Kagi Privacy Pass

MMat00 · 15 Feb

DarkArc I wonder if search prioritization options could be encrypted with the login password (kind of like a password vault). The client would then decrypt the "settings vault" and pass along the settings to the server.

Certain Kagi settings—such as custom bangs, opening links in a new tab, interface language, theme, font size, and other appearance settings—could theoretically be implemented entirely on the client side. The browser extension can apply those settings when Privacy Pass is turned on without revealing them to the server.

However, the ranking adjustments (raise or lower domains) and other server side settings could be stored in open source projects, maintained as community efforts on platforms like GitHub, GitLab, or SourceHut. Using unpopular ranking settings would always reduce your anonymity compared to using the default rankings. Though publicly publishing customizations would at least give you plausible deniability about whether Tor searches from one day were made by the same person as Tor searches from another day, even in the case of backdoored Kagi servers.

A "settings vault" concept could be useful if you can have multiple such vaults per paid Kagi account, and when you apply good OpSec to use a vault for only one "burner identity". If somebody is this concerned about their anonymity, they might prefer to sync and back up the settings manually instead of letting Kagi store an encrypted blob.

MMat00 · 15 Feb

As for custom lenses, the browser extension could display the list of lenses client side when Privacy Pass is turned on, but only submit the lens config to the server in case you actually use the lens, perhaps showing a warning to the user that continuing might reduce their anonymity. It would be even better if lens configs could be stored in a DuckDuckGo style Bookmarklet URL so that you can have a unique one for a "burner identity" without the config ever being associated with your Kagi account.

ssg · 15 Feb

You probably are already aware, but I can't use Kagi Assistant with Privacy Pass at the moment.

WWompWomp · 15 Feb

Potential regression on Kagi search on the latest version of Orion iOS?

This appears on every search, the “pp” hints at privacy pass? I have the feature disabled.

MMonoMatrix · 15 Feb

When I have Kagi Privacy Pass enabled with the Firefox extension (135.0 (64-bit)) on my Windows 11 computer, upon entering Kagi Translate (https://translate.kagi.com/), it does not detect my Kagi account, and if I try to log in, it gives a 403 Forbidden. However, if I disable Kagi Privacy Pass, Kagi Translate works normally again and detects my login. Is this an error?

And are there possibilities to add support for the Firefox extension for Android?

Eeatyourglory · 15 Feb

ssg You aren't meant to be able to use Kagi Assistant with Privacy Pass.

LLuis · 16 Feb

Hey ssg, MonoMatrix unfortunately those 2 services are not yet supported when using Kagi in Privacy Pass mode.Support is planned for future releases.

Please see https://help.kagi.com/kagi/privacy/privacy-pass.html#important-notes for more details.

Fria · 17 Feb

Vlad There’s a proposal for a Privacy Pass API in web browsers https://github.com/WICG/trust-token-api
Kinda interesting. I wonder if this were implemented in all browsers would it be possible that we could use Kagi via privacy pass without an extension?

silvenga · 17 Feb

drdaeman just replying to get more visibility - I think this (detection of incognito mode) would hugely improve the UX of using the extension.

Right now, the privacy pass mode is synced between incognito and non-incognito modes, which I will always forget (causing needless friction when switching between search sessions).

Bbrgustavoribeiro · 17 Feb

Pretty awesome! However, for the sake of consistency and simplicity, I believe it would be ideal to consolidate all features of this extension directly into the Kagi extension itself.

Having just one extension is sufficient, and I believe this approach could lead to an even better final result.

Vlad · 2025-02-18T01:50:01+00:00

brgustavoribeiro

Google does not allow extensions that change search engine to do anything else.

Bbrgustavoribeiro · 2025-02-18T15:12:54+00:00

Vlad That's sad... But thx anyway! You're doing a great job w/ Kagi.

1000Phoenix · 2025-02-19T06:02:14+00:00

Using a browser-based VPN extension (Windscribe, in my case) throws an error on both Chromium browsers (Arc) and Firefox when trying to generate the tokens.

To generate, the VPN must disabled in the extension. It appears the extension works fine after initial generation, but it somewhat removes part of the privacy aspect if one has to disable their VPN to use the feature.

Chromium Firefox

Aalxjsn · 2025-02-19T13:51:26+00:00

I think there's a bug. Right now I am using the ProtonVPN Firefox extension and I get the same error while VPN is enabled, but I also noticed that search queries are directed to onion links, which doesn't happen while ProtonVPN is not connected.

LLuis · 2025-02-19T14:54:22+00:00

@1000Phoenix @alxjsn we're looking into this and will provide an update as soon as we have more information

Ffernandov · 2025-02-19T16:09:04+00:00

Just to check, token generation is not affected if the VPN is used with a desktop client / not as a browser extension, correct?

Regarding privacy consequences, token generation not passing via a VPN will not affect your search anonimity.

RyanPatterson · 2025-02-19T17:23:25+00:00

WompWomp same issue here, reported at https://kagifeedback.org/d/6321-modal-ppheaders-dialog

Aalxjsn · 2025-02-19T20:25:51+00:00

fernandov Correct. But now it looks like I hit my monthly limit from testing so I can't use Privacy Pass anymore.

RoxyRoxyRoxy · 2025-02-19T20:32:31+00:00

alxjsn You should be able to reach out to support for more tokens, I'm sure they'd be happy to help if you've used up a bunch testing things.

1000Phoenix · 2025-02-20T05:15:21+00:00

fernandov Unfortunately, I am out of tokens so cannot help test this further.