Google's apps offer opt-in voice search (solving Audio), optional end to end encryption for bookmarks & search history (solving Browsing History), while location and diagnostics are opt in as well and it's also up to you if you want to store your address book of store you credit card with Google (solving Contacts & Financial Info).
Yes, most people will probably use Google Contacts, Maps, unencrypted bookmarks & browsing history and and store their credit card data in the browser, but you're not forced to do that.
I really wish DDG would innovate on search, improve their own crawlers & indexing and then attack Google head on by comparing better results with the ad-ridden, SEO-flooded shit show that Google results have become. Instead, their marketing keeps on comparing apples to oranges and just keeps on playing the privacy angle, which is intellectually dishonest because DDG and Google have completely different goals.
Boy do I hope for some real competition in the search engine market. Brave and Neeva can't launch soon enough. I'm so sick and tired of giving DDG changes upon changes only to switch back to Google because the results haven't improved much.
DuckDuckGo's organic results are proxied from Bing (or sometimes Yandex). Their crawler (DuckDuckBot) just fetches favicons and scrapes data for a few Instant Answers.
Most of DuckDuckGo's non-privacy-related selling points are their instant answers, which in my experience are really good.
Alternative indexing engines to the "Big Three" English indexers (Google, Bing, Yandex) with decent privacy include Mojeek, Right Dao, Gigablast, Gowiki, wbsrch, and others. I've counted 16 English alternatives in all.
And yet has no undeprecated pipeline for submitting non-"essential bug fixes" to.
I really love the idea of having an engine that does just a little bit more for me up front, but not if it's all closed off; that's what I'm trying to get away from.
1) Android: Google still owns all our phones. Even on rooted phones it hard to remove google services that god know send so many requests containing whatnot to the eeee addresses. Just install no-root firewall and you will be amazed the amount of pending requests that accumulate in 1 hour.
2) Google search: I guess I can manage with DDG but when it's not that straight forward search, subconciosuly I'm still thinking that let's just do a quick google search to see if i'm not missing anything. And often I find better results. While adblocks makes sure I filter most of the crap.
3) Gmail: Yes there are alternatives but switching emails is hard. It's a big commitment for most people to switch a 10 year old gmail address. And it still works great at filtering spam and whatnot.
And same for maps, youtube and all their services.They really have a big leverage on everyone.
Quiting facebook and instagram was child's play in comparison. I haven't logged in for almost an year now. Quitting google is really hard otoh.
However, assuming you’re willing to pay for privacy, switching e-mail is super easy. For example, from the Fastmail UI, you literally log in to your Google account and all your mail is transferred to Fastmail.
Switching to DDG? It’s 95% as good.
Switching to Apple Maps or OSM? It’s 95% as good.
Google Drive? There are 100 competitors.
There is one site you cannot do without, and that is YouTube. Everything else from Google can easily be ditched, the only two things in your way could be a reluctance to pay money and a slight feeling of unease at having to get used to something else.
I would say for personal stuff (ie, non-programming) it is. For programming, I continually have to switch back to google. DDG is way worse for me. Maybe it's just me, but the types of things I search for just don't work on DDG and I've wasted way too much of my time looking for answers using DDG, only to find them quickly with Google. It totally frustrates me, because I would much rather use DDG.
Critical operators like "site:" are not available in DDG.
The user pays for Google in the end, just not consensually. It's a closed loop. All the money ultimately comes from the users. Product or politics, all advertisers are expecting to get some return.
Unfortunately it's in human nature to not want to pay. Search needs to be a utility that we all fund to make it the best tool for society.
All the money comes from some of the users. Sure Google is collecting everyone's data, but in the end the vast majority of it is worthless. I'd be surprised if even 1% of users are profitable for the ecosystem. The tiny minority clicking on ads and buying products is subsidizing everyone else.
So I have to recoup that cost. I pass that cost onto all of my customers by mixing it into the cost of goods and services. If you buy things from me, even if you are not a subscriber to google/yahoo, you have in effect paid for those services. This is somewhat invisible to the people with those email addresses but does actually affect them, if only a little bit.
Google would tell you that you can simply start with a low volume and ramp up slowly. In reality this is simply not practical for most businesses. This gets into discussions around queue-per-domain management and rate-limit-per-domain, but quickly falls apart when you have to notify a large number of your customers on a time sensitive transaction that is out-of-band from their web browsing experience. A modern work around is to have a cell phone application for notifications rather than email assuming you let your own customers choose that over smtp in their profile. Another work around is to use an email campaign provider that already pays into the whitelists, but then I have to give your email address to a potentially shady company that may cross-sell / cross-market to you.
Android has proven much more difficult to drop, although I'm hopeful that Librem and PinePhone are paving the way for an eventual alternative. I'm still using Android for now, but I at least try to source my apps from F-Droid instead of the Google Play Store.
Maps and YouTube have been a little difficult. I'm trying to use OsmAnd on my phone, but I still find myself going to Google Maps somewhat frequently. I've replaced the YouTube app on my phone with NewPipe and I try to watch content on alternative platforms when possible, but there's a lot of stuff posted exclusively on YouTube.
Same. Paid Protonmail was quick and easy to get my domains working, and DDG works 90% of the time. I occasionally have to throw things to Bing or Google but DDG is pretty good.
For any readers I strongly recommend buying a domain name and then trucking it to whatever email provider you want. Jonny-C-Doe.com let's you keep the same front end name while changing the back end if, say, you don't like protonmail.
And with the blackhole that is Google support, what's the point in feeding the beast? We're all better off using Open Street Map and not rewarding Google for their poor behavior.
For email: Most people have multiple emails - work, school, personal, from the early 2000s. It's not out of this world to switch to an encrypted email service.
Android: Never used it because I like iPhone. And, iPhone is a pretty great alternative to Android - definitely more private. But isn't there GrapheneOS and LineageOS?
FYI, Ads company brought up Startpage. Despite their public statement with privacy for Startpage, I don't trust them since they can 180 it without any repercussion.
If you have questions, let me know.
If I can't ssh into their servers and have a look-see or run my own instance, then their claims are unverifiable.
And, it happens that System1 is interested in "capturing" that revenue from contextual advertising.
"System1 is interested in Startpage's ad revenue, not its data," the company said. "The reason a company like System1 openly owns other search engines and consumer tech products like Info.com and Mapquest is that they want to capture that ad revenue that is slowly shifting to private search engines. There has been a steady increase in people using private search engines and therefore a steady increase in their revenue. It is a growing market that they feel will continue to thrive and grow." (https://www.computing.co.uk/news/4017337/privacy-focused-sea...)
That being said: At the end of the day, it all comes back to trust. Even with OSS, you have to trust that they won't change the code. And, you should use products that you trust to best protect your privacy.
Advertising on a search engine is main form of revenue > pays employees > updates > keeps current users and gets new users. You could make the argument for crowd sourcing, but it doesn't always work.
Email is generically really great in this regard. Very little lockin.
I hate filtering spam, but it's outright dangerous to not have an effective spam/malware filter for my parents and children.
Android: iPhone. I don't know if I trust Apple more than Google, but at least on the surface level our interests align better. Might try a Librem 5 or Google-less Android in the future.
Google search: DDG. Agreed with your points there, sometimes it's tempting to go back to Google.
Gmail: Hey.com commercial account, plus a custom domain and individual aliases for each service I give my email address to. That helps with portability somewhat, in the future at least.
Maps: Apple Maps has been pretty nice. Might give OpenStreetMap a try.
Android Auto: Apple Car Play. I wish there were a better option that didn't depend on Apple.
Google Drive: OneDrive, but I'm looking for alternatives.
Half the data Chrome collects is harmless, and the other half is up to the user to give up:
- Location data: you are asked and must approve for Chrome to use (at least on macOS)
- Financial data: you must enter it manually and click "save for future use".
Could it be better? Sure! But I think DDG is exaggerating here. We're not _that_ bad.
Also, none of that data is harmless.
> I think DDG is exaggerating here
Google shouldn't be basing advertising off of individualized browser histories in the first place, I don't think it's an exaggeration to call that a massive privacy issue. It's a single category, but one that encompasses basically everything you do online.
And while you can technically turn this off in Google settings, doing so will break a large number of Google products and features in other apps because Google ties access to browser histories and app data into other products in a way that is impossible to disentangle from normal functionality.
Back when I used to use Google Maps, turning off location-based advertising disabled my ability to save locations. Like, I couldn't mark a place on the map as my home on my local device unless I gave Google permission to advertise to me based on my location. Every time I wanted to navigate there, I needed to type in the full address. Even weirder, turning off web history took away my ability to use voice commands with my contact list on Android phones. I couldn't tell my phone "call mom", because that feature required access to my search history.
So this phrase "we're not that bad" creates this impression that Google isn't perfect but is still basically respecting privacy choices everywhere, and that any violations are just accidental -- when in reality trying to opt out of these systems is met with outright hostility from Google products, and giving an inch in any area is often interpreted by Google as permission to use that data in any way they see fit.
The system is a lot deeper and more deliberate than the parent comment suggests.
Does location data even help with relevance?
During road trips in 2018, location relevant results were turrible. Too many times I'd have to manually add my current location. eg "dog parks albuquerque nm" Sorry, no, I don't care about Dog Park Pub and Office Supplies in Duluth MN. Absolutely enraging.
e.g. a search for "home depot" turning up the close ones with location turned on.
I vividly recall wanting to pick up some flowers while driving north of Phoenix. Google was useless. No local businesses. Just national chains and stuff from other time zones. Infuriating.
Wait, why do you say that? There's nothing inherent to the way that assistants work that mean that they need full access to everything in my life.
Human beings are "AI complete", but when I go to the library and ask them to help me find a book, they don't demand that I show them my phone contacts first. Data access and intelligence are separate concepts.
And Google's voice assistant could figure out what phone number I mean when I say "call mom" without doing anything involving AI at all, because I actually explicitly put that information into my address book in machine-readable, labeled fields. The assistant doesn't need to have an advanced AI to solve that problem, and it certainly doesn't need to look at my search history.
If true, that still doesn't negate the other half that is not harmless.
More importantly, how about I get to choose what I consider harmless, rather than having a Silicon Valley advertising agency do that for me?
Also, there's no way of knowing what Google shoves into the "other" category. Sunlight disinfects, even in Mountain View.
But beware, Chrome's lead on render speed is most likely thanks to the performance data they collect.
Any other browser you may choose might not collect that data, but don't be surprised if it halves your battery life and takes twice the time to render stuff (such as Firefox in macOS about 6 months ago, don't know how it performs now).
There are reasons for data collection, and I don't think everything is used for malitious intent, which is DDG's point.
That is not DDG's point at all. Their point is right in the linked tweet - "Spying on users has nothing to do with building a great web browser or search engine."
Clearly the fix is collecting even more performance data! :)
This is literally what Chrome does on a MacBook, the battery drain is insane
Also, why must all the services attempt to guilt me into turning it back on?
Enable it, then set home and work. Then disable it.
So this is not your GPS data but most likely IP based city/metro.
Also it says "may" everywhere. AFAIK DDG may be doing all of those things too.
From a technical POV this looks such a huge FUD that it's sad.
Except that DDG explicitly says they are not:
When you access DuckDuckGo (or any Web site), your Web browser automatically sends information about your computer, e.g. your User agent and IP address.
Because this information could be used to link you to your searches, we do not log (store) it at all. This is a very unusual practice, but we feel it is an important step to protect your privacy.
If they don't store IP addresses then (I believe) they can't use wifi-router-based methods to find your location. Your browser also doesn't get a popup asking to give ddg your location.
So yeah I stand by my link and my interpretation of it.
At this point, I think mine is more of a nihilism towards this as I cut everything at the only reliable level: the network.
But even then, I've hammered myself way too much over privacy, and it didn't make me any happier, since, at the end of the day, if anyone wants to track you, they'll track you.
I also think that data that might be harmful to a user because it could record them breaking a law should be thought of differently than data that could be harmful when used maliciously by a third party. Even allowing for the often oppressive and unfair application of the law, data that is harmful to the user when sent to the authorities should be considered differently than other data because there is obviously a balancing question around relative harms to different parties. If you witness a crime, reporting it might be good, but it isn't always.
 Personally I feel like providers should be legally barred from doing anything other than responding to warrants for information related to a real person and they should, in that case, be prevented from including any information linked through statistical imputation.
Is browsing history being used as evidence in criminal prosecution? Where? How?
A little far fetched, but if you're employed by one of those agencies, your boss (or bosses boss etc) can access _your_ data, find out how often you're googling basic information and use that information against you.
as the tumblr kids say, satire requires a clarity of purpose and target lest it be mistaken for and contribute to that which it intends to criticize.
This isn’t true. The risk is currently low of actually being targeted but that doesn’t mean people are not at risk.
Also law enforcement is not the only problem by a long shot. Civil suits, family court, etc, all routinely use browsing history data.
"Police confirms that Disha was arrested after Google shared details."
(In case anyone thinks google sells search history retail: this is a joke...at least for now).
When presented with a screen that's hiding a silly cat picture they would just instinctively would click "I agree" 99 times out of 100, and at that moment, and maybe most, they really don't care...
Is there anything that _cant_ be better? I'm sure as engineers we can all come up with proposed improvements on pretty much anything. :)
>But I think DDG is exaggerating here. We're not _that_ bad.
The point (that DDG is making, paraphrased here) is spying on the user is not necessary to build a great browser/search engine. Do you disagree with that? I don't.
That said, I have to make a conscious choice to avoid Google data collection wherever I can, but I still end up using many Google products. I was more accepting when data collected was silo'ed in individual Google services. Now that those barriers are down , it will probably take government intervention to re-isolate key platforms (like Chrome, Android, Youtube, Search, Ads, Maps, etc.)
Now if only we could take away Apple's ability to create a walled-garden...
Alternatively, if only people who don't like Apple's solutions would just go away and leave those of us who do alone.
I'm assuming by your use of the word "we're" that you work for Google?
It's a complete violation of privacy.
Until it's not. Meaning, we don't know if there's a way yet to harm users, or we don't know if anyone is actually using it to harm users.
If it's harmless, don't collect it.
The reason Chrome is so fast, is most likely thanks to the performance (harmless) data it collects.
Firefox may be proud of not collecting as much data, but (at least on macOS) they spend twice the battery to render twice as slow.
Not saying you shouldn't be able to choose what data you're collected (which, you are) but there are reasons (not necessarily evil) to get that data to the devs.
What makes it the absolute leader is the void left by a dismal IE, and a completely lost Firefox, a few years back. Today's lead is coasting. I don't know OSx, but perceived performance in Linux/Windows is not any better than today's Firefox/Chromium derivatives, if any at all.
You keep saying "harmless", and keep missing the point. If you don't want data to be used against users, don't collect it. And use explicit opt-in for everything.
This argument is like the classic _well, if you haven't made anything wrong, why do you care if the state collects that much info about you?_. The problem is not being harmless today. Is that, when the moment of being harmful come, then it's too late.
The browser itself is trivial to separate from Google, which is why (completely ungoogled) Chromium exists, but to get yourself out of the Google services web is very, very, hard.
For me, the Google search is sometimes magical. Way better than any other.
I think these are self-assessments, and crowing that you've assessed yourself as not having problems is not a very reliable sign that you don't have any problems.
Pretty much. My understanding is that they're self-reported (as opposed to inferred from eg SDK/API usage), but I haven't looked into it super deeply.
Who is surprised here? Google makes money by spying on people. Everything they make is designed to make money. Search history gathers what you are interested in. Android and Chrome vacuum your physical data and more. YouTube both gathers your interests and might become a serious advertising platform someday. Gmail vacuums up what Android messaging misses. Google Ads, Fonts, and Analytics catch anyone who isn't using Chrome with the help of webmasters. Every major Google product is designed around one purpose: knowing everything about you.
I have used Firefox for years and years because this is obvious to me. Google shuts down divisions that make a lot of money all the time. Yet somehow, they are just spending ungodly amounts of money on all this "free stuff." Please. I don't care if you watch a 30 minute YouTube video on how to set all of your Google settings in just the right way for them to graciously not upload live video of your face. Two patches later you have to do it again. This is all while trusting this highly sketchy company to honor its settings. It's like trying to set the perfect contract with a demon or wish for a monkey paw. The real way to win is to not do it.
I think that the average person on the street might jokingly say that Google knows everything, but seeing the extent of that data collection right in front of them might have a different emotional impact.
It will only get worse. Google always steps on everyone when it dominates a market. Gmail marked your private email server as spam by mistake? Good luck even finding someone to care. Chrome is at this very moment disabling the HTTP2 standard push feature, essentially asserting Chrome as the real standards body.
This is what all of us chose. Without some regulatory body stepping in, privacy will never come back. Even then, that regulatory body will probably be completely staffed by Googlers, since they are experts in Internet privacy.
And yes, privacy law is needed to bring privacy back. But, it's also people and privacy friendly products. We have some power. Don't dismiss everyone because one company is too big.
Wait..was this a secret?
So, instead of handing all of your info to Google, you hand it over to Apple.
Nothing to write home about.
We live in an era where you can be a tinfoil hat closed off out of touch Linux user or just deal with it. Nobody likes it so you're not special for touting an obviously majority opinion. But the utility it brings to connect people makes most forget and not care.
PS Also, I'd rather share *some* data with a company that proactively (1,2) teaches users how to minimize data sharing and is moving to an opt-in model rather than opt-out. I realize that this is a marketing strategy also. But at least it's not disingenuous.
You can’t stop Google doing geoip, but you can stop iOS providing GPS to Google.
Device id’s can indeed be switched off.
(Disclosure: I work at Google, speaking only for myself)
2) Bing belongs to Microsoft whose primary business is to sell software, not ads, so they are less dependent on collecting user information.
3) If I wanted a search aggregator, I would use a non-US company, for example, Qwant.
2) If it's non-private, it still collects personal data.
3) Or Startpage - HQed in the Netherlands, hides IP address, Anonymous View feature lets you visit results in private, and Google results.
If it was true they would not collect every keystroke on their OS.
How does the duckduckgo mobile browser compare to safari on iOS with regards to privacy though?
Also, this post is about iOS...
The Chrome engine provides app Web functionality (on Android).
Forcing all Chrome users to disclose data is coercive.
Chrome has ~70% browser share.
Using Brave + Duck duck go.
Any reasons not too?
Besides, the Basic Attention Token crap in Brave is kinda shady.
Or IceCat. Or, even better, original Firefox.
Firefox's internals are great -- it's never been faster or as stable, and for that we made real sacrifices like losing XUL extensions but increasingly I don't understand Mozilla's decision making.
EDIT: I understand many of the things I'm talking about can be fixed with about:config. I had a list of over 30 flags in my notes and it was becoming untenable to patch all my devices whenever a feature I needed was changed or removed. Whereas with Waterfox, I so far have only one about:config change:
dom.security.https_only_mode = true
Yeah lots of (usually subtle-ish) incongruous actions.
Ignore the public messaging and work backwards from what they actually do to understand their real motivations.
I've written some other comments with my analysis on it if you're interests you can check my comment history.
I've only been using Brave for the last ~2months.
Edit: Also the manifest v3 thingy which made Ublock Origin operation restricted, also I think it prevented CNAME uncloaking. Idk whether Google went ahead with manifest v3 though.
"Ungoogled Chromium", while FOSS, have no good update method, and since i'm not going to build it myself, I don't have the same level of trust that something malicious hasn't been implanted.
Brave provides similar features to ungoogled chromium and I don't have to support Mozilla or Google and their practices.
Big issue is the trust factor. As well as all the Chrome zero days going out, not having security updates in a timely manner is risky.
"If you are not paying for it, you're not the customer; you're the product being sold"
You put quotes around reputable and rightly so. Brave just bought a ton of clickstream data, harvested stealthily by another "privacy-focused" browser. When it comes to privacy, no, I don't trust Brave an inch.
Look at what the last paragraph says despite the title:
The updated version of Google’s code of conduct still retains one reference to the company’s unofficial motto—the final line of the document is still: “And remember… don’t be evil, and if you see something that you think isn’t right – speak up!”
(And, yeah, it's also my fault for not having checked primary sources at the time.)
That is nothing short of a cartoon movie villain.
AKA: they moved the line from the opening statement to the closing statement.
I love data collection, it makes the web sing!
It's the same with all messengers. I use facebook messenger (because everybody around me use it) and i know that they collect a lot of data (and have acess to my chats). For me, still threat isn't facebook but my acquaintances who use weak password, so they're easy target (and my messages would be compromised).
We have to change our mind about computers. Everything can be exploited and used against us.
Afaik it’s more secure. Personally, I’ve enabled DNS-over-HTTPS and HTTPS-only mode, which are both available as standard options in Firefox. There are more security options on the about:config page.
Of course, there’s also Enhanced Tracking Protection, which is enabled by default. It’s more of a privacy feature, but it has a positive effect on security as well..
Firefox doesn't have a Spectre vulnerability that allows websites to read crossorigin images, videos, and JS that won't be fixed for another month or 2 :)