OK I agree it’s not ideal that they’re whitelisting Microsoft trackers in their browser. I do though understand their need to make money somehow, search is not free after all. Fortunately it seems from their response that there are no Microsoft trackers embedded in their web search, that is unless you click on an ad, then Microsoft decides the tracking. That is not surprising to me, as it is an external resource just like any other site that appears in the search results. Yes it would be better if DDG used an ad service that would respect your privacy on the click of an ad as well, but again the money thing.
All this proves is that they cannot be trusted. Introducing search from these hypocrites is tantamount to shooting yourself in the foot! I am totally against the introduction of these search engines for all users!
I checked the subject of the trackers supposedly authorized on Brave and by checking it is not trackers to trace a user but links allowing the sites to function and display correctly! It is important to distinguish between trackers and technical elements that are “mandatory” for the proper functioning of a site. Moreover Brave proposes a “Strict” mode on the Shield allowing to block totally all the URLs, but it can prevent the normal functioning of sites like Facebook for example.
For the other link about crypto/donations (and like the other link you shared), it’s from 2018 and it’s changed quite a bit, now the BAT payments are made automatically every month.
Do you have any more recent items by any chance? Because these things have been out of date for years!
So am I right with this: The only safe browser is Tor The only safe search engines are SearX and MetaGer
I heard of a different thing called Lokinet, do you think its any good? Thanks
Not full of trackers and things that can be used to fingerprint a browsing session. People have said that Tor is the best counter surveillance tool accessable so I’d imagine it must be pretty secure against any use case
As to tracking your ad clicks, I cannot remember the last time I saw an ad on DuckDuckGo, so I cannot myself evaluate how they look and behave.
As for Brave Search, I don’t want to judge it straight away as it’s still a rather new search engine. But I am interested in knowing more about their independent web crawling methods. They state that a large majority of search results result from their own crawling, from something they call the Web Discovery Project. I have not found clear information on how this crawling is conducted, but it seems that they use usage data from Brave Browser users. Considering that the feature is opt-in, and again assuming that their engine builds on this usage data, I am surprised at how good search results their engine provides me with.
Another up-and-coming search provider I deem interesting is yep.com. It was launched very recently. They rely on their own web crawling for all search results. They claim to not store IP addresses (but they do process it in some way) or user agents. They do store search queries. I don’t think their search results are as good as the larger providers, especially for regional content, but this may change. It will be interesting to see how this one matures as well, and whether or not it will continue to be Tor-friendly.
Note that in this post I deliberately ignore the privacy practices contained in these search providers’ other products. I personally don’t deem it very relevant for Tor Browser users whether or not the a provider’s other products whitelist or contain specific tracking domains. I consider it a personal ethical choice whether or not to boycott those products. You may disagree, that is fine for me and I welcome discussion.
Thanks for getting back to me. Does this mean that you could get the same level of privacy in Brave by simply just using a VPN? If the only thing TBB does is replace the IP then a VPN can do the same and its definitely owned by people with a history and reputation whereas Tor is owned by nobody and consists of anybody? Please let me know if I misunderstood. VPN seems to be a frightening word for people on here, but if you do research its possible to find companies which are court proven as useless for obtaining info
No, Tor Browser includes fingerprinting mitigations and sends your internet traffic through three different relays, hindering any one relay/server to know both your true IP address and the sites you browse. That’s very crudely put. I’m not an expert, so if you’re interested in the privacy features of Tor Browser, I suggest you start by reading https://support.torproject.org/
Generally speaking, Tor aims to solve three privacy problems:
First, Tor prevents websites and other services from learning your location, which they can use to build databases about your habits and interests. With Tor, your Internet connections don’t give you away by default – now you can have the ability to choose, for each connection, how much information to reveal.
Second, Tor prevents people watching your traffic locally (such as your ISP or someone with access to your home wifi or router) from learning what information you’re fetching and where you’re fetching it from. It also stops them from deciding what you’re allowed to learn and publish – if you can get to any part of the Tor network, you can reach any site on the Internet.
Third, Tor routes your connection through more than one Tor relay so no single relay can learn what you’re up to. Because these relays are run by different individuals or organizations, distributing trust provides more security than the old one hop proxy approach.
Basically, it depends on your threat model, as is repeated over and over in discussions over privacy on the internet.
By using a VPN you are putting your trust in one single provider. If you’re worried that the company may log your activity, they may or they may not. There’s no way to know for sure, and if they don’t log today they might start logging tomorrow. There’s also other things to consider, such as the general security of their servers. With Tor, you avoid putting your trust into one single provider, as you can read more about in the links I provided above.
I’m not going to tell you to use or not use a VPN. You can decide for yourself. I just want to note that it’s perfectly doable to look up information about Tor from credible sources using a search engine.
Brave includes fingerprint mitigation which has been pretty successful in the tests people were doing, it does give a fingerprint but a spoofed one with zero useful data. Most premium VPNs now have a multihop feature meaning the IP your ISP sees and the IP the websites see is different and can’t be linked, your ISP can’t tell whether you are using one or two hops because it can’t see the full pathway.
Thats true, but if you choose a provider with good reputation and history then its nothing to worry about and all VPN companies exist on the strenght of their agreements, if the company has previously been taken to court and couldn’t provide logs because there aren’t any then its a heavy backing of legitimacy. They also wouldn’t go through the struggles of a court case, win it due to no logs, then go and enable logs, that just obviously wouldn’t happen. With VPN you know who runs it and why whereas with Tor it could be ran by literally anybody and you have no idea who they are, previous security flaws within the network have only ever been patched after they were already exploited, not so with VPN. Most companies publish extensive information about how they secure their systems, the guy in his bedroom with a raspberry pi does not.
Its also worth mentioning that several government backed hacking attacks on hidden services with the intent of unmasking users would not have worked if they used a VPN. All the exploits would breach the browser and hit the VPN giving them a VPN IP, all the people who thought its a bad idea to combine Tor with VPN are the ones who got caught. Using just Tor puts 100% of your connection and trust into one user hosted project, if you add VPN its 50% on a reputable company and 50% on whoever you happen to randomly connect through on Tor.