[clug] Startpage.com

[Scott Ferguson]

On 29/12/13 23:01, bc wrote:
> Hi, Given the security discussion the other week, I would like some
> thoughts on Startpage.com I have recently discovered this site and
> have been using it for about a month with no apparent problems.


> I get an SSL connection every time.

I wouldn't put too much stock in SSL if I were you :)

> 
> Given that it is redirecting me to google


It's not redirecting you. It's a search query proxy. They're not the
first to resell Google search results, the others didn't fare well
(Google cut them off).

> and normally redirecting is a no-no

Only when it's deceptive.

> I thought I would ask here.
> 
> Thanks, Brian
> 

I'm afraid I can't see the point of that site. They poorly scrape
another search engine*1, make a lot of money but have no disernable
business model other than delivering target ads, the search results make
Bing look useful, and their privacy expert/researcher/activist majored
in Marketing (I've listened to her hard sell on US daytime television).
I note that they are "certified" by EuroPriSe, I'm not sure who
certified them but they aren't much on SSL (not even close):-
https://www.european-privacy-seal.eu/

At best their claims are deceptive. "We DON'T record your IP address" is
an NSA-like statement - clearly they *do* log IP addresses. Drill down
and you'll find they "don't keep your IP address for more than 48 hours"
and "don't use ID cookies". Like the NSA don't keep calls, only
meta-data (the call collection is outsourced).
And, yes, they do use cookies... but not always, and we don't use them
for tracking (a 3rd party could though) and they're harmless (unless you
value your privacy).  Sigh.


Not that I'd use DuckDuckGetAway either, even if I trusted their
marketing speil I *know* not to trust the guy that runs it (his previous
venture made Ffffacebook look like privacy freaks).

*1 .htaccess and mod_rewrite can do that for me without needing privacy
policy not worth the paper they're written on.


Kind regards