Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] DuckDuckGo vs Startpage [was: Help test Tor Browser]

Michael Carbone michael at
Mon Jun 24 22:27:40 PDT 2013

Hash: SHA1

On 06/24/2013 10:00 PM, Mike Perry wrote:
> Michael Carbone:
>> On 06/24/2013 08:20 PM, Mike Perry wrote:
>>> I've had a number of people tell me that they vouch for
>>> DuckDuckGo. What does this even mean? Nobody seems to be
>>> capable of rationally explaining it.
>>> Have you inspected their datacenter/server security? Have you 
>>> audited their logging mechanisms?
>> The data center thing is a non-sequitur -- no third-party service
>> has this type of the transparency. My understanding is that you
>> don't need to trust these service providers to use them
>> anonymously as they are friendly to Tor and no
>> scripts/cookies/etc -- hence the difficulties you mention later
>> on with Bing & Google. So it doesn't split either way between
>> StartPage or DDG. They are equivalent in not allowing personal
>> audits of their servers.
> I was questioning where the "vouching" comes from. "Vouch" is a
> pretty strong word -- it typically suggests that you are laying
> down your reputation on the line to support someone or something
> else, either by oath or by evidence.
> My general point is that DuckDuckGo seems to have a lot of appeal
> behind it, causing many people to endorse it in extreme ways
> without any supporting evidence.
> I want to understand where that support is coming from. As you
> point out, the two engines seem largely identical from the
> perspective of third party "vouching"/audits wrt privacy.
>>> ** Sure, DuckDuckGo runs a hidden service, and also one of the 
>>> slowest Tor relays on the network (rate limited to 50KB/sec or 
>>> less), but it is quite debatable as to if either of these
>>> things are actually helpful to Tor. In fact, such a slow Tor
>>> relay probably harms Tor performance more than helps (in the
>>> rare event that you actually happen to select it).
>> The hidden service is a plus, no? They seem to be trying at
>> least, does Ixquick have either? Maybe it'd be good to reach out
>> to DDG about their relay.
> IxQuick has so far successfully negotiated with Google against
> outright banning us. Google sees a spike in IxQuick traffic every
> time we increase StartPage's prominence in TBB, and this does not
> go unnoticed by Google.
> Unfortunately, Google's knee-jerk reaction to each increase so far
> is to argue harder in favor of banning all Tor users from both
> Startpage and Google, so we'll have to wait and see how this plays
> out...
> Backchannel like that (and direct-channel refusals to work with
> Tor) really makes you wonder about Google's commitment to privacy
> and the freedom of access to information.

Very interesting. I don't know the backchannel relationships but I'd
guess Google's decision to allow or not allow Tor users doesn't depend
on the levels of traffic they get from StartPage from TBB front page.
And if it does then that'd be pretty sad, as you note.

>> Just trying to rationally explain it.
> I would not rationally use the hidden service version in lieu of
> https by default.
> As I alluded to through my questioning of the https backend link to
> Bing, the transit path from Tor to DDG is not the weakest link in
> an already-https search engine.

Okay, so this seems to be the sticking point? Using the !g bang syntax
they route Google requests through DDG (so you can search Google if
you want, even though they don't seem to rely on Google for their own
index). Is that reroute different than what Ixquick does? I don't
know. For the index itself, I wasn't able to find anything on the
technical connection between DDG and their index sources.

Apparently the founder of DDG is interested in getting an external
audit, so this might be the type of issue that could solve? He was
looking for external audit recommendations as of two days ago (
). I'd ping him @yegg or yegg at with some recs.

> Further, claims that the performance is the same or similar are
> not rigorous.
> Hidden service circuits require ~4X as many Tor router traversals
> as normal Tor exit circuits to set up, and unlike normal Tor exit
> circuits, they are often *not* prebuilt. Once they are set up, they
> still require 2X as many Tor router traversals end-to-end as normal
> circuits. You could easily circle the globe several times to issue
> a single search query.
> And all this is to use the Tor hidden service's 80bit-secure hash 
> instead of an https cert, along with all of the other issues with
> Tor Hidden Services that have accumulated over the past decade due
> to the lack of time for maintenance on Tor's part? I am not
> convinced.

This is good to know -- don't promote hidden service versions of
websites (including DDG) when they have an https version, as hidden
services are broken as of now.


- -- 
Michael Carbone
Manager of Tech Policy & Programs
Access |
michael at | PGP: 0x81B7A13E
PGP Fingerprint: 25EC 1D0F 2D44 C4F4 5BEF EF83 C471 AD94 81B7 A13E



More information about the liberationtech mailing list