Hacker News new | past | comments | ask | show | jobs | submit login

If you're going to bother using TOR, then you may as well just use Google Search then.



Tor doesn't keep the site from knowing who you are. It only prevents an observer from determining the relationship between you and that site from traffic alone, as that is encrypted and obfuscated.

So if you're using Google directly via TOR, you're back in the risk case that your data-at-rest identify you. They can be linked by various means: your username, if that identifies you, by patterns of behavior across multiple sites, by ad syndication networks and shared cookies, etc.

So, no, TOR alone isn't sufficient security in the case of Google.


Your patterns of behavior across multiple sites is not going change whether you're using DDG or Google. And presumably, if you are using TOR, you are not logged into Google, using an incognito window, have scripts to block Google Analytics, etc.

If the NSA is tracking you across the internet outside of Google's Search Box, you've got bigger problems than Search History. Searching for "Bomb Making 101" is the least of your problems if they see you actually visiting BombMaking.com as well as BombMaterialsShop.com

You're postulating a threat model in which anonymized and proxied browsing isn't good enough, because somehow they'll capture all your behavior anyway and then tie it to anonymous search history. My point is, if they can do that, frankly, the fact that they have your search history is the least of your troubles.

This appears to be a threat model specifically designed to sell the DDG use case and fight the notion that using Google un-logged in via a privacy browser isn't "good enough". I'm not sure the case can be made that the DDG scenario is marginally better enough to justify worse search results.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: