[tor-bugs] #4902 [Firefox Patch Issues]: Change the default search engine in TBB

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 18 08:57:03 UTC 2018 

#4902: Change the default search engine in TBB
---------------------------+-----------------------------------------------
 Reporter:  phobos         |          Owner:  mikeperry
     Type:  enhancement    |         Status:  closed
 Priority:  Medium         |      Milestone:  TorBrowserBundle 2.3.x-stable
Component:  Firefox Patch  |        Version:
  Issues                   |
 Severity:  Blocker        |     Resolution:  worksforme
 Keywords:                 |  Actual Points:  1
  MikePerry201204          |
Parent ID:                 |         Points:  1
 Reviewer:                 |        Sponsor:
---------------------------+-----------------------------------------------

Comment (by heyjoe):

 > Well the Tor Browser is supposed to protect you in case DuckDuckGo or
 its evil hosting platform try to hunt down your identity. So even if it
 was bad, it's still good with the Tor Browser.

 Of course TB provides a level of anonymization. Still the data collector
 on the other side of the wire can correlate data based on search patterns
 and subsequent site visits (which Amazon and other PRISM companies may
 track too).

 > Also they don't use Amazon for European folks, i.e. a significant
 portion of exit bandwidth.

 Not true. A simple test from EU host:
 {{{
 [~]: host duckduckgo.com
 duckduckgo.com has address 34.243.144.154
 duckduckgo.com has address 34.241.201.179
 duckduckgo.com has address 34.243.160.29
 duckduckgo.com mail is handled by 10 in1-smtp.messagingengine.com.
 duckduckgo.com mail is handled by 20 in2-smtp.messagingengine.com.
 [~]: host 34.243.144.154
 154.144.243.34.in-addr.arpa domain name pointer ec2-34-243-144-154.eu-
 west-1.compute.amazonaws.com.
 [~]: host 34.241.201.179
 179.201.241.34.in-addr.arpa domain name pointer ec2-34-241-201-179.eu-
 west-1.compute.amazonaws.com.
 [~]: host 34.243.160.29
 29.160.243.34.in-addr.arpa domain name pointer ec2-34-243-160-29.eu-
 west-1.compute.amazonaws.com.
 }}}
 > If you're still afraid, then use their onion service at the very least

 It is not that I am afraid personally but rather pointing out that DDG is
 a potential weak spot for privacy. Or are you saying that using their
 onion domain routes traffic to some other DDG servers which are completely
 disconnected from AWS, without DBs synced with them etc?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4902#comment:37>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list