@SaulRS951 my preferred search engine for advanced users is sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion Nothing is better than that. It filters out #Cloudflare sites. Short of that, for novice users there is metasearch.nl, yacy.noisytoot.org, openworlds.info, search.disroot.org, and metager.de.

@resist1984 the .onion engine reads like a shitpost

@resist1984 but disregarding .onion domains (I use a non-tor browser (how good is librewolf?)), which engine would you recommend?

@SaulRS951 well there is a clearnet version of Ss but i've not tried it myself. It's sercxi.eu.org. I don't think it has reliable uptime but if you manage to access it when it's up then it's your best option. Otherwise metasearch.nl or the like is probably your next best option.

@resist1984 @SaulRS951 very interesting, as usual. But I can't reach yacy.noisytoot.org ....Do you know another yacy instance??

@Bmz @SaulRS951 There is also yacy.everdot.org but i've not used it lately. And there is searx.everdot.org, which likely sources from everdot's #yacy instance.

@resist1984 @SaulRS951 thanks!!

@VikingKong You've set a very low standard of privacy by disregarding privacy abuses in the results. Filtering results is what search engines do; it's the whole point. If a search engine were to return to you their whole index you would learn very quickly the importance of filtering. A search engine that gives you results you don't want isn't serving you well.

@VikingKong And if you actually want to deal with #Cloudflare sites, then at best you're only pretending to favor privacy. To give your attention & traffic to a privacy abuser is to feed the abuser. Even if you think you've managed to work out how to mitigate disclosure throughout your connection, you're still feeding a privacy abuser by giving them attention.

@VikingKong Just as DDG financially supports #Microsoft. Even if Microsoft does not exploit the opportunity to see your IP when connecting to Azure-hosted DDG, & then match that IP to your query that DDG passes to Bing, you're still helping DDG feed Microsoft (who doesn't serve DDG for free).

@VikingKong If you're not really committed to privacy, then I have to say #DDG might be a perfect fit for you. The whole business model of #DuckDuckGo is based on privacy propaganda.. to sell the illusion of privacy. If you want a search engine that's committed to privacy, you use Ss.

@resist1984
Sounds like "you're setting a very low standard of privacy if you don't allow a search engine to know better what results do you need". It's a pretty normie thing when some sort of Big Brother decides for people what is good and and what is evil. I know how to deal with my security and search engines shouldn't impose anything on me.
What about your last sentence — a search engine shouldn't give me results I want it should give me relevant results, that's all.

@VikingKong The flaw in your premise is the assumption that it's possible to visit a #Cloudflare site without harming privacy. When you give traffic to a CF site, you inherently undermine privacy by feeding privacy abusers, normie or not, defensive tools or not. When you support a privacy abuser, you are deciding for everyone that the abusive site is worthy of existence.

@VikingKong "I know how to deal with my security and search engines" <= you clearly do not if you're going to feed a privacy abuser. The underlying problem here is you've taken the selfish & short-sighted "privacy for me" stance, as opposed to "privacy for everyone". Feeding adversaries of privacy is short-sighted because it neglects boycott power as a tool against privacy abusers.

@VikingKong Your unwillingness to stop supporting privacy abusers is indicative of being uncommitted to privacy. It's a right-wing "fuck everyone else" attitude. The problem of that is the web then becomes saturated with poor options which you enable to persist.

@VikingKong There is also an absence of /privacy in numbers/ principles. Choosing not to cooperate with a privacy movement actually lessens your own privacy. E.g. if you don't use the same browser print as others, you expose yourself as well as shrinking privacy in numbers for everyone else. Using Tor helps not just yourself, but it also helps provide cover traffic for other Tor users.

@VikingKong You're suggesting that a so-called pro-privacy search tool recognize & direct users to privacy abusers. Such a move not only works against the privacy mission, you're also asking for inherently irrelevent results. Relevancy is a score based on a number of factors such as whether a website has a white background, so of course a privacy-hostile site is irrelevant to privacy seekers.

@resist1984
A whole Internet beginning with your ISP is a privacy abuser these days, so if you're so concerned, just stop using the Internet. People have to know how to deal with security challenges and be aware of them, but nobody should decide which site is worthy of existence and which is not. What you're talking about is just another facet of cancel culture or some sort of paternalism, it has nothing to do with neither privacy nor security.

@VikingKong Again, you're clearly not committed to privacy if you visit #Cloudflare sites. Yet you expect a search engine to cater for normie needs. If a search engine that specializes in privacy would compromize their results in order to please those who are not committed to privacy, it would cease to be a pro-privacy search engine. Instead, it would just be another #DDG or #Google.

@VikingKong Privacy is relative. It's a false dichotomy to say it's a binary. #Cloudflare sites are clearly at the bottom end of the spectrum, and when they are suggested by a search engine that claims to be pro-privacy, that search engine is falely positioned.

@VikingKong "People have to know how to deal with security challenges" <= this is precisely why privacy-respecting search engines are useful. They are a great tool for people to deal with security challenges. A tool that litters privacy-respecting results with privacy-abusing garbage (DDG) doesn't help. We don't even want to see the bad options. This is what makes onion.sercxi.eu.org so useful.

@VikingKong Another way to look at this: for every privacy-abusing walled-garden #Cloudflare URL that appears among high ranking results, there is a privacy respecting result further down w/more merit that is denied visibility, which is more relevent to users who value privacy. Elevating #Cloudflare sites to the top is not countering censorship-- it's just censoring something different.

@modrobert Studies show that a search result is *twice* as likely to be clicked on than the result immediately below it. So rank matters. A privacy respecting search engine does not give high ranks to Cloudflare sites.

@modrobert Consider what Ss does: it folds the #Cloudflare results at the bottom of the page. If the leading results are lacking, you can scroll to the bottom, unfold the CF sites & click the favicons to visit the archived mirrors of those sites. Ss: sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion

@resist1984 That Onion URL must be broken, can't load it over Tor. Anyway, I guess that's one way to do it, still prefer a warning so the visitor knows HTTPS to this site is MITMed.

@modrobert @resist1984

I tried too, no go.

@otso @modrobert The onion URL works, but not for everyone. Tor Browser has no issues unless you've disabled #DoNotTrack. Other browsers will work, but you must enable DNT. If it still doesn't work, plz let me know and i'll make it known.

@resist1984 @otso I'm not using Tor browsers, using Chromium over Tor daemon. There is a '.' in the URL, that looks wrong to me, and it doesn't load.

@resist1984 @otso sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion

Specifically the first '.' after 'sercxi' there looks wrong, hidden services Onion URL is a key plus the ".onion" part, and that key will fail.

@modrobert @otso the hostname "sercxi." is essential. If I omit the hostname, it fails even in Tor Browser. If you prefer, you can visit https://onion.sercxi.eu.org/ from Tor and it will redirect to the onion site. There is also https://sercxi.eu.org/, which works exclusively over clearnet.

@resist1984 @otso

"They are 16 characters long for V2 onion services and 56 characters long for V3 onion services."

https://en.wikipedia.org/wiki/.onion#Format

The Onion URL you provided is 63 characters long (not counting the .onion part).

@resist1984 @modrobert

https://sercxi.eu.org/ did work in Waterfox, no joy with the other browsers like Tor Browser

some browsers showed favicon but nothing else, some showed error message about certificate

what is so special about this search engine?

@resist1984 @modrobert

https://onion.sercxi.eu.org/ in Tor Browser it directs to the onion site, but if I go past the warning I get a blank page, favicon (an umbrella) is there, nothing else.

https://sercxi.eu.org/ did now work in Firefox Developer Edition

this must be something experimental still

the point is to eliminate or go around Cloudflare?

would be nice to know a little bit more about this project.

@otso @modrobert Ss helps you avoid #Cloudflare. First, it gives results that are not polluted with CF sites. It's ideal to avoid CF sites completely. If for some reason the non-CF sites are lacking, you can scroll to the bottom of the results and expand the list of CF sites that were filtered out. From there, you can click on the favicons to visit the archive.org mirrors of the CF sites.

@modrobert @otso Ss also flags non-CF sites that block Tor, so you know to go straight to the archives.

@otso @modrobert The umbrella is indeed the correct favicon, but it should not be a blank page. It would be interesting to know what happens if you skip the query form & try a simple GET request, such as: https://sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/?res&rq=companies%20that%20use%20facial%20recognition Notice that everything after "rq=" is the query.

@modrobert @otso Another thing to try is "Ansero". It's another search engine apparently made by the same project: https://ansero.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/

@resist1984 @modrobert @otso sercxi.eu.org/ doesn't work in my clearnet browsers on my mobile internet. With Tor Browser it redirects to the onion address, which also doesn't work.

@modrobert @resist1984 @otso Oh! The https over onion was serious. I corrected it to http.

If I keep the https and allow an exception I get the search page with the umbrella.

@clacke @otso @modrobert yeah, indeed. They use SSL over onion not for crypto, but for verification purposes. So it must be HTTPS, and then you must accept the cert.

@clacke @otso @modrobert What's the error message when you try sercxi.eu.org over clearnet?

$ curl -i https://sercxi.eu.org/ curl: (92) HTTP/2 stream 0 was not closed cleanly: Unknown error code (err 2)

In browsers "Secure connection failed" or "The connection was interrupted".

@resist1984 @clacke @modrobert

it works at times, when it doesn't there is this:

https://sercxi.eu.org/

Secure Connection Failed
An error occurred during a connection to sercxi.eu.org.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

@modrobert @otso I just tried it in #UngoogledChromium with DNT enabled, and indeed it does not work. The site is deliberately fussy & seems to want to encourage users to shrink their browser print, but I'm not sure what else is needed. It works for me in Tor Browser.

@otso @modrobert Sorry, I have to correct what I said earlier. http://onion.sercxi.eu.org/ *works* in Ungoogled Chromium for me. I get a "NET::ERR_CERT_AUTHORITY_INVALID" & was hasty to judge it as "broken". UG presents that error differently than Tor Browser so I didn't realize at 1st that I could click "proceed" in the fine print. Perhaps you have the same error.

@modrobert @otso Note as well that it's safe to ignore the SSL cert warning because you're ultimately going to an onion site, e2ee is inherent in the connection. The site uses SSL not for crypto but as a means for verification, & it tends to alarm people.