cross-posted from: https://lemmy.world/post/26342568
At launch, access to Mullvad Leta was restricted to users with a paid Mullvad VPN account, but it is now free and open to all.
Mullvad Leta has been audited by Assured.
Just a heads up, some of the details in the FAQ and Terms of Service seem a bit outdated and might not be accurate anymore.
Some relevant information from their FAQ section is as follows:
What can I do with Leta?
Leta is a search engine. You can use it to return search results from many locations. We provide text search results, currently we do not offer image, news or any other types of search result. Leta acts as a proxy to Google and Brave search results. You can select which backend search engine you wish to use from the homepage of Leta.
Can I use Leta as my default search engine?
Yes, so long as your browser supports changing default search engines.
Navigate to https://leta.mullvad.net/ in your browser and right-click on the URL bar.
From there you should see Add “Mullvad Leta“ with the Mullvad VPN logo to the left.
If you do not see this, you can attempt to add a custom search engine to your browser with:
- The name set to: Leta
- The URL set to: https://leta.mullvad.net/?q=%25s
You can select which backend engine to use as follows:
- Google: https://leta.mullvad.net/?q=%25s&engine=google
- Brave: https://leta.mullvad.net/?q=%25s&engine=brave
Did you make your own search engine from scratch?
We did not, we made a front end to the Google and Brave Search APIs.
Our search engine performs the searches on behalf of our users. This means that rather than using Google or Brave Search directly, our Leta server makes the requests.
Searching by proxy in other words.
What is the point of Leta?
Leta aims to present a reliable and trustworthy way of searching privately on the internet.
However, Leta is useless as a service if you use the perfect non-logging VPN, a privacy focussed DNS service, a web browser that resists fingerprinting, and correlation attacks from global actors. Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
For most people Leta can be useful, as the above conditions cannot ever truly be met by systems that are available today.
What is a cached search?
We store every search in a RAM based cache storage (Redis), which is removed after it reaches over 30 days in age.
Cached searches are fetched from this storage, which means we return a result that can be from 0 to 30 days old. It may be the case that no other user has searched for something during the time that you search, which means you would be shown a stale result.
What happens to everything I search for?
Your searches are performed by proxy, it is the Leta server that makes calls to the Google or Brave Search API.
Each search that has not already been cached is saved in RAM for 30 days. The idea is that the more searches performed, the larger and more substantial the cached results become, therefore aiding with privacy.
All searches will be stored hashed with a secret in a cache. When you perform a search the cache will be checked first, before determining whether a direct call to Google or Brave Search should be made. Each time the Leta application is restarted (due to an upgrade, or new version) server side, a new secret hash is generated, meaning that all previous search queries are no longer visible to Leta
What could potentially be a unique search would become something that many other users would also search for.
What is running on the server side?
We run the Leta servers on STBooted RAM only servers, the same as our VPN servers. These servers run the latest Ubuntu LTS, with our own stripped down custom Mullvad VPN kernel which we tune in-house to remove anything unnecessary for the running system.
The cached search results are stored in an in-memory Redis key / value store.
The Leta service is a NodeJS based application that proxies requests to Google or Brave Search, or returns them from cache.
We gather metrics relating to the number of cached searches, vs direct searches, solely to understand the value of our service.
Additionally we gather information about CPU usage, RAM usage and other such information to keep the service running smoothly.
It’s not a search engine, it’s a proxy. If it were a real search engine, I’d get excited.
I already said why I liked Leta so far, so here are some observations from Android.
🟢 In Cromite, it picked Leta up as a possible search engine after one search. And if it hadn’t, I could visit
chrome://settings/searchEnginesto add it myself with the URLhttps://leta.mullvad.net/?q=%25s!🟡 Firefox did not pick up the search option, luckily I could manually add it with the URL above. (Manual adding is hidden on desktop Firefox, which I have not yet tested.)
🔴 Mobile Brave, which has tried to distinguish itself as inclusive when selecting a search engine, fails to pick it up at all. It also appears to lack any tool to add it manually.
For one: since mullvad is blocked in my country i can’t even access the search engine.
… Yeah, i’m sticking with DDG/SearXNG. They’ve never failed me.
Honestly, while I appreciate the Mullvad initiative, as a Mullvad VPN customer, their choices still primarily serve up thinly disguised advertising as the top search responses, compared to my own self hosted SearXNG results: https://github.com/searxng/searxng
How did you determine that? They specifically state there are no ads per their terms of service.
Correct. They can’t remove the SEO bullshit Google has just ingrained in its search results though. Or that’s my understanding
Wouldn’t searxng run into that same issue though? Its just aggregated SEO instead of a single SEO source
Valid ? Unsure tbh.
They just proxy your queries to google, like startpage, so they just show whatever google returns.
But they also tell you whether your results were already cached from within 30 days so you’ll know if someone else has recently searched for your horrific niche porn category
Maybe they were testing cached results exclusively? The first thing I did when I tested their search engine was enable cache and, creatively, type “Mullvad.” I was immediately treated to an article about why you shouldn’t use their search engine… So it was more like I got anti-advertisement from them.
Non-cached results behaved typically.
just tried it. search results are crap. nothing accurate. Google’s fault yes, but still makes this unusable.
It’s worth noting it proxies either Google or Brave search results. I can understand why the latter is a no-go for people, though.
There aren’t really many other options, so if you’re looking for good results, there’s always DuckDuckGo (my mainstay, which I like well enough) or a ton of niche options.
maybe i have too high expectations, but i deeply hate DDG’s results also. not the company, just the search results. never show me what I’m looking for.
What wasn’t accurate?
an easy example is that i searched an explicitly porn/sexual word but no porn was retrieved, only dictionary and encyclopedia entries about the word.
that would be fine there’s a setting to turn safe search on or off, but there’s no setting. the choice is not available.
hello default search
Would definitely add to my roster of search engines
