← Back to context

Comment by MostlyStable

1 year ago

One of the biggest complaints about Kagi from people who have not yet adopted it is their privacy concerns around having to login and have payment information.

I'm not one of the people that has been concerned about that, but I'm curious to what extent this alleviates those concerns among those that have had them.

7 comments

MostlyStable

Reply
g-b-r  1 year ago

> I'm not one of the people that has been concerned about that, but I'm curious to what extent this alleviates those concerns among those that have had them.

I am, it's mind-blowing to me that anyone would login to a search engine (yes, I know how many do it, now).

After a brief verification of the system, I'm pretty sure I'll sign up, now

  • ericrallen  1 year ago

    Logging in to a search engine weirded me out at first, but after about a week I was so pleased with the results that I’ve been happily paying for almost a year now.

    I honestly feel like any major free search engine is probably doing more to try to track you anyway.

    And if you’re going to search something you want to be anonymous, you can just like use another search engine. I honestly haven’t run into the situation where I needed to.

    I do worry that some day someone will be able to see how often I forget basic syntax for some JavaScript or Python method - or how often I can’t be bothered to type out a full domain and just search to navigate to it - but that’s a price I’m also willing to pay.

  • mvieira38  1 year ago

    Most people are riding 24/7 with a Google session active, as it carries from Youtube/Chrome to Search. I don't think many realize it

  • xigoi  1 year ago

    Why would you not want to login to a personalized service (unless you really need to be anonymous for some reason)?

faeranne  1 year ago

Assuming the cryptography does what they say it does (am not a cryptography expert, so I can't verify that part), this would completely disjoin a search request from any account info. The account generates several "search tokens", and for each search request, one of those tokens is spent. The tokens are generated on-device, and until spent, never leave the device, so in theory there's no way for Kagi to know which account generated the token just from the token alone. This doesn't fix fingerprinting or IP associations (though the plugin for Firefox and Chrome supposedly takes efforts to try and limit fingerprinting too), but this isn't any better/worse than simply using Google or Duckduckgo, and functions on Tor if you really want some privacy.

Again, not sure on how the tokens are proven legit without ever sharing them, but there's probably some ~~zero-knowledge proof~~ stuff going on that covers that.

Edit: Not zero-knowledge proof. Seems to be Blind Signature?

  • sedatk  1 year ago

    > This doesn't fix fingerprinting or IP associations

    It solves the problem of using a paid service without compromising customer’s privacy which is a breakthrough. The rest are different problems and they are universal issues with various existing solutions as you already pointed out.

  • sanbor  1 year ago

    Most of the time I have ProtonVPN in my phone and computer, which solves the IP association problem for me