63

  • MMat00

    • Post #32
    • Edited

    DarkArc I wonder if search prioritization options could be encrypted with the login password (kind of like a password vault). The client would then decrypt the "settings vault" and pass along the settings to the server.

    Certain Kagi settings—such as custom bangs, opening links in a new tab, interface language, theme, font size, and other appearance settings—could theoretically be implemented entirely on the client side. The browser extension can apply those settings when Privacy Pass is turned on without revealing them to the server.

    However, the ranking adjustments (raise or lower domains) and other server side settings could be stored in open source projects, maintained as community efforts on platforms like GitHub, GitLab, or SourceHut. Using unpopular ranking settings would always reduce your anonymity compared to using the default rankings. Though publicly publishing customizations would at least give you plausible deniability about whether Tor searches from one day were made by the same person as Tor searches from another day, even in the case of backdoored Kagi servers.

    A "settings vault" concept could be useful if you can have multiple such vaults per paid Kagi account, and when you apply good OpSec to use a vault for only one "burner identity". If somebody is this concerned about their anonymity, they might prefer to sync and back up the settings manually instead of letting Kagi store an encrypted blob.

        • MMat00

          • Post #33
          • Edited

          As for custom lenses, the browser extension could display the list of lenses client side when Privacy Pass is turned on, but only submit the lens config to the server in case you actually use the lens, perhaps showing a warning to the user that continuing might reduce their anonymity. It would be even better if lens configs could be stored in a DuckDuckGo style Bookmarklet URL so that you can have a unique one for a "burner identity" without the config ever being associated with your Kagi account.

            • ssg

              • Post #34

              You probably are already aware, but I can't use Kagi Assistant with Privacy Pass at the moment.

                Potential regression on Kagi search on the latest version of Orion iOS?

                This appears on every search, the “pp” hints at privacy pass? I have the feature disabled.

                  When I have Kagi Privacy Pass enabled with the Firefox extension (135.0 (64-bit)) on my Windows 11 computer, upon entering Kagi Translate (https://translate.kagi.com/), it does not detect my Kagi account, and if I try to log in, it gives a 403 Forbidden. However, if I disable Kagi Privacy Pass, Kagi Translate works normally again and detects my login. Is this an error?

                  And are there possibilities to add support for the Firefox extension for Android?

                  • Luis replied to this.

                    ssg You aren't meant to be able to use Kagi Assistant with Privacy Pass.

                    • ssg likes this.

                      Vlad There’s a proposal for a Privacy Pass API in web browsers https://github.com/WICG/trust-token-api
                      Kinda interesting. I wonder if this were implemented in all browsers would it be possible that we could use Kagi via privacy pass without an extension?

                        drdaeman just replying to get more visibility - I think this (detection of incognito mode) would hugely improve the UX of using the extension.

                        Right now, the privacy pass mode is synced between incognito and non-incognito modes, which I will always forget (causing needless friction when switching between search sessions).

                            Pretty awesome! However, for the sake of consistency and simplicity, I believe it would be ideal to consolidate all features of this extension directly into the Kagi extension itself.

                            Having just one extension is sufficient, and I believe this approach could lead to an even better final result.

                            • Vlad replied to this.

                              Using a browser-based VPN extension (Windscribe, in my case) throws an error on both Chromium browsers (Arc) and Firefox when trying to generate the tokens.

                              To generate, the VPN must disabled in the extension. It appears the extension works fine after initial generation, but it somewhat removes part of the privacy aspect if one has to disable their VPN to use the feature.

                              Chromium Firefox

                                I think there's a bug. Right now I am using the ProtonVPN Firefox extension and I get the same error while VPN is enabled, but I also noticed that search queries are directed to onion links, which doesn't happen while ProtonVPN is not connected.

                                  Just to check, token generation is not affected if the VPN is used with a desktop client / not as a browser extension, correct?

                                  Regarding privacy consequences, token generation not passing via a VPN will not affect your search anonimity.

                                    fernandov Correct. But now it looks like I hit my monthly limit from testing so I can't use Privacy Pass anymore.

                                        alxjsn You should be able to reach out to support for more tokens, I'm sure they'd be happy to help if you've used up a bunch testing things.