Skip to main content


 

"How to Live Without Google" - and getting it all wrong



In a failed attempt to improve users personal privacy, DuckDuckGo jumps from the frying pan straight into the fire. With the motto
Remove Google from your life? Yes, it can be done!
they give ten advices, most of them very bad. Also, they are using inexact wording by calling things free, when they are "free as in beer", but not necessarily "free as in freedom". I comment on their three worst recommendations:
Google Search -> DuckDuckGo (free)
Let's start off with the easiest one! Switching to DuckDuckGo not only keeps your searches private but also gives you extra advantages such as our bang shortcuts, handy Instant Answers, and knowing you're not trapped in a filter bubble.
I understand, that they advertise their own service here. And while I do believe, that DuckDuckGo does not cheat and keeps your searches private, as a user, one cannot prove it. In any case, one just replaces one centralised search machine with another one. Better use a decentralised service, such as meta search engine Searx.
Android -> iOS (paid)
The most popular alternative to Android is of course iOS, which offers easy device encryption and encrypted messaging via iMessage by default. We also have tips to increase privacy protection on your iPhone or iPad.
This is certainly the worst recommendation in their list. I had to check the date of the article, when I read this. Aprils Fool's Day? I'm certainly not a fan of Android and I'm not an Android user anymore, but going for a much more restrictive jail is just stupid. Android has at least relatively free versions, e.g. Replicant. iOS, in contrast, is a carcel with beautifully painted walls. Very high walls with perfectly styled barbed wire on top. Even the most proprietary variants of Android let you at least install free software from F-Droid.org.

If you don't want to use Android anymore, like myself, better go for a free alternative, e.g. support the Librem 5 crowdfunding, or the Pyra handheld or the ZeroPhone, all three running the free Debian operating system.
Google Allo -> Signal (free)
There are several services offering private messaging but, as we've mentioned before, Signal gets our recommendation. It offers free, end-to-end encryption for both messages and private calls. It's also recommended by Edward Snowden and renowned security expert Bruce Schneier, among others.
Again, they recommend to leave one centralised service for another one. And one, that even wants your phone number, otherwise you can't use it. And one, that does not yet have a decent client for Linux. There are messengers around that are federated or completely decentralised, that do not force you give them your phone number, and that have native clients for all major operating systems. My recommendation is XMPP. If you are on Linux, use e.g. Gajim, on Android the best app is probably Conversations, for iOS there is ChatSecure and so on. Alternatives to XMPP are Ring, Matrix and more recently Wire.

Benjamin Franklin wrote in 1755:
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
One should also not give up libre software, which is essential in many ways, to purchase a little perceived safety or privacy through non-free or centralised services.

#duckduckgo #google #searx #replicant #fdroid #librem5 #pyra #zerophone #debian #xmpp #gajim #conversations #chatsecure #ring #matrix #wire

How to Live Without Google

Google tracking is more pervasive than most people realize. We show you some alternatives to Google services to limit your exposure.

#signal fans are also here. Hey peeps #Matrix #Riot is waiting for you guys. Pure Decentralised chat is on the table.


@Pavithran S Yes, please use Matrix or XMPP or Ring (completely decentralised!) or Wire (client was "always" free, server has just been liberated!), not Signal, Telegram or Whatsapp.

However: As a Debian (testing and stable) user, my options are XMPP (many servers and clients available) or Ring. Matrix is not yet an option, because it has only a server in testing, and a client in unstable (purple-matrix, which is said to be sub-optimal). Wire is, AFAIK, not in Debian at all.

Switch to Archlinux! :P The AUR got 'native' clients for riot/matrix and wire. Both work really well. :)
(If I understand correctly, all of these are federated. Better but still not fully ... (still not sure what to call this - p2p? decentralised?) I think there's nothing usable, yet. I, myself am conceptually a huge fan of #gnunet. Hope it will evolve to something meaningful soonis.)

thanks for the analysis
the android alternatives look nice
you can try searx here https://framabee.org/

Luckily there are lots of self-hosted searx-instances.
Even .onions, eg. http://searchb5a7tmimez.onion/, but others, too.
Someone also reported that it's really feasible running it on your own machine (laptop), haven't tried it, though.

@resu@diasp.org For privacy, it is probably good, if one does not always use the same searx instance, but rotate. First, because you cannot be sure, whether one or multiple searx admins are spying on you. Second, because the actual search engines behind searx (Google, Bing, etc.) might be able to identify individual users of a specific searx instance. Running your own searx is good (and easy, as it is packaged for Debian and other distros), but you should not use only your own instance, and your instance should be used by different people to blur the search profile.

Disroot has searx and I trust it. But I am more interested in a rotating searx engine. Something like a meta engine on top of searx which selects multiples searx instances all across the world.

@Pavithran S I did sudo apt install nginx-light on my notebook. /etc/nginx/sites-enabled is a symlink to /etc/nginx/sites-available/searx, which contains:
upstream searx {
server 127.0.0.1:50001;
server 127.0.0.1:50002;
server 127.0.0.1:50003;
}

server {
listen 50001;
return 302 http://searx.me$request_uri;
}

server {
listen 50002;
return 302 http://search.disroot.org$request_uri;
}

server {
listen 50003;
return 302 http://framabee.org$request_uri;
}

server {
listen 80;
server_name 127.0.0.1;

location / {
proxy_pass http://searx;
}
}


(A sudo systemctl restart nginx.service activates this.)
Now I can:
$ w3m "http://127.0.0.1?q=caturday"

Typo alarm! /etc/nginx/sites-enabled/searx is a symlink to /etc/nginx/sites-available/searx, of course.

Thanks, it looks nice. we need to add more instances. Maybe 100 of them lol

@Pavithran S Just make a text file:
searx.me
search.disroot.org
framebee.org


and so on. Run this script:
#!/usr/bin/python3

import sys

servers = [t for t in [s.strip() for s in sys.stdin.readlines()] if len(t)]

print("upstream searx {")
for n in range(len(servers)):
print("\tserver 127.0.0.1:%d;" % (50001 + n))
print("}")

for n, s in enumerate(servers):
print("\nserver {\n\tlisten %d;\n\treturn 302 http://%s$request_uri;\n}"
% (50001 + n, s))

print("\nserver {\n\tlisten 80;\n\tserver_name 127.0.0.1;\n")
print("\tlocation / {\n\t\tproxy_pass http://searx;\n\t}\n}")


like $ script < textfile > searx. But every entity eats a local port. Maybe not a good idea for too many entities. Maybe have a list of 100 instances, but generate every day a new config with 10 random hosts?

Also, we need search plugins for Firefox and Chromium to search on http://127.0.0.1?q={searchTerms}.

Really cool, thanks! :)