Optional

"No, seriously. All those things Google couldn't find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov

https://lemmy.world/post/13944973

"No, seriously. All those things Google couldn't find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov - Lemmy.World

cross-posted from: https://lemmy.ml/post/14100831 [https://lemmy.ml/post/14100831] > "No, seriously. All those things Google couldn’t find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov

Apr 5, 2024 at 7:08pmWeb
Show threadOptionalApr 5, 2024

Even after all that payola, Google is still absurdly profitable. They have so much money, they were able to do a $80 billion stock buyback. Just a few months later, Google fired 12,000 skilled technical workers. Essentially, Google is saying that they don’t need to spend money on quality, because we’re all locked into using Google search. It’s cheaper to buy the default search box everywhere in the world than it is to make a product that is so good that even if we tried another search engine, we’d still prefer Google.

It’s been easily 15 years since I thought Google search was good.

Show threadfoggyApr 5, 2024

It was not long after the SSL thing that it became actively garbage that was what 2018?

But yeah, it’s been bad since at least 2012.

Show threadAnActOfCreationApr 5, 2024
What SSL thing?
Show threadfoggyApr 5, 2024

Google stopped indexing all websites without SSL certificates in July 2018.

For example, darklyrics.com is a website I and many others grew up using as a resource to understanding lyrics. They’ve stubbornly not gotten an SSL because they transact 0 data beyond band name searches. However, without an SSL, they do not show up in Google search results.

This is one of literally millions of examples. Some more reasonable than others, but it still was a massive blow to the efficacy of their search.

Show threadSkyNTPApr 5, 2024

They’ve stubbornly not gotten an SSL because they transact 0 data beyond band name searches.

Even if sites do not store user account data, such as passwords, ALL websites, and I mean ALL, handle user data, because merely accessing pages (urls) is user data.

Stubbornness is not a good reason not to setup SSL. Encryption should always be on, all the time, for everything.

Show threaddb0Apr 6, 2024
Ssl doest hide the url you’re visiting
Show threadRikudou_SageApr 6, 2024
It does. Anyone sniffing the traffic can only see the domain.
Show threadhanslApr 7, 2024
Not if you use DNSSEC.
Show threadAlexApr 6, 2024
Yes it does. You can derive the domain from snooping DNS lookups but the URL is part of the encrypted get header.
Show threadAProfessionalApr 6, 2024
The domain is a public part of TLS itself, SNI, for now.
Show threadt҉̠̙ǵ̣̞̄ͪ͜x̸̱͚̳ͫ͐̑̈ͯͣ̚n̒͌҉͉̦̜̝ͅApr 6, 2024
Yeah we’re need encrypted SNI. I hear it’s coming soon.
Show threadBogasseApr 6, 2024
And it’s not only about user data, it would also expose the website to content spoofing in public wifi, which would for example allow the attacker to inject fishing content in the website. The SSL encrypts the data you’re sending but it also ensures that you’re communicating only with who you think you are. Without SSL you can’t be confident about any of that.
Show threadpixxelkickApr 7, 2024

If a website has literally no login system, there’s nothing to phish.

There is honestly no reason to use SSL on a static website that has no login system and just displays some content.

IE a static blog or etc, where the only content on the website is just “look at this stuff, okay thank you!”

Show threadBogasseApr 7, 2024

That’s still my point, for example you could inject your own login system “create an account to keep track of your favorite artists, or some new shiny feature”. For there you can get people’s personal information, potentially a password they use on other services.

An URL is something the general public will trust, if the content can be messed with you repurpose the website’s reputation. I took phishing as an example but even my not-so-creative and non-expert brain can think of other things : asking for donations, propaganda, advertising, censorship, …

Show threadAnActOfCreationApr 6, 2024
Hmm I hate Google as much as the next guy and am actively trying to de-Google myself, but I’m not sure I can get behind the outrage here. Certificates are free and easy to obtain with LetsEncrypt, so there’s really no excuse for sites not to accept unencrypted traffic these days. I’m sure Google does lots of things to delist the small guys and promote their big payers, but I don’t think this is one of them.
Show threadfoggyApr 6, 2024

Free certificates expose your subdomains. It’s not more secure if you don’t transact data in a meaningful way such as the example I provided.

I don’t mean to insinuate that the example I provided is the majority of cases, and in the majority of cases, I do support sites with SSLs being indexed higher than websites without them, but I think the interstitial this website is not secure with the requirement of the advanced click followed by The continue anywaysclick…

Idk

Especially in 2018. Like, when we look at it from today’s perspective, it’s very easy to agree. And I do agree. But in 2018, it was not this way. Anyone who was a web developer with a bunch of clients, such as myself, was all the sudden in a very interesting hot seat. Not only did I need to try to upsell my clients, but I needed to convince them that not doing so was quite literally at their peril. It was difficult. And certain cases, it was impossible.

Show threadunautrenomApr 6, 2024

Expose your subdomains as in having all of them bundled into one certificate?

AFAIK, you absolutely can request different certs for each subdomain (in fact, that’s what I’ve been doing for a while).

Show threadfoggyApr 6, 2024

No, as in they are public record.

If you use a wildcard let’s encrypt SSL to encrypt www.mydomain.com and VPS.mydomain.com and secret.mydomain.com and allmyporn.mydomain.com, and Plex.mydomain.com, and gitlab.mydomain.com

Then it is public record that mydomain.com has associated with it the CNAMES “www” “VPS” “secret” “allmyporn” “Plex” and “gitlab”.

It can be looked up by anyone here. Just type in “%.yourdomain”

That is to say if you use a wildcard letsencrypt SSL on all your subdomains for you self hosting project, you’re more exposed than want to be.

crt.sh | Certificate Search

Free CT Log Certificate Search Tool from Sectigo (formerly Comodo CA)

Show threadAnActOfCreationApr 6, 2024

If your subdomains being public is a security issue then I’d argue something else is wrong. Otherwise you’re using security through obscurity.

But I appreciate the insight and I see how this was a harder sell back when it happened. Thanks!

Show threadfoggyApr 6, 2024
Not necessarily. Let’s say you’re a known contributor to a closed source project. You don’t want people knowing you have a locally hosted gitlab instance at gitlab.mydomain.com, for example.
Show threadReveredOxygenApr 7, 2024
If that’s the case, you shouldn’t have one on your domain. If someone wants to know your subdomains, they can still brute force them
Show threadBogasseApr 7, 2024
While I think the issue you raise does sort of make sense, it derivates from the initial concern : if you don’t want your domain listed in a DNS record you certainly don’t want it to be indexed by a search engine :p
Show thread1984Apr 5, 2024

People say Kagi is the same but it’s not. It takes Googles results and filters out the crap and orders results differently, since it’s not trying to get you to go to some commercial site unless you intend to.

Also the lenses are great.

Show threadbloopernovaApr 5, 2024

Just being able to exclude certain sites, and reduce the ranking of others, makes search so much better in Kagi.

I hope they eat Google’s lunch.

Show threadGinger666Apr 5, 2024

There is an add-on for Firefox that blocks certain domains from coming up in search results.

Super fucking helpful to block amazon

Its called u blacklist

Show threadnelsonApr 6, 2024
I will need to check that out.
Show threadshortwavesurferApr 5, 2024
I used this to completely block Reddit.
Show threadFutileRecipeApr 5, 2024

It takes Googles results and filters out the crap and orders results differently…

It uses more than just Google’s, FYI.

help.kagi.com/kagi/…/search-sources.html

Search Sources | Kagi's Docs

Kagi Search Help

Show threadcaseyweedermanApr 5, 2024
Isn’t that what DDG was supposed to do?
Show threadChuckEffingNorrisApr 6, 2024
This all works until Google cut off API access to a competitor right? Relying partly on a Google API is surely suicidal for a Google Search competitor…
Show threadferretApr 7, 2024
They use Bing’s index as well and also have their own
Show threadjg1iApr 6, 2024
If you don’t do anything except use it like Google, then you only get improved search results. But the other features like lenses, site ranking, URL rewriting, question mark instant answers, and document Q/A make it way more worth it to me.
Show thread1984Apr 6, 2024

I think people are just used to being passive now. They dont tinker with the tech and they think its all the same.

People still use Chrome also because Google kept saying its “faster”, which doesnt even mean anything. Security, privacy and plugin support is what matters.

Show threadYurkshireLadApr 5, 2024
Kagi uses Google’s search engine?? I didn’t know that, I thought they’d created their own search engine. If Google blocks Searx, why don’t they block Kagi?
Show threadtempestApr 5, 2024

Kagi pays Google for API access. They also query other sources of data as well as their own index.

help.kagi.com/kagi/…/search-sources.html#external

Search Sources | Kagi's Docs

Kagi Search Help

Show threadredcalciumApr 5, 2024
I suspect most of their subscription money went to google pocket. Google charges a lot of money to access their search api, about $5/1000 queries.
Show threadsolrizeApr 5, 2024
I tried Kagi (free 100 query plan) and got about the same results as google/DDG. It’s kind of nice but I couldn’t see subscribing. I hate subscriptions. If they sold access for a flat fee per query (let’s say $5 for 200 queries) I’d buy that, and use a dozen or so queries a month.
Show threadGinger666Apr 5, 2024
Search.brave.com ain’t bad
Show threadAltoApr 5, 2024
Too bad brave's CEO is a giant bigoted piece of shit who I refuse to support.
Show threadBrianTheeBiscuiteerApr 5, 2024
Damnit. Okay, what’s the next best Chromium based browser? I love Firefox but I have to keep a Chromium browser on hand for the few sites FF just doesn’t handle properly.
Show threadFischApr 5, 2024
I just use ungoogled chromium in those cases
Show threadKnock_Knock_Lemmy_InApr 6, 2024
What about Tor
Show threadweegee90Apr 5, 2024
Vivaldi was my main browser for a while, and my backup chromium browser since I switched back to Firefox. Most of the privacy stuff in Brave is available as separate extensions and I really like Vivaldi’s sidebar and profile management.
Show threadThe Great King Virtue Is Dead!Apr 5, 2024
ungoogled chromium obviously
Show threadsik0fewlApr 6, 2024
What sites don’t FF handle? Small or big?
Show threadBrianTheeBiscuiteerApr 6, 2024
Google Docs, ComfyUI (on mobile), couple porn sites.
Show threadGustavoFringApr 6, 2024
TradingView
Show threadRailcar8095Apr 6, 2024

If it works for you, and it’s only a secondary/failsafe browser, shouldn’t feel too guilty to use it.

I don’t use brave and I’m not aware of what’s the issue with the CEO, not sure if knowing that would change my protective

Show threadAltoApr 7, 2024

The founder/CEO actively donates to anto-LGBT organizations, including ones that support conversion therapy. The guy is an awful piece of shit, and any decent person should take whatever steps necessary to not support them.

Thankfully, that's as simply as not using Brave.

Show threadferretApr 7, 2024
I like thorium
Show threadKnock_Knock_Lemmy_InApr 6, 2024

You know he isn’t retrieving the results personally?

Pieces of shit exist in most companies.

Show threadAltoApr 6, 2024

No way, really?!?!

I try to not reward companies that hire CEOs who actively support the extermination of gay people

Show threadKnock_Knock_Lemmy_InApr 6, 2024

Brendan Eich was a founder. He wasn’t hired. Not sure if anyone can remove him.

How would you feel if a conservative organization mounted a campaign to boycott an entire company because the CEO is gay?

The Brave browser itself exterminating gay people, nor stopping them marrying.

Do you drink Fanta? Should we also still boycott Volkswagen and Hugo Boss?

If you apply your boycotting consistently you need to avoid an awful lot of things

(Note, I’m not defending Brendan Eich or his appalling views)

The Good Works of Bad Men

Is it time to stop thinking of creators and instead only of creations?

Psychology Today
Show threadAltoApr 7, 2024
Get the actual fuck out of here with your both sides bullshit. Boycotting a company for bigoted is not the same as boycotting a company because you yourself are a bigoted piece of shit.
Show threadKnock_Knock_Lemmy_InApr 7, 2024

No-one is claiming whatever it is you are trying to say.

I’m saying neither the company nor product have done anything bigoted.

Boycotting any and every company that employs bigots is impossible.

Show threadAltoApr 7, 2024
If you can't see why one would boycotting a company with a loud and proudly bigoted founder, i don't know what the fuck to tell you other that you need to take a long, hard look in the mirror.
Show threadKnock_Knock_Lemmy_InApr 7, 2024

I can’t see why we should boycott when the product isn’t bigoted and the company doesn’t do bigoted things.

Highlighting a particular employee or position is not logical.

If the CFO was bigoted would you boycott?

If the country manager was bigoted would you boycott?

If the intern was bigoted would you boycott?

Under your moral code ANY company employing at least one bigot should be boycotted. This leads to almost all companies being boycotted.

Show threadAltoApr 7, 2024

I'd appreciate it if you wouldn't put words in my mouth.

I'd also prefer companies have strict policies against that sort of thing, and if I found out a company was fostering a workplace where that awful view is acceptable, I would boycott them as well.

The founder generally receives the biggest piece of the pie. That's obviously a more significant thing. Frankly, I think you know this and are simply arguing in bad faith.

Show threadKnock_Knock_Lemmy_InApr 7, 2024

I’d also prefer companies have strict policies against that sort of thing,

It seems they do brave.com/careers/

The founder generally receives the biggest piece of the pie.

So poor bigots are fine. Got it.

Brave is FOSS. Nothing needs to go to Eich.

the general spirit of being against bigotry and opposing it,

Agreed. But neither the Brave company nor the software is bigoted.

violently if necessary, anywhere you see it.

I would not advocate for attacking free speech (political donations) with violence.

Join us to Change the Web Together | Brave

Brave offers a new way of thinking and experiencing how the web should work. We're on a mission to fix the web by giving users a faster, safer and better browsing experience while supporting content creators through an ecosytem of rewards. It's so much more than your typical browser. Join the Brave revolution.

Brave
Show threadAltoApr 7, 2024
Im sorry that you're so tolerant of bigotry. I can't help you