resist1984 @resist1984@social.privacytools.io

@VikingKong The flaw in your premise is the assumption that it's possible to visit a #Cloudflare site without harming privacy. When you give traffic to a CF site, you inherently undermine privacy by feeding privacy abusers, normie or not, defensive tools or not. When you support a privacy abuser, you are deciding for everyone that the abusive site is worthy of existence.

@tuxicoman not sure. It was mentioned in this video: https://chaos.social/@onepict/106602054176156448

#Lowes & #Macys are both using #FacialRecognition on customers who enter their store. #Boycott them.

@Bmz @SaulRS951 There is also yacy.everdot.org but i've not used it lately. And there is searx.everdot.org, which likely sources from everdot's #yacy instance.

@modrobert @otso the hostname "sercxi." is essential. If I omit the hostname, it fails even in Tor Browser. If you prefer, you can visit https://onion.sercxi.eu.org/ from Tor and it will redirect to the onion site. There is also https://sercxi.eu.org/, which works exclusively over clearnet.

@modrobert @otso I just tried it in #UngoogledChromium with DNT enabled, and indeed it does not work. The site is deliberately fussy & seems to want to encourage users to shrink their browser print, but I'm not sure what else is needed. It works for me in Tor Browser.

@otso @modrobert The onion URL works, but not for everyone. Tor Browser has no issues unless you've disabled #DoNotTrack. Other browsers will work, but you must enable DNT. If it still doesn't work, plz let me know and i'll make it known.

@VikingKong If you're not really committed to privacy, then I have to say #DDG might be a perfect fit for you. The whole business model of #DuckDuckGo is based on privacy propaganda.. to sell the illusion of privacy. If you want a search engine that's committed to privacy, you use Ss.

@modrobert Consider what Ss does: it folds the #Cloudflare results at the bottom of the page. If the leading results are lacking, you can scroll to the bottom, unfold the CF sites & click the favicons to visit the archived mirrors of those sites. Ss: sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion

@modrobert Studies show that a search result is *twice* as likely to be clicked on than the result immediately below it. So rank matters. A privacy respecting search engine does not give high ranks to Cloudflare sites.

@VikingKong Just as DDG financially supports #Microsoft. Even if Microsoft does not exploit the opportunity to see your IP when connecting to Azure-hosted DDG, & then match that IP to your query that DDG passes to Bing, you're still helping DDG feed Microsoft (who doesn't serve DDG for free).

@VikingKong And if you actually want to deal with #Cloudflare sites, then at best you're only pretending to favor privacy. To give your attention & traffic to a privacy abuser is to feed the abuser. Even if you think you've managed to work out how to mitigate disclosure throughout your connection, you're still feeding a privacy abuser by giving them attention.

@VikingKong You've set a very low standard of privacy by disregarding privacy abuses in the results. Filtering results is what search engines do; it's the whole point. If a search engine were to return to you their whole index you would learn very quickly the importance of filtering. A search engine that gives you results you don't want isn't serving you well.

@seven @Fairphone @protonmail @FediFollows @1ll173r47 My accountant's threat model did not include deliberate malice from me.

@SaulRS951 well there is a clearnet version of Ss but i've not tried it myself. It's sercxi.eu.org. I don't think it has reliable uptime but if you manage to access it when it's up then it's your best option. Otherwise metasearch.nl or the like is probably your next best option.

@1ll173r47 @FediFollows @protonmail @Fairphone @seven So the msg would get past her email firewall but not the realtime scanner. If she needed to go a step further (not sure why), she probably could have gotten a sitewide PGP tool, which would do all the crypto/decrypto outside of the MUA as a builtin feature of her mail server of sorts, in which case the MUA doesn't even know crypto is involved. Then the email fw could intervene.

@seven @Fairphone @protonmail @FediFollows @1ll173r47 If i generate a doc and send it, and it has a malicious payload, then that would in fact require malware that infects linux. If linux is not infected, it's not reproducing within linux either. If you mean that an electronic receipt or gov doc that I receive & forward would be infected, sure that's possible, but IIRC her version of windows included a realtime scanner.

@SaulRS951 my preferred search engine for advanced users is sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion Nothing is better than that. It filters out #Cloudflare sites. Short of that, for novice users there is metasearch.nl, yacy.noisytoot.org, openworlds.info, search.disroot.org, and metager.de.