Choopa privacy policy

[wastlnd]

Your privacy policy is really great, maybe the best one I have found so far across the searxng public instance. However I wonder what about the network (Choopa) policy? I took a quick look at it and it doesn't look that great:) sorry for looking kinda paranoid, just out of curiosity.

[vojkovic]

Thanks for your question. Honestly, with infrastructure, its very hard to find a provider who doesn't keep logs --for various reasons. I like Choopa / Vultr / Constant or whatever they call themselves now because they offer a really competitively priced high frequency compute VPS package. So, can they see your searches?... they can probably only see the same information that your ISP can. I mean... no logs are stored on the server so even if they took a snapshot of the box they wouldn't be able to find anything. The way TLS works should mean it's impossible to decrypt past searches because of PFS even if they get the private key of the server. Anyways, it's not illegal to host searxng thankfully so this shouldn't really be a concern.

[wastlnd]

Thank you for your detailed explanation. Actually the providers' policies are rather vague when it comes to data treatment, AFAIK Hetzner (Germany) should be one of the most reliable, it's used by more than one searxng devs tho I don't know anything about its pricing. Generally speaking European providers should be stricter and more transparent, while US ones (notable exceptions being IncogNET and Privex) are more opaque about third party services and logging.

[vojkovic]

Thanks for the feedback, my needs require that the instance be located in Singapore, primarily because most big search engines have servers located in Singapore which gives my instance incredibly good response times. It's also an instance meant for the OCE / Australian region and there are already very fast European and American instances. In truth, I don't think any large IaaS providers are searching through customer's servers.