Hister: A free & self-hosted personal search engine

DailyChems: > Firefox uses random moz-extension UUIDs for web-accessible resources specifically to reduce ordinary website fingerprinting of installed extensions. Yes, this is where the problem lies. Using random UUIDs makes the extension fingerprinting impossible, but it makes the browser fingerprinting fully possible even without cookies. Nice that the websites can’t query what extensions you use, but by the fully unique extension ID they can identify your browser any time. I think it is a much bigger privacy risk. DailyChems: > Maybe I should rephrase my hastily written initial answer as: There is extra risk in using the extension as there is with any extension. How can servers get information about your extensions without using javascript? DailyChems: > I didn’t mean this to offend you or anything, I did not consider what you wrote offensive. It’s always good to challenge ideas. DailyChems: > Isn’t trust an integral part of the internet and IT in general though? Unfortunately yes, it requires more trust than what should be ideal. I’d still like to force myself to always remember this and minimize it as much as I can do. DailyChems: > I mean trusting the extension really is exactly the same code as in your repo etc. This is why free software and self hosting is important. You don’t have to trust a provider, you can verify and build everything locally. Of course, you don’t have to verify everything and self-host, it is totally fine to consider sacrificing privacy for convenience. But, at least if you’d like to min/max privacy, you have the option to do it this way. DailyChems: > Also since you’re the author of Searx too: Why should I use this then instead of Google? You shouldn’t use it. Trusting it blindly can cause more privacy harm than using Google sceptically in some special cases. That’s one of the reason why I stopped developing it long time ago and why I’m developing Hister. DailyChems: > In the end the internet is about a lot of trust imo. True, but I hope we can minimize the trust required with the right tools and policies.