DuckDuckGo's privacy abuses-- current, historic, and by proxy
There are substantial privacy and civil liberty issues with DuckDuckGo. Here they are spot-lighted:
Nefarious History of DDG founder & CEO:
DDG's founder (Gabriel Weinberg) has a
history
of privacy abuse, starting with his founding of
Names DB, a
surveillance capitalist service designed to coerce naive users to
submit sensitive information about their friends. (2006)
Weinberg's
motivation for creating DDG was not actually to "spread privacy"; it was to
create something big, something that would compete with big
players. As a privacy abuser during the conception of DDG (Names
Database), Weinberg sought to become a big-name legacy. Privacy
is Weinberg's means (not ends) in that endeavor. Clearly he
doesn't value privacy -- he values perception of privacy.
Direct Privacy Abuse:
DDG was caught violating its own
privacy policy by issuing tracker cookies.
DDG is currently collecting users' operating systems and
everything they highlight in the search results. (to verify
this, simply hit F12 in your browser and select the "network"
tab. Do a search with javascript enabled. Highlight some text on
the screen. Mouseover the traffic rows and see that your
highlighted text, operating system, and other details relating to
geolocation are sent to DDG. Then change the query and submit.
Notice that the previous query is being transmitted with the new
query to link the queries together)
When clicking an ad on the DDG results page, all data available
in your session is sent to the advertiser, which is why the Epic
browser project refuses
to set DDG as the default browser.
Censorship:
Some people replace Google with DDG in order to avoid censorship. DDG is not the answer.
DDG is complying with the "celebrity threesome injunction".
CloudFlare: DDG promotes one of the largest
privacy abusing
tech giants and adversary to the Tor community: CloudFlare Inc. DDG
results give high rankings to CloudFlare sites, which consequently
compromises privacy, net neutrality, and anonymity:
Anonymity: CloudFlare DoS attacks Tor users, causing substantial damage to the Tor network.
Privacy: All CloudFlare sites are surreptitiously MitM'd by design.
Net neutrality: CloudFlare's attack on Tor users causes access inequality, the centerpiece to net neutrality.
DDG T-shirts are sold using a
CloudFlare site, thus
surreptitiously sharing all order information (name, address,
credit card, etc) with CloudFlare despite their statement at the
bottom of the page saying "DuckDuckGo is an Internet privacy
company that empowers you to seamlessly take control of your
personal information online, without any tradeoffs." (2019)
DDG hires Microsoft for email service: torsocks dig @8.8.8.8 mx duckduckgo.com +tcp | grep -E '^\w' ==> "...duckduckgo-com.mail.protection.outlook.com"
DDG is
partnered
with Yahoo (aka Oath; plus Verizon and AOL by extension). DDG
helps Yahoo profit by patronizing Yahoo's API for search results,
and also through advertising. The Verizon
corporate conglomerate is evil in many ways:
Yahoo, Verizon, and AOL all supported CISPA (unwarranted surveillance bills)
Yahoo, Verizon, and AOL all use DNSBLs to block individuals from running their own mail servers, thus forcing an over-share of e-mail metadata with a relay.
Verizon and AOL both drug test their employees, thus intruding on their privacy outside of the workplace.
Verizon supports the TTP treaty.
Yahoo voluntarily ratted out a human rights journalist (Shi Tao) to the Chinese gov w/out warrant, leading to his incarceration.
Yahoo recently recovered "deleted" e-mail to convict a criminal. The deleted e-mail was not expected to be recoverable per the Yahoo Privacy Policy.
Verizon received $16.8 billion in Trump tax breaks, then immediately laid off thousands of workers.
(2016) Yahoo caught surreptitiously monitoring Yahoo Mail messages for the NSA.
Advertising Abuses & Corruption:
DDG consumed a room at FOSDEM 2018 to deliver a sales pitch despite
its proprietary non-free server code, then dashed out without
taking questions. Shame on FOSDEM organizers for allowing this corrupt
abuse of precious resources.
Tor Project accepted a $25k "contribution" (read: bribe) from
DDG, so you'll find that DDG problems are down-played. This is
why Tor Browser defaults to using DDG and why Tor Project
endorses DDG over Ss -- and against the interests of
the privacy-seeking Tor community. The EFF also pimps DDG -- a
likely consequence of EFF's close ties to Tor Project.
For the record, this is how Tor Project responds to criticism about
their loyalty toward DuckDuckGo (their benefactor) in IRC:
18:20 < psychil> if torbrowser is going to be recommended, it should also be open to scrutiny. in the absence of that transparency, you create an untrustworthy forum.
18:20 < psychil> we've seen a loyalty from TB toward duckduckgo, but DDG is in partnership with Verizon, Yahoo, AOL et. al.
18:21 < psychil> all CISPA-sponsoring companies
18:22 < psychil> if ppl choose to trust them fair enough, but this trust shouldn't be pushed on every user weighing their choice of browsers
18:26 -!- mode/#tor [-b psychil@!@*] by ChanServ
18:27 < YY_Bozhinsky> psychil: i am using Tor (thanks to Tor Devs)... PLUS brain - good bundle. I am happy. And please, don't rush to change Reality (do it slowly with love and respect). Because it's home for many ppl. They construct their lives in it. Think twice before ruining that. Please.
18:27 -!- mode/#tor [+b psychil!@] by ChanServ
18:27 -!- psychil was kicked from #tor by ChanServ [wont stop the FUD]
Indeed, Tor Project is notoriously fast to censor any discourse (no matter how civil) when it supports a narrative that doesn't align with their view / propaganda.
Me too. I believed them and have gotten some of my friends to switch. Now I need to tell them I was wrong and they should look elsewhere. As far as I know, there aren't any privacy-friendly search engines.