Kagi (Search Engine)

It looks pretty interesting, instead of generating revenue on user data or donations, it’s a subscription. They claim to be “a high quality, 100% privacy-respecting search engine with results augmented by non-commercial indexes and personalized searches.”

A brief look at the privacy policy shows that they don’t collect really anything, however I am not an expert on that.

I’d love to hear what everyone thinks of this, I’m tempted to try it out

One of the main problems seems to be that they are collecting that account information, which can be directly tied to an account. This kinda makes it pointless to use a VPN or Tor in conjunction with that. A privacy policy is very much a “trust us” situation, that could change if the company is sold, in the future.

Had they have accepted payment with something with Monero, that would allay some of those concerns. They only accept Bitcoin, what their payment processor OpenNode supports. This means users would be responsible for shifting crypto into Monero, and then back to bitcoin to pay anonymously.

The other thing also being that even if you do pay anonymously, you’re not really anonymous as it is trivial to tie all the search results to a particular account. If they did decide to collect that data, there would be enough there over time to identify who you are anyway.

The other thing I would want to test thoroughly is the results returned. A lot of these search engines “sound good” but in practice produce poor results not related to the terms.

5 Likes

Hey Daniel,

I work at Kagi, Thomas on our Discord. One of our users linked this post so I wanted to give our perspective as well :slight_smile: Hope that’s ok!

As you mentioned, we do offer crypto payments, but indeed right now Monero isn’t one of the cryptos accepted. It’s not that we don’t want to, it’s that when we worked on the implementation, there were 0 payment providers who support Monero that responded to us to integrate. We also have a non-negotiable requirement, which is that they would need to do all the crypto handling, and just send USD. This is necessary because we’re a tiny team, and we can’t get into the business of crypto wallet handling and FX risk mitigation. In the meantime, for people that want absolute privacy, Monero → BTC/Lightning → Kagi will give that.

As for email as identifier, I believe (but haven’t rechecked recently) that we don’t verify the email’s validity (unlike Privacy Guide :wink: ) which means that in practice you can sign up however you want, and then pay using entirely anonymously as per above. Even if we did, you could still use a throw away email and get the same benefit.

As stated in the policy, we don’t store search queries or results (except for beta users of some features for a very limited period to help debug, and some very short term caching to prevent accidental refreshes counting as 2 searches for our users), so we can’t really retrospectively profile. I understand the concern with regards to “what if Kagi lies about this”, and it’s fair, although obviously that would open us to litigation down the line. How would you suggest we address it so you have more confidence?

The other thing I would want to test thoroughly is the results returned. A lot of these search engines “sound good” but in practice produce poor results not related to the terms.

Our users like it, but the good news is we offer 100 free trial searches if you want to check it for yourself :slight_smile:

4 Likes

I’ve seen this one used by a couple of different services. They’ve been around since 2013.

That’s fair enough.

That is because it’s a different kind of service. In our case we’re more concerned about spam being posted here, where as you’re a search engine, presumably nobody can post anything they want on your servers :wink: Many do use email cloaks however like addy.io or simplelogin.io.

Just to be clear here, I’m not saying that you don’t keep your word, just that, users should be aware there isn’t a technical solution ensuring their privacy, and it is a “trust us” agreement similar to that of a VPN. The only difference being that most services use TLS so a VPN can’t get really any more of a picture of what you’re visiting besides the domains.

We would look at that as well, because a search engine that doesn’t find what you want isn’t much use :wink: in the past we’ve removed some options simply for not performing well enough.

2 Likes

Thanks Daniel for the answer!

re. coinpayments - we did reach out to them back when we started the work on added a payment provider, they never answered, which is part of why we went for another option. When we have enough time to consider adding another provider we’ll try again!

That is because it’s a different kind of service.

I know, I know, I was just being a bit cheeky :slight_smile:

Just to be clear here, I’m not saying that you don’t keep your word, just that, users should be aware there isn’t a technical solution ensuring their privacy, and it is a “trust us” agreement similar to that of a VPN.

Oh absolutely, that’s how I took it. I’m a Mullvad/pihole/… user, I know and care about all that stuff too :slight_smile: . My question wasn’t sarcastic, I’m really asking if you have ideas on what we can do that would help increase confidence that Kagi is doing what it says. I’ve given it some thought, and the issue is that you always end up at some amount of trust somewhere: if we open sourced everything, then the question would be “but is that the code that actually runs”, etc… but open to ideas!

we’ve removed some options simply for not performing well enough.

:100: . We’re over 11k paying users today (data is open, here: https://kagi.com/stats), on a market where we all know who the big player is, which has a massive advertising budget… and is free. That gives me some confidence we’re doing something right, but do try it out, and if you have good ideas for improvement hop onto our discord and let us know!

Independent third party audits!

From a I-know-nothing-about-code user’s perspective, in the end I always have to just trust that a program/service does what is claimed.

But having had your code thoroughly checked by someone independent and reliable, the code being open source so that anyone can check, a clear and precise privacy policy & user terms — all these help with being able to trust since it increases the chance of any fuckery being found out, since there will be more potential points of failure for such.

3 Likes

iirc they have undergone third party security audits before. I’m actually quite fond of kagi, and think it offers a lot as a service, so I’m hoping it can gain some more traction. I do so hope they will be around in the long run.

edit: Kagi passes an independent security audit | Kagi Blog

2 Likes

i think it’s a good service but i understand that the need for an account atm does make it harder to recommend from a privacy standpoint. i am currently a kagi user (after the recent pricing changes) and am personally okay with trusting them.

however, i do feel like the reason to use kagi is more for the extra features, not just privacy–i feel that DDG/Startpage/Brave Search/SearXNG (list goes on) have that part covered. it’s just for me they all had one quirk or another that i didn’t necessarily like. fairly often members of the PG team mention that they aren’t trying to put up an exhaustive list of every good option. they already have 4 up, so i’m not sure why Kagi should be added to or replace any of these based on privacy.

Does Kagi have its own index? The answer to that is probably no, but I have to ask.

If not, I don’t see why anyone would use it over a free option. DDG’s and Startpage’s ads are not privacy-invasive, and you can even disable DDG’s entirely if you wish. You can also use uBlock for the greatest protection.

With those options, paying for a search engine with no ads doesn’t seem very useful. You can do it, of course, and some will. But it’s not really the most mainstream option that we should be recommending to people.

Perhaps Privacy Guides needs an honourable mentions list for the stuff we recommend. As in, under search engines, you would get the usual recommendations, and an honourable recommendation for Kagi. Not to say we recommend every use it, but to say that it’s a choice we have reviewed, and we believe they respect privacy.

We got rid of honerable mentions before for very good reasons. PG only recommends the best and only the best. Not every other option that tries to do something. IMHO it should stay that way.

To clarify:
I have not looked at Kagi yet. This is a general statement.

2 Likes

Then the answer to this thread should be: No, Kagi should not be added.

1 Like

Whats about picture search in Kagi? Available?

Yes, I believe it does. It uses its own index in conjunction with other sources (see https://help.kagi.com/kagi/company/faqs.html#where-are-your-results-coming-from).

I understand why Kagi may not be the best for every situation, but for those that want the extra features Kagi brings, I think it’s worth knowing about and considering. Whether it deserves a spot on PG or not isn’t something I’m sure about, but I still think they deserve more attention.

I don’t think Kagi is that weak a suggestion compared to other search providers. The only reason the average user may be averse to using them is the idea of paying for searches. I don’t see how their privacy claims are less reliable than other providers. From my understanding of the entry-level privacy community, the average user isn’t too concerned about private payments with monero, so the potential identification via payment isn’t too big a drawback.

As for what Kagi brings, I think they’re absolutely as strong or stronger a suggestion than the other current listings. I’ve found their results very accurate, and their UX and features are unmatched in my opinion.

Just to confirm @Julian, Kagi does have its own index, but it also uses the results of a mix of different upstream sources, so if nothing else think of it as a meta search engine with a lot of user & privacy-friendly features built in.

2 Likes

Yeah… I really like the idea of ad-free business models personally, but for our purposes I’m finding it hard to recommend. This is Privacy Guides and not Ad-blocking Guides, and I disagree with the notion that advertising is inherently linked to tracking, when other search engines like DDG and Brave have proven that isn’t the case. The advertising industry has been around for centuries, invasive tracking has only been a part of that for a few decades.

Ads are certainly annoying,—and I’d personally rather pay someone like Kagi instead of screwing over an ad-dependent business by using an adblocker—but being ad-free doesn’t give Kagi a privacy benefit over the competition in my opinion, and that’s really the only criteria I can consider here.

Given that we have 4 search engines which meet our existing criteria and are also quite good—and one of them (DDG) gives you the option to disable ads natively for free, as @anon62252234 pointed out—I’m just not seeing a compelling reason to modify our criteria to be inclusive of a product like Kagi.

For this reason I’m going to mark this thread as rejected for now, and add a reminder that just because we don’t include something on the website doesn’t mean we’re recommending against it, it just means that we have no official opinion one way or the other. I’m still happy that @TisButMe stopped by to clarify our questions here for us (thank you!), and if anyone has any remaining feedback on Kagi or my thoughts here, this thread is always open :slight_smile:

As a side note, as I’m looking through pages like Kagi vs. The Competition I don’t think Kagi is taking into account Brave Search features like Goggles in their comparison (although Kagi’s website block/boosting does look more user friendly).

7 Likes

Hello @jonah

Vlad here from Kagi.

Thanks for clarifications and I appreciate a principled position.

Few remarks:

  • Creating an account has nothing to do with privacy. I had to create an account to post here. That does not make this site any less privacy respecting on its own, I as a user consent to it and it is what you do with the data that matters and is hopefully explained in the privacy policy .

Same with Kagi - account is a necessity of a paid business model and:

a) we collect no personal information
b) user can use a fake email if they want to (we do not verify it or use for anything)
c) they can pay in crypto if on top they want anonymity too

In short we do not care about user data at all, we only care about providing the best search and getting paid in exchange. That is the beauty of a paid business model.

Kagi absolutelty respects user privacy, and has both much more user friendlier privacy policy than any other search engine you recommed (verifiable fact!) and much more friendlier business model that has no need ever to sell user data.

One more thing to add - Looking at your recommendations for browsers and seeing browsers with telemetry enabled by default makes me wonder if it is perhaps time to revise your criteria. Any browser that sends user PII (including IP address) to the browser vendor by default, without explicit consent of the user, is definetely not privacy respecting. For a browser to be privacy respecting it simply has to be zero-telemetry by default, there is no way around it. You can measure telemetry easilly or use external resources like Web Browser telemetry - sizeof(cat)

How you run the site is obviosuly your choice, but I thought some clarifications were in order.

4 Likes

If you think Brave is so bad and has telemetry, why do you then partner with them as a search source?

You are saying that Kagi has a better policy than than ANY SearX instance (including a potentially self-hosted one)? I find that extremely dubious (and impossible in the self hosted instance*).

That is subjective and one can easily argue that if a browser makes it easy to disable telemetry (as firefox is for example), then the browser is still privacy respecting overall.

One could argue that it does. If a forum does not allow anonymous posting then it could be seen as worse for privacy. However, there is a trade-off, since with accounts content moderation becomes much easier. But it’s all a matter of the threat model. For many people here, since PG is a trusted group and the privacy policy is good, the trade-off is worth it for the benefit (community and knowledge building). However, for others, it may not.

*I am aware that self hosting might not be the best for privacy in many situations, but since I was disputing a claim about privacy policies, my claim holds.

2 Likes

I just wanted to give my two cents as a Kagi user of 2 months and vouch for it as a service.

Despite requiring an account, I think Kagi is privacy respecting. I’d say they’re doing everything right in terms of a privacy respecting product that requires an account to monetize; in practice, I don’t think it negatively impacts privacy here overall.

What’s most important to me when it comes to Kagi however, is that I’ve found it to be a superior product to any other search engine I’ve tried. The polish and results give me everything I hope for from a search engine. From small things like allowing custom CSS or their UI, to their lenses and ability to rank sources to get to the content you want is what makes it a great experience. Not to mention their results themselves being superior to any other provider (from SearXNG instances, to Brave, DDG, or even Google) in my experience. The array of sources paired with their own crawler provide relevant and interesting content, and quick answers when I’m looking for them. They even include Brave search results now too.

I think Kagi’s value is in being privacy respecting while being an actively better solution than others at the same time. I’m happy to use and support the project, and I think it’s at least worth checking out for anyone that’s interested in it or dissatisfied with their current search providers.

Maybe it’s not fit to be on PG with the current criteria, but I’ll give it my personal approval on the forum here.

6 Likes