Trying to use Kagi with other browsers lays bare the depth of collusion between browser makers and search providers. Getting out from under all that makes Kagi a whole lot more seamless and useful.
It’s ironic that it is its own tight collusion, with the difference that you can use Orion just as well with any other search providers as with Kagi.
So yeah, it seems like a departure from search, until you consider that for the features that make Kagi a worthwhile search product (privacy, neutrality, etc), “you can’t get there from here” with the other browsers.
This is something I don't understand. Kagi has been my only search engine since they dropped the price to $10/mo. I've only ever used Kagi with Firefox, and I use it on Linux, Windows, and Mac. I just add it to my search engines and set it as default, which takes about 15 seconds.
Everything seems to just work seamlessly. Searching in private windows works without any configuration or token juggling.
I have never tried the Orion browser or the extension because I don't understand the problem that they allegedly solve.
To set it as your default search engine on iOS, you need to first install a separate Kagi Search app from the App Store, enable the extension, and then dig through some fairly obscure Safari settings so that the Kagi app can run with enough permissions to intercept/redirect search URLs for other search engines.
So now when I search in Safari, the browser says “DuckDuckGo Search” but when I hit return Kagi jumps in. I also had to turn off search suggestions because those (as far as I know) would still come from DDG.
This seems more like an indictment of iOS than collusion between search and browser vendors. I'm using Kagi as my default search on Android, Linux, Mac, and Windows, both Chrome and Firefox. The kind of nonsense your describing us why iOS doesn't show up in my list of devices.
My point was more that you claimed to not understand and I was just providing an example where it does take longer than “15 seconds” to switch to Kagi.
iOS/iPhone has the majority mobile market share in many countries including the United States. If you’re unaware, Google is currently being sued by the US government for establishing a monopoly over search engine placement including payments to Apple and Mozilla to keep Google as the default search engine. So, with that context, can you honestly say there’s no collusion between search providers and browser vendors?
> My point was more that you claimed to not understand and I was just providing an example where it does take longer than “15 seconds” to switch to Kagi.
It's an example, but it's not an example that proves the point.
> iOS/iPhone has the majority mobile market share in many countries including the United States. If you’re unaware, Google is currently being sued by the US government for establishing a monopoly over search engine placement including payments to Apple and Mozilla to keep Google as the default search engine. So, with that context, can you honestly say there’s no collusion between search providers and browser vendors?
Yes, easily.
The comment was talking about depth of collusion in making it significantly not seamless. But even with Google pushing a default, it's a trivial switch on Android.
On top of that, Google pushing their search engine onto Android phones has nothing to do with "browser vendors". It's a different topic.
So I say Android is not an example, and desktop is fine, leaving the only example of problems as Apple. Even if I think that's collusion, just Apple doing a thing is not collusion over the general market of browser makers. But I'm also skeptical that it's collusion. Apple always offers limited choices and bad customizability.
I find it hard to believe that Google just happens to be the default search engine everywhere. And that the best user experience for Apple’s users is to have a search engine list that you have to pay to be on. And that if you change your default search engine or browser newtab half the browsers out there will nag you to switch it back for “security”. And if you visit the internet’s home page on anything other than Chrome you get bombarded with popups compelling you to install Chrome.
If you’re not aware of the “collusion” you might just be asleep at the wheel. You may be right semantically, though: it might not really be collusion—it’s simply light of day bribery.
> I find it hard to believe that Google just happens to be the default search engine everywhere.
I didn't say there wasn't collusion of any kind. I said Google being the default on android is not collusion with browser vendors.
And on Windows, Bing is the default.
> And if you visit the internet’s home page on anything other than Chrome you get bombarded with popups compelling you to install Chrome.
Self-promotion is not collusion.
Also critical to my point is that collusion to set a mere default is not what the original comment was talking about. You don't need to switch your browser to "lay bare the depth" of a default. They were talking about something much stronger.
The point is there are non-trivial examples where it’s really hard to switch your default search engine away from Google/Bing because all paths lead back to them (via platform self-promotion and paid placement). One might even argue that the dominant search engine owning the dominant user-agent is implicitly illegal (and thus I guess collusive, but I digress). I don’t really know what we’re arguing anymore. I think everyone knows that it’s not universally easy to switch your search engine. The fact that there are good examples like Android does not invalidate the bad examples like *OS and Windows. It’s difficult enough that I can’t believe it’s all natural and organic. Money is changing hands and/or the spirit of existing laws is being ignored to enforce or at least maim the optimal-for-users search experience. Certainly we can agree on that much.
> The point is there are non-trivial examples where it’s really hard to switch your default search engine away from Google/Bing
Bing is the only one you really get stuck with, and that only happens outside of the browser. You can change the search engine for searches started inside of Edge.
Bing is also not an example of collusion. It's Microsoft promoting Microsoft.
> I don’t really know what we’re arguing anymore.
Here is what I'm arguing: If you want to say there is a mixture of different types of collusion and monopolistic self-pushing connected to search engines, I agree with you. But the claim earlier was about a very specific type of [deep] collusion, that would make it difficult to change the search engine that a browser uses, that is easy to see when trying to use Kagi. But that difficulty only exists on iOS. It's not true in general. (And I'm not convinced that the specific issue on iOS is a collusion problem rather than an Apple-knows-best problem.)
Google pays to be the default. AFAIK they don't pay to make the switching experience maliciously difficult. After all, the switching experience on Android is dead simple. That seems to be another unilateral decision by Apple to keep you in your lane.
> To set it as your default search engine on iOS, you need to first install a separate Kagi Search app from the App Store, enable the extension, and then dig through some fairly obscure Safari settings so that the Kagi app can run with enough permissions to intercept/redirect search URLs for other search engines.
And worse, even then it will then only work (at least for me) about 3 times of 4. The other times it will give you the "dummy" site you don't want, and you'll have to reload to get Kagi. Or sometimes it will reload for you after an indeterminate delay, sometimes even after you've already clicked through to a result.
I'm still (mostly) happy with Kagi, but I gave up using their extension for Safari on desktop. I'm having much better luck using a custom redirect in StopTheMadness. I'm not sure what they do differently, but setting Safari to use Ecosia and redirecting with StopTheMadness seems to avoid the problems I was having with Kagi's dedicated extension.
If I understand your response correctly, it boils down to "specific browsers do irritating things".
So I honestly still do not understand. It does not make sense for the raison-d'etre for the Orion browser to be "we don't do the irritating thing that Safari does" when most other browsers also don't do that thing. But clearly people want to use the Orion browser. So I guess I'm just (still) missing what the point is.
that extension intercepts the queries. Kagi couldn't make it any other way. And I don't mean this as a grievance against Kagi, but agains APPL's policies.
It’s Safari you’re talking about. All other browsers, even Chrome, support arbitrary default search engines, while Safari doesn’t even support them via extension, requiring ugly redirect hacks. Privacy Pass is similar, with all browsers letting you implement it as an extension, except Safari. The problem is entirely and only Safari.
> Trying to use Kagi with other browsers lays bare the depth of collusion between browser makers and search providers.
Absolutely. Safari not offering any way to add Kagi without weird hacks or extensions is absurd.
I get the case for search engines paying browser vendors a cut for being the default, but still getting paid after the user has overridden that selection is already somewhat dubious, and not allowing the user to fully provide their own query URL at all should be illegal.
I'm curious how you think this can be analyzed effectively.
Yes, I'm aware of bytecode analysis, but that's a slow difficult process, and for browsers, the release cycle is short enough that by the time you're done analyzing the current version, a new version is out, and it's significantly harder and less useful to diff a binary, so you end up having to basically start the analysis over for the new version. Unless there's something going on here that I don't know of, that's simply not a viable means of keeping track of browser security.
Evaluating browser security is hard. Checking privacy guarantees is easy: you can just look at the traffic it generates. Vlad has a pretty simple and quite strong policy that Kagi doesn’t phone home unless you agree to it. If you find it does otherwise (should be pretty easy to monitor) you should take it up with him.
Malicious software has a long history of detecting monitoring so it can avoid detection. A closed-source browser with backdoors can detect Wireshark, Little Snitch, or whatever you're using to detect outgoing connections, and not connect while those programs are running.
The problem is even more insidious when you're making regular expected connections to a site that the browser creator controls. Many (most?) Orion users are already connecting to Kagi on a regular basis, so they can simply wait until the user logs in to Kagi and smuggle out the data they've collected along with the login request.
In the most extreme case, the browser can not exfiltrate any data at all unless triggered to do so. In this case, the attacker targets specific victims to exfiltrate data from, but avoids exfiltrating from any security researchers or knowledgeable users who might be running software to detect the exfiltration.
In short, the goal here is for those of us with more knowledge to be able to verify the software for every user, because not everyone is capable of monitoring their outgoing traffic effectively, and it's far too easy for backdoored software to simply not phone home when it's being monitored.
This is true of open source software too. At some point you have to trust that the software you run is not designed to act like malware, because if it is actually backdoored your life is going to be miserable regardless.
Huh? It's not true of open source software at all.
With open source software, you can read the source and verify that it doesn't have backdoors. With reproducible builds, you can verify that distributed binaries are the result of building the source code you've verified.
Honestly, if you couldn't figure out that this was going to be my response, you simply don't have the knowledge to be commenting on this topic. I didn't come up with anything I've said here myself, it's pretty basic, widely agreed-upon understanding of why open source is generally more secure. The only people who actually know the topic who "disagree" on this generally have a vested interest in some closed-source software they want to be seen as secure.
It’s ironic that it is its own tight collusion, with the difference that you can use Orion just as well with any other search providers as with Kagi.
So yeah, it seems like a departure from search, until you consider that for the features that make Kagi a worthwhile search product (privacy, neutrality, etc), “you can’t get there from here” with the other browsers.