"No, seriously. All those things Google couldn't find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov
(pluralistic.net)
from homesweethomeMrL@lemmy.world to technology@lemmy.world on 05 Apr 2024 19:08
https://lemmy.world/post/13944973
from homesweethomeMrL@lemmy.world to technology@lemmy.world on 05 Apr 2024 19:08
https://lemmy.world/post/13944973
cross-posted from: lemmy.ml/post/14100831
"No, seriously. All those things Google couldn’t find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov
threaded - newest
It’s been easily 15 years since I thought Google search was good.
It was not long after the SSL thing that it became actively garbage. that was what, 2018?
But yeah, it’s been bad since at least 2012.
What SSL thing?
Google stopped indexing all websites without SSL certificates in July 2018.
For example, darklyrics.com is a website I and many others grew up using as a resource to understanding lyrics. They’ve stubbornly not gotten an SSL because they transact 0 data beyond band name searches. However, without an SSL, they do not show up in Google search results.
This is one of literally millions of examples. Some more reasonable than others, but it still was a massive blow to the efficacy of their search.
Even if sites do not store user account data, such as passwords, ALL websites, and I mean ALL, handle user data, because merely accessing pages (urls) is user data.
Stubbornness is not a good reason not to setup SSL. Encryption should always be on, all the time, for everything.
Ssl doest hide the url you’re visiting
It does. Anyone sniffing the traffic can only see the domain.
Not if you use DNSSEC.
Yes it does. You can derive the domain from snooping DNS lookups but the URL is part of the encrypted get header.
The domain is a public part of TLS itself, SNI, for now.
Yeah we’re need encrypted SNI. I hear it’s coming soon.
And it’s not only about user data, it would also expose the website to content spoofing in public wifi, which would for example allow the attacker to inject fishing content in the website.
SSL encrypts the data you’re sending but it also ensures that you’re communicating only with who you think you are. Without SSL you can’t be confident about any of that.
If a website has literally no login system, there’s nothing to phish.
There is honestly no reason to use SSL on a static website that has no login system and just displays some content.
IE a static blog or etc, where the only content on the website is just “look at this stuff, okay thank you!”
That’s still my point, for example you could inject your own login system “create an account to keep track of your favorite artists, or some new shiny feature”. For there you can get people’s personal information, potentially a password they use on other services.
An URL is something the general public will trust, if the content can be messed with you repurpose the website’s reputation. I took phishing as an example but even my not-so-creative and non-expert brain can think of other things : asking for donations, propaganda, advertising, censorship, …
Hmm I hate Google as much as the next guy and am actively trying to de-Google myself, but I’m not sure I can get behind the outrage here. Certificates are free and easy to obtain with LetsEncrypt, so there’s really no excuse for sites not to accept unencrypted traffic these days. I’m sure Google does lots of things to delist the small guys and promote their big payers, but I don’t think this is one of them.
Free certificates expose your subdomains. It’s not more secure if you don’t transact data in a meaningful way such as the example I provided.
I don’t mean to insinuate that the example I provided is the majority of cases, and in the majority of cases, I do support sites with SSLs being indexed higher than websites without them, but I think the interstitial this website is not secure with the requirement of the advanced click followed by The continue anywaysclick…
Idk
Especially in 2018. Like, when we look at it from today’s perspective, it’s very easy to agree. And I do agree. But in 2018, it was not this way. Anyone who was a web developer with a bunch of clients, such as myself, was all the sudden in a very interesting hot seat. Not only did I need to try to upsell my clients, but I needed to convince them that not doing so was quite literally at their peril. It was difficult. And certain cases, it was impossible.
Expose your subdomains as in having all of them bundled into one certificate?
AFAIK, you absolutely can request different certs for each subdomain (in fact, that’s what I’ve been doing for a while).
No, as in they are public record.
If you use a wildcard let’s encrypt SSL to encrypt www.mydomain.com and VPS.mydomain.com and secret.mydomain.com and allmyporn.mydomain.com, and Plex.mydomain.com, and gitlab.mydomain.com
Then it is public record that mydomain.com has associated with it the CNAMES “www” “VPS” “secret” “allmyporn” “Plex” and “gitlab”.
It can be looked up by anyone here. Just type in “%.yourdomain”
That is to say if you use a wildcard letsencrypt SSL on all your subdomains for you self hosting project, you’re more exposed than want to be.
No it’s not. I have several wildcards. Your tool doesn’t show any of the subdomains i have then used on. Go hit %.saik0.com and show me where lemmy.saik0.com shows up. I’ll wait.
.
Bro check again… This time actually follow instructions.
Search for LEMMY.SAIK0.COM… Notice it’s not there even though my instance clearly exists and has an SSL cert.
What you’re seeing is certs from over a year ago. You’re seeing domains I registered specifically. eg… not ones I’ve associated with a wildcard.
Next time make sure you’re actually right before you act so confident.
Here’s a list of subdomains that are under a wildcard SSL cert… That will not show up in that list since they were never registered for their own cert and only EVER operated under the wildcard one.
convert.saik0.com
esign.saik0.com
lemmy.saik0.com
wordgame.saik0.com
yt.saik0.com
And there’s plenty more I could point out. But if you follow instructions and actually search, you’ll see that those do exist as accessible subdomains and do not show up in the crt.sh tool.
Edit: LMFAO so you downvoted me… checked my shit and realized that you’re wrong. Deleted your message and kept your downvote in place.
Edit2: For those coming after the fact and maybe not liking my initial tone at the top there. I mirrored the tone they posted in.
If your subdomains being public is a security issue then I’d argue something else is wrong. Otherwise you’re using security through obscurity.
But I appreciate the insight and I see how this was a harder sell back when it happened. Thanks!
Not necessarily. Let’s say you’re a known contributor to a closed source project. You don’t want people knowing you have a locally hosted gitlab instance at gitlab.mydomain.com, for example.
If that’s the case, you shouldn’t have one on your domain. If someone wants to know your subdomains, they can still brute force them
While I agree the issue you raise does make sense in some situations, it derivates from the initial concern : if you don’t want your domain listed in a DNS record you certainly don’t want it to be indexed by a search engine :p
People say Kagi is the same but it’s not. It takes Googles results and filters out the crap and orders results differently, since it’s not trying to get you to go to some commercial site unless you intend to.
Also the lenses are great.
Just being able to exclude certain sites, and reduce the ranking of others, makes search so much better in Kagi.
I hope they eat Google’s lunch.
There is an add-on for Firefox that blocks certain domains from coming up in search results.
Super fucking helpful to block amazon
Its called u blacklist
I will need to check that out.
I used this to completely block Reddit.
It uses more than just Google’s, FYI.
help.kagi.com/kagi/…/search-sources.html
Isn’t that what DDG was supposed to do?
This all works until Google cut off API access to a competitor right? Relying partly on a Google API is surely suicidal for a Google Search competitor…
They use Bing’s index as well and also have their own
If you don’t do anything except use it like Google, then you only get improved search results. But the other features like lenses, site ranking, URL rewriting, question mark instant answers, and document Q/A make it way more worth it to me.
I think people are just used to being passive now. They dont tinker with the tech and they think its all the same.
People still use Chrome also because Google kept saying its “faster”, which doesnt even mean anything. Security, privacy and plugin support is what matters.
Kagi uses Google’s search engine?? I didn’t know that, I thought they’d created their own search engine. If Google blocks Searx, why don’t they block Kagi?
Kagi pays Google for API access. They also query other sources of data as well as their own index.
help.kagi.com/kagi/…/search-sources.html#external
I suspect most of kagi’s subscription money actually went to google’s pocket. Google charges a lot of money to access their search api, about $5/1000 queries.
I tried Kagi (free 100 query plan) and got about the same results as google/DDG. It’s kind of nice but I couldn’t see subscribing. I hate subscriptions. If they sold access for a flat fee per query (let’s say $5 for 200 queries) I’d buy that, and use a dozen or so queries a month. The rest of the time I’d keep using DDG or occasionally resorting to Google.
Search.brave.com ain’t bad
Too bad brave's CEO is a giant bigoted piece of shit who I refuse to support.
Damnit. Okay, what’s the next best Chromium based browser? I love Firefox but I have to keep a Chromium browser on hand for the few sites FF just doesn’t handle properly.
I just use ungoogled chromium in those cases
What about Tor
Vivaldi was my main browser for a while, and my backup chromium browser since I switched back to Firefox. Most of the privacy stuff in Brave is available as separate extensions and I really like Vivaldi’s sidebar and profile management.
ungoogled chromium obviously
What sites don’t FF handle? Small or big?
Google Docs, ComfyUI (on mobile), couple porn sites.
TradingView
If it works for you, and it’s only a secondary/failsafe browser, shouldn’t feel too guilty to use it.
I don’t use brave and I’m not aware of what’s the issue with the CEO, not sure if knowing that would change my protective
The founder/CEO actively donates to anti-LGBT organizations, including ones that support conversion therapy. The guy is an awful piece of shit, and any decent person should take whatever steps necessary to not support them.
Thankfully, that's as simple as not using Brave.
I like thorium
You know he isn’t retrieving the results personally?
Pieces of shit exist in most companies.
No way, really?!?!
I try to not reward companies that hire CEOs who actively support the extermination of gay people
Brendan Eich was a founder. He wasn’t hired. Not sure if anyone can remove him.
How would you feel if a conservative organization mounted a campaign to boycott an entire company because the CEO is gay?
The Brave browser is not itself exterminating gay people, nor stopping them marrying.
Do you drink Fanta? Should we also still boycott Volkswagen and Hugo Boss?
If you apply your boycotting consistently you need to avoid an awful lot of things
(Note, I’m not defending Brendan Eich or his appalling views)
Get the actual fuck out of here with your both sides bullshit. Boycotting a company for being bigoted is not the same as boycotting a company because you yourself are a bigoted piece of shit.
E: sp
No-one is claiming whatever it is you are trying to say.
I’m saying neither the company nor product have done anything bigoted.
Boycotting any and every company that employs bigots is impossible.
If you can't see why one would boycott a company with a loud and proudly bigoted founder, i don't know what the fuck to tell you other than you need to take a long, hard look in the mirror.
I can’t see why we should boycott when the product isn’t bigoted and the company doesn’t do bigoted things.
Highlighting a particular employee or position is not logical.
If the CFO was bigoted would you boycott?
If the country manager was bigoted would you boycott?
…
If the intern was bigoted would you boycott?
Under your moral code ANY company employing at least one bigot should be boycotted. This leads to almost all companies being boycotted.
I'd appreciate it if you wouldn't put words in my mouth.
I'd also prefer companies have strict policies against that sort of thing, and if I found out a company was fostering a workplace where that awful view is acceptable, I would boycott them as well.
The founder generally receives the biggest piece of the pie. That's obviously a more significant thing. Frankly, I think you know this and are simply arguing in bad faith.
And get out of here with your purity test bullshit. Yeah, I personally go to some pretty extreme lengths to boycott companies. But that's nowhere near as important as the general spirit of being against bigotry and opposing it, violently if necessary, anywhere you see it.
It seems they do brave.com/careers/
So poor bigots are fine. Got it.
Brave is FOSS. Nothing needs to go to Eich.
Agreed. But neither the Brave company nor the software is bigoted.
I would not advocate for attacking free speech (political donations) with violence.
Im sorry that you're so tolerant of bigotry. I can't help you
I’m clearly against bigotry.
I don’t see how that position is related to using a particular web browser.
I don’t use Kagi, but pretty sure they offer the plan you want.
They start at $5/month (kagi.com/pricing) and that misses some features. But, I thought they started at $10/month. It may have changed. Anyway, I hate subscriptions and would rather pay by the query. It’s something I’d use once in a while, so I don’t want to keep paying while it idles.
I love the idea of paying for a high quality service that I use, but Kagi was significantly worse than Google. I searched for local businesses, programming questions, and general knowledge stuff.
I’ll try it again in a year or two and see if it works for me.
I switched to Kagi about 6 months back. It is overall better, but at least on par with Google, also as far as tech / programming - related questions go. Whenever I do not get a useful result from Kagi, it literally finds nothing - I then try Google for verification, which also lists absolutely no results. That happened approximately 4 times since I switched.
Kagi is worse than Google for: reviews, memes, porn, as well as “descriptive” searches, i. e. when trying to describe the desired result using natural language, e. g. “video game character that swallows everything” (I made that up just now for Kirby).
Kagi’s ability to use lenses and assign weights to sites can make a big difference.
At first, they didn’t have anonymous payments and an unattractive pricing model, but that has been fixed for a while, otherwise I wouldn’t have switched.
Overall, I am very satisfied and have absolutely zero plans of ever using Google again.
I find Kagi results slightly better but the interface is so much nicer and site ranking is great. Mostly though whenever I try using Google it just feels scummy and more obvious than ever that they are trying to shove ad garbage down my brain. I really hope I never need to go back to that again. Agree that crypto payment option for Kagi is clutch, but wish they made that more front and center. Unless you look for it Kagi wants your name, address, and credit card number and all your searches are linked to that. That’s even scummier than Google.
They claim that they don’t link/save your search history so although they have your details for payment, technically it’s not linked. If they aren’t lying…
I also don’t lie and will send you $10,000USD if you send me your credit card number, cell phone number and social. If I happen to accidentally leak your info a few thousand of my friends I will be sure to give you 10% off of a partially reputable ID protection watchdog service. If you trust random corporations that have almost no enforced security oversight, you really should trust this friendly internet stranger as much if not more.
so I've just giving it a quick test vs google with the query "open source chromecast alternative"
the first result for both is a reddit post about NymphCast
it's the rest of the results that are interesting though.
Google has a ycombinator news article about NymphCast and then decends into the usual "17 best chromecast alternatives in 2024" rubbish
Kagi on the other hand lists the github for NymphCast, and then goes on to list others... mirrorCast, pyCaster, free Cast, an article on using a raspberry pi as a chromecast alternative.
obviously this is only anecdotal, and very unscientific, but it's got me interested for sure! Gonna bookmark it and see how it goes
No joke can you share those results? I’m holding out for matter cast
Here you go!
Huge bummer that they’re all 5+ years old. We’ve been moving to libreelec with Disney+, Jellycon, Netflix, Youtube, and amazon prime plugins. It’s not the same, but it’s workable. If Amazon keeps MatterCast open and open source implementations get made, that’s where I’m focusing my attention. A raspberry pi with libreelec that can be a casting target feels, to me, like the holy grail:
theverge.com/…/amazon-matter-casting-echo-show-fi…
Their business needs steady cashflows. You pay for the up time, not the queries.
Then they wouldn’t have tiered plans. Anyway try a $12/year plan with a few queries per month. $60/y adds up a lot faster.
Yup, it’s way too expensive. If they bundled it with another service to provide more value, I might consider it. But from some back-of-the-napkin math, they’re charging way more than their competitors make from ads.
I’d also be interested in a pay-per-search option. I’d be happy loading up $5 every so often if they other services didn’t find what I’m looking for.
good or not, it’s what people associate “searching” with - much as how Kleenex is just tissue paper but you dont really hear others asking for off brand tissues.
I take your point, and agree when it comes to Google
But here's rabbit hole for anyone interested. That brand name being synonymous with the product thing is actually fairly regional.
We just call them tissues here. I think you can get Kleenex brand here, but I don't think anybody cares about the brand of tissue. There's a particular kind that has some kind of aloe Vera extract which is all I'll use if I'm sick, but I don't even know what brand they are.
On the flip side, we call marker pens Biros, and where I grew up we called them Khokis
Yep, it’s regional.
Where I grew up only a few people used “kleenex”, and I never hear it where I live now.
We call it a sleeve where I come from...
Fuck off with your ads for a paid search engine.
You’re accusing Cory Doctorow, the guy who invented the phrase “enshittification”, of making a blog post that’s really an advert…? Really???
wow, what a genius. he’s going to solve world hunger next. he’s totally not “milking” nerds who think that word is the best thing since sliced bread.
That’s Cory Doctorow, my guy. He’s not making an ad.
You are paying to use Google, with all your data feeding their advertising machine.
Using SearXNG and DuckDuckGo though, but the piece does read a LOT like an ad. Even the writing style is making me suspicious.
That’s just my impression, not trying to convince anyone
I mean I really like kagi personally, but will read the article with that in mind.
E: you were right it’s very puffy. I agree with the sentiment, but the tone…
I’m still very happy with the experience, especially the UX and customisation options, and they’re developing new features fast. Not always successfully at first, e.g. the recent integration of WolframAlpha isn’t entirely a step forward (mostly because they’re not displaying the extra context that WA shows that lets you know when it’s answering the wrong question).
I think overall most people are very happy, as shown by the frequent recommendations on here (so much so that someone on Lemmy was telling everyone it must be astroturfing).
I’m convinced a lot of it is astroturfing. It’s just too perfect and consistent, with the perfect answers for everything and just the right amount of fear mongering.
What kagi can’t fix is that most forums nowadays don’t exist anymore and moved over to discord which is also a big reason for worse search results.
For example I had a technical problem with a device of mine, searched for maybe half an hour on Google until I joined a related Discord. Searching there in the support channel and I found the fix for my problem. Would Discord not exist and all the content be queryable by Google I would have found my answer within seconds.
I don’t understand this trend and i hate that it’s a thing. I also hate Discord.i shouldn’t have to go to a fucking chat room when a forum works better.
Exactly. I would be less mad if it was Matrix, but Matrix search is really slow and not likely to get better.
Forums make a ton of sense.
I really want to see more from the commune-os to make matrix communities more publically accessible or even selectivily. The AP bridge especially
And they use discord… JFC.
I think their discord is bridged to Matrix
Absolutely despise discord, fucking internet herpes.
Yeah, Matrix is way better, but the search there is way too slow on busy channels.
Just post stuff on the open Internet…
That is kinda what it was designed for before profit got involved.
I guess my point was that locking all that knowledge and troubleshooting behind chat interfaces, and obscuring it from search engines makes the internet worse
Agreed. But if it’s at least FOSS, it should be fairly easy to get the data out for searching.
I thought Kagi shut down.
I guess turns out no but if I’m going to pay for search it’s something like Perplexity.
Generative AI search engine Perplexity, which claims to be a Google competitor and recently snagged a $73.6 million Series B funding from investors like Jeff Bezos, is going to start selling ads, the company told ADWEEK…“Advertising was always part of how we’re going to build a great business,” said Shevelenko.
adweek.com/…/gen-ai-search-engine-perplexity-has-…
.
Google has also gotten lazy and is prioritizing YouTube and Reddit results, instead of webcrawler results.
The reddit results are annoying because you can only see 2 related comments without logging in. I hate that shit. I look for stack overflow links
Change the URL to old.reddit.com.
For now…
Especially after they got rid of the compact interface completely, which was a more stripped-down version of the old one, that didn’t have any of the CSS, or special effects.
The last workaround stopped working as of a few days ago.
Old Reddit may well be next on the block.
I’ve used it for quite a while now, so I can safely say it’s not just the honeymoon effect. There are certain specific searches that I will prefer Google, for example if I know an exact string from a document that I’m looking for. Google still has a larger search base so if there’s information that can only be found in one or two places, Google is more likely to work. Image and video search on KAGI is still a little bit finicky. I might use Google, DDG, or Bing for those (Actually, DDG is just a front end for Bing in this regard). For everything else, when I’m looking for information or answers to questions, Kagi is the best there is.
I’ve recently started using Qwant since Mozilla has partnered with them and I’ve been pretty satisfied so far.
What Google has over every other search engine is local results. There’s just no getting around how much useful data Google has on every business in the world.
I genuinely think Google’s success is its own undoing.
If everybody had carried on making sites in the same way they did when Google came out, the results would still be good.
Bit they didn’t. There’s gold in them thar hills, and now SEO and generated bullshit are a way to make money, while Google’s algorithms seem easy to game if you have the resources to do so.
There’s like a hundred large companies doing this, and if you blocked all their sites in the Google results it’d give results similar to Kagi and other flavour of the month search engines.
Been using kagi for several months now and can’t imagine going back. The only thing I still use google for is when I want to shop for a specific product after having used kagi to do my homework. I’m sure I can configure a filter for that, but haven’t gotten around to that yet.
I primarily use a couple locally hosted LLMs for searching for info now.
Larger LLMs are trained on so much info that they get the answer right surprisingly often.
Only thing they of course struggle with are recent events.