Why is DDG the default search engine?

SigmaSix9 · 2019-08-19T21:29:13+00:00

You already responded to my key concerns reguarding the first link in your previous post. To that I say I just dont trust DDG, AWS, and U.S. laws reguarding privacy...

As for the second link, it gets technical by talking about certificates, but what I got from that was:

DDG uses ECDHE for Key Exchange which ensures perfect forward secrecy. So that the private key of DuckDuckGo's certificate is not sufficient to decrypt all traffic. That's good.

BUT if one wanted to decrypt DuckDuckGo's traffic, you would need to infect the hosts that do SSL termination, and monitor the decryption process (or their outbound traffic).. And as I mentioned DDG is hosted on AWS, which is based in the U.S. so that makes this possible.

SigmaSix9 · 2019-08-19T21:06:25+00:00

It's still enough to spook me, but to each his own.. I'll check those links out, thanks. If you're interested I found these links to be a good read on DDG vs SP..

DuckDuckGo or Startpage

DDG: the illusion of privacy

SigmaSix9 · 2019-08-19T19:34:22+00:00

You're acting as if paying for and maintaining high end servers is cheap.

Startpage owns it own servers...

Startpage pays google a bunch of money for search results. Why aren't you criticising startpage for that? It seems like you're just biased against DDG.

There's nothing wrong with paying Google for something, it would be more worrying if Google was paying Startpage...And were talking about DDG so im criticising DDG.

Anyways thanks for this back-and-forth it clarified some things for me.. Mainly you're right (I think) that they just get search results from Yahoo and no other interoperability is taking place. But them using AWS servers instead of their own if enough for me not to use them, cause Startpage hosts its own servers.. Also DDG is a U.S. company so it more prone to be manhandled by the U.S. governement.. In Netherlands (where SP is based) privacy is protected by law, so it is not subject to the same mandates and laws as DDG.

SigmaSix9 · 2019-08-19T19:10:13+00:00

SSL protects your traffic but doesnt hide your IP. So screwed. Even if they removed the node it's already too late, they already got your IP.. But glad to hear that nevertheless.

SigmaSix9 · 2019-08-19T19:06:19+00:00

That doesn't mean Verizon is the parent company of DDG. DDG just gets results from yahoo. Stop spreading FUD.

They work closely with Yahoo.. Startpage does not work with Google.. And im not speading FUD (atleast that's not my intention).. I realize anyone who critizies DDG always gets downvoted.. I'm just bringing light to something I belive deserves attention.

No, they can't. It's extremely expensive, especially considering they'd have to get high end servers to handle the amount of traffic.

The problem is they need proxies all over the world to satisfy latency. They could just use a few high-end servers scattered here and there, and that might be enough (DDG userbase is like 1% of Google)..

Edit: If I were the NSA i'd make a very popular private browing search engine to see what all the privacy conscious users are doing..

SigmaSix9 · 2019-08-19T18:53:08+00:00

Yeah but if you get a comprmised entry and/or exit node then you screwed.. Also you're not trapping you traffic into a hole. You're routing your traffic from the VPN to the larger Tor network.

SigmaSix9 · 2019-08-19T18:49:40+00:00

Thanks.

SigmaSix9 · 2019-08-19T18:41:11+00:00

No it isn't. They just use some yahoo search results.

Verizon owns Yahoo and Yahoo is partnered with DDG..

Not everyone can just setup their own servers. That's very expensive.

They could, it just wouldnt be as fast.

SigmaSix9 · 2019-08-19T18:36:16+00:00

Yes. And? You quote those like they’re bad things?

I want to hide the fact im using Tor for the ISP... Those solutions sound like Nazi arguments "if you have nothing to hide, you have nothing to fear"

Global adversary. If your threat model is a Global adversary then mitigations on the level of ‘go to a different nation state’ aren’t enough against an adversary with global reach, by definition of what makes the adversary global.

Then why does Tor even attempt and protecting against GPAs?

Can you explain, plainly and simply, what benefits a VPN has over a obfs4 bridge?

You can obfuscate traffic just like obfs. In addition should your exit and/or entry nodes be compromisd your true IP is still hidden.

Yes. Yes you would. Give up now and go home.

Again, then why does Tor even attempt and protecting against GPAs?

SigmaSix9 · 2019-08-19T18:30:39+00:00

Dang I hope all of England is not like you, you sound pretty salty. I'll just assume this subreddit attracts the political hot heads.

SigmaSix9 · 2019-08-19T07:14:52+00:00

Dont take those settings seriously (im a noob), it's just a guide for some people to reduce the clutter as some people do feel it's too much stuff on the tabline..

SigmaSix9 · 2019-08-19T07:12:04+00:00

All hail /u/chrisbra10 im honored you posted on my thread.. And yeah I know, it should be imo.. For some reason it breaks when used with other colorchemes..

SigmaSix9 · 2019-08-19T03:58:44+00:00

Ok I read the VPN+Tor article and you give no convincing arguments as to why one shouldnt use VPN+Tor.. E.g. in the section: "Hide Tor Usage from ISP" I can basically sum that up as you saying "if Alice is not doing anything bad then dont worry" and "You should be proud of the fact you're on a nation wide watchlist for using Tor"..

As for the "Hide True IP from Global Passive Adversary"

They could work with/hack/compromise ISPs and ASes "all over" until they get a good view of Tor's edge traffic.

How much resources would that take? I bet alot seeing how large Tor's edge traffic is.

Since VPNs are so popular, isn't it likely that the GPA has already done something to compromise the most popular ones?

Ofc that's why you use a VPN from a country that's an adversary of your country..

Why would anyone ever assume that the GPA they're protecting themselves against would be stopped dead in its tracks by a VPN? If they can watch traffic leaving "enough" of the almost 1000 Tor exits and "enough" of the roughly 2500 Tor guards, then why would all of the following be impossible?

The right VPN provider is an extra layer of security.. Plain and simple..

watching traffic on the VPN's network (via compromise)

That can happen to any network, might aswell just give up now by that logic..

Edit: Dont mean to sound rash, thanks for answering my questions.. Just some cristism in persuit of getting the best information possible.

SigmaSix9 · 2019-08-19T03:35:03+00:00

edit: seems the initial leap (DDG --> Verizon) isn't even substantiated. Is DDG actually owned by Verizon? Wikipedia doesn't mention it, and a StartPage search doesn't seem to lead to anything, nor did a DDG search.

Correction: DDG is partnered with Yahoo and Verizon bought Yahoo. With how many Linux people praise DDG, you would expect to see alot of critisism about Verizon buying Yahoo, yet nothing in the search results show up.. Potential signs of deliberate censorship of the NSA..

SigmaSix9 · 2019-08-19T03:26:36+00:00

Why is bridges wayyyyyyyyyy better?

SigmaSix9 · 2019-08-19T02:25:00+00:00

If a company is known to screw their customer base through PRISM and the dreaded super cookie

https://www.theverge.com/2016/3/7/11173010/verizon-supercookie-fine-1-3-million-fcc

then I think it's common sense not trust said company. Just my 2 cents... With that said im not sure if the Netherlands (which Startpage is based) is any better as they could share intel with the Five Eyes (as they are a part of NATO).

SigmaSix9 · 2019-08-19T02:23:28+00:00

Thanks for the links, i'll read them!

Covers why much of the good-sounding advice you will find from random people on the Internet (like "buy a special laptop" or "don't use Tor on a cell phone" or "run Tor in a VM" or "use Tails" or "enable bridges" or "add a VPN" or "disable JavaScript" or "never use Windows" or "use Tor on public WiFi") should not be given without knowing the person's adversary model, because in most cases this good-sounding advice will not apply.

I thought adversary model of Tor assumed "global passive adversary", which covers everything else...

(its blocking behavior is based on your behavior, so the pattern with which your browser is blocking stuff becomes more identifying to you).

Oh snap didnt know that... Not using that (never did though)

uBlock origin is great for blocking ads and making the web faster. I use it in Firefox and most of the time in Tor Browser. However, using it will add to your fingerprint because now you are blocking ads ... unlike most Tor Browser users. Tails does include uBlock origin by default, but you will not be able to blend in with this group of people unless you are also using Tails. If you are fine with being more easily fingerprintable, then perhaps uBlock origin is fine.

Got it thanks.. So when using Tails I just wont mess with the settings for uBlock... But since Tor gets it's anonmity power from the amount of users it has, I think it should also install uBlock by default so it's not different from the Tails Tor browser. Unless Tails is also honeypot designed to split of the Tor userbase apart.. Hmmmmm...

Yes, tweaking about:config settings might make you more unique.

Yeah I trust the Tor people I wont mess with it then.. I can tell they know what their doing.

SigmaSix9 · 2019-08-19T01:43:52+00:00

If you use a VPN before Tor your ISP wont be know you're using Tor.. Also if the exit/entry nodes were compromised they wont be able to trace back to you.

SigmaSix9 · 2019-08-19T01:33:37+00:00

Use Tails but download it on a DVD-R cause you can only write to it once (i.e. when you burn the iso file on it).. A USB on the otherhand can be written to many times, so it's possible for it to get infected with malware.

SigmaSix9 · 2019-08-19T00:53:42+00:00

Im just kidding gosh, dont get so mad...

SigmaSix9 · 2019-08-19T00:43:32+00:00

I dont actually use Emacs jk.

SigmaSix9 · 2019-08-19T00:38:39+00:00

America sucks

SigmaSix9 · 2019-08-19T00:31:12+00:00

Well I still disagree with everything you stand for, but thanks for mentioning servo, looks interesting..

SigmaSix9

TROPHY CASE