDuckGo/
>
> > Privacy
> > Google tracks you. We don't.
>
> T(A)ILS shall not rely on such good-willing promises
> => T(A)ILS shall protect users from DuckDuckGo as much as from
> Scroogle or anyone else.
>
> > SSL version w/ HTTPS everywhere.
>
> Scroogle also has a SSL version, which is used in T(A)ILS.
>
> > HTML & Lite (non-JS) versions.
>
> Scroogle has no JS or non-Lite versions :)
>
> > Tor hidden service (about).
>
> What would be the advantage in T(A)ILS?
>
> > POST/Refcontrol settings.
>
> > Privacy Settings
> > For more info on these privacy settings, check out the Privacy Policy.
> > Redirect:
>
> > If On it prevents sharing of your search with sites you click
> > on.
>
> This hides to the clicked websites:
>
> - the fact the user is coming from DuckDuckGo
> - the search that was performed, in case GET is used -> see the
> second "privacy" setting
>
> On the other hand, I wonder how this is implemented without telling
> DuckDuckGo what site the user is going to visit... which would be
> pretty bad privacy-wise.
>
> > Address bar:
> > If On, searches will appear in your address bar (GET vs POST
> > requests).
>
> I fail to understand the privacy enhancement this brings. Could
> someone explain? I can clearly see the privacy downside in case
> referrers are not disabled.
>
> > HTTPS:
> > If On, searches on the site will always go to the encrypted
> > version.
>
> This would be a great thing to have.
>
> > they are on by default.
>
> According to the settings page I just visited the HTTPS setting is Off
> by default.
>
> Worried about how the default settings could be changed, I have had a
> quick look to their website and it seems this can be done using [URL
> parameters](https://duckduckgo.com/params.html) rather than cookies,
> which is probably desirable in T(A)ILS context. We should be careful
> about this though: using a non-default set of URL parameters would
> help DuckDuckGo fingerprint T(A)ILS users.
>
> Bye,
> --
> intrigeri <intrigeri@???>
> | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
> | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
> | So what?
> _______________________________________________
> tails-dev mailing list
> tails-dev@???
> https://boum.org/mailman/listinfo/tails-dev
--
NEU: FreePhone - kostenlos mobil telefonieren und surfen!
Jetzt informieren: http://www.gmx.net/de/go/freephone
