In case anyone was wondering, Weinberg is a pushover with no constitution. I once asked him why #DuckDuckGo doesn't filter out privacy-abusing #Cloudflare sites & it triggered him. He had no sound defense.. no good answer for it. It's clear that he simply does not have the guts to truly deliver a privacy-respecting search engine. He's fixated on serving normies who are privacy-naive.
@resist1984 Perhaps a Cloudflare MITM warning instead of filtering out the sites completely from search results? I think warnings about MITM for HTTPS is much more relevant than the common site cookie warnings.
@modrobert Studies show that a search result is *twice* as likely to be clicked on than the result immediately below it. So rank matters. A privacy respecting search engine does not give high ranks to Cloudflare sites.
@modrobert Consider what Ss does: it folds the #Cloudflare results at the bottom of the page. If the leading results are lacking, you can scroll to the bottom, unfold the CF sites & click the favicons to visit the archived mirrors of those sites. Ss: sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion
@resist1984 That Onion URL must be broken, can't load it over Tor. Anyway, I guess that's one way to do it, still prefer a warning so the visitor knows HTTPS to this site is MITMed.
@resist1984 @otso I'm not using Tor browsers, using Chromium over Tor daemon. There is a '.' in the URL, that looks wrong to me, and it doesn't load.
@modrobert @otso the hostname "sercxi." is essential. If I omit the hostname, it fails even in Tor Browser. If you prefer, you can visit https://onion.sercxi.eu.org/ from Tor and it will redirect to the onion site. There is also https://sercxi.eu.org/, which works exclusively over clearnet.
"They are 16 characters long for V2 onion services and 56 characters long for V3 onion services."
https://en.wikipedia.org/wiki/.onion#Format
The Onion URL you provided is 63 characters long (not counting the .onion part).
@otso @modrobert Ss helps you avoid #Cloudflare. First, it gives results that are not polluted with CF sites. It's ideal to avoid CF sites completely. If for some reason the non-CF sites are lacking, you can scroll to the bottom of the results and expand the list of CF sites that were filtered out. From there, you can click on the favicons to visit the archive.org mirrors of the CF sites.
@modrobert @otso Ss also flags non-CF sites that block Tor, so you know to go straight to the archives.
@otso @modrobert The umbrella is indeed the correct favicon, but it should not be a blank page. It would be interesting to know what happens if you skip the query form & try a simple GET request, such as: https://sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/?res&rq=companies%20that%20use%20facial%20recognition Notice that everything after "rq=" is the query.
@modrobert @otso Another thing to try is "Ansero". It's another search engine apparently made by the same project: https://ansero.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/
@clacke @otso @modrobert yeah, indeed. They use SSL over onion not for crypto, but for verification purposes. So it must be HTTPS, and then you must accept the cert.
@clacke @otso @modrobert What's the error message when you try sercxi.eu.org over clearnet?
@modrobert @otso I just tried it in #UngoogledChromium with DNT enabled, and indeed it does not work. The site is deliberately fussy & seems to want to encourage users to shrink their browser print, but I'm not sure what else is needed. It works for me in Tor Browser.
@otso @modrobert Sorry, I have to correct what I said earlier. http://onion.sercxi.eu.org/ *works* in Ungoogled Chromium for me. I get a "NET::ERR_CERT_AUTHORITY_INVALID" & was hasty to judge it as "broken". UG presents that error differently than Tor Browser so I didn't realize at 1st that I could click "proceed" in the fine print. Perhaps you have the same error.
@modrobert @otso Note as well that it's safe to ignore the SSL cert warning because you're ultimately going to an onion site, e2ee is inherent in the connection. The site uses SSL not for crypto but as a means for verification, & it tends to alarm people.
@resist1984 @otso sercxi.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion
Specifically the first '.' after 'sercxi' there looks wrong, hidden services Onion URL is a key plus the ".onion" part, and that key will fail.