11:38 AM

Former NSA And Google Engineers Launch A New And More Secure Disconnect Search

Disconnect Search protects users’ privacy in four ways

Palo Alto, CA (March 24, 2014) -- Disconnect, a leading developer of popular consumer privacy and security software, today announced the launch of a new, faster and more secure Disconnect Search product that protects users' privacy by preventing web searches from being tracked. (

Developed by an ex-NSA engineer and three ex-Google engineers, Disconnect Search allows people to search privately without having to change their behavior. Unlike other private search solutions, Disconnect Search was designed so users can search privately using the web's most popular search engines, including Google, Bing, and Yahoo.

Disconnect Search protects users' privacy in four ways:

1. Search queries are routed through Disconnect's servers, which makes the queries look like they're coming from Disconnect instead of a specific user's computer.

2. Search engines are prevented from passing keywords to the sites that are visited from search results pages.

3. All queries are encrypted, which prevents ISPs and eavesdroppers in your network from seeing them.

4. Disconnect doesn't log any keywords, personal information, or IP addresses.

Disconnect Search is now available via a webpage (; as an Android app (; and for Chrome, Firefox, Internet Explorer, and Safari desktop browsers. First launched in October of 2013, Disconnect Search is one of the fastest-growing search products of all time and now adds significant speed and security enhancements to improve users' privacy and search performance.

"Demand for online privacy has never been higher," says Disconnect co-founder Casey Oppenheim. "People don't want or expect search engines, Internet service providers, the government, and websites they visit to record and connect their searches with their real name. Unfortunately, this type of unwanted tracking of our search history and other personal information is all too prevalent."

The new Disconnect Search is optimized for speed, search results load more than twice as fast as the previous version. Disconnect Search also has enhanced security features, including support for the latest versions of Transport Layer Security (TLS) and Perfect Forward Secrecy (PFS) so that a user's search history stays as private as possible, even in the event that Disconnect's private encryption keys are compromised.

"We worked closely with leading security experts, cryptographers, and search engineers when designing Disconnect Search," says Disconnect CTO and former NSA engineer Patrick Jackson. "We're proud that we're able to offer both cutting edge privacy and security, and significantly faster load times to give privacy-conscious users a better all-around search experience."

The latest Disconnect Search technology was also recently selected as the default search provider for Blackphone (, the world's first smartphone placing privacy and control directly in the hands of its users. Created by SGP Technologies, a joint venture of Silent Circle and Geeksphone, Blackphone launched during Mobile World Congress and offers a full suite of applications giving worldwide users unprecedented control over privacy and security.

"We knew very early on that we wanted to partner with Disconnect, because the team behind it is totally aligned with our objectives for privacy," said Toby Weir-Jones, CEO of SGP Technologies. "Enabling private search on Blackphone by default is central to our goal of leaving no digital footprints without the user's knowledge or permission. Disconnect Search harvests all the accumulated knowledge of the internet without forcing the user to give up their personal information." Disconnect Search will arrive pre-installed on Blackphone devices' Android&trade based PrivatOS operating system, ensuring users' mobile searches are private right out of the box.

Disconnect Search includes the following features:

● Native results -- Users can stay private and get results from their favorite search engine.

● Familiar experience -- Users can search directly through their existing browser's omnibox or address bar.

● Privacy everywhere -- Users can search privately all the time, from anywhere they'd typically search, including their search engine's homepage and results pages.

● Cookie blocking -- Users can remain logged into their accounts and still search anonymously.

A video about how Disconnect Search works can be viewed at

About Disconnect

Disconnect was founded on a basic principle: that people should have the freedom to move about the Internet -- and their lives -- without anyone else looking over their shoulder. The company was started in 2011 by a former Google engineer and a consumer-rights attorney.

Disconnect's top-rated apps stop tracking by third parties and search engines and are used by more than 1,500,000 people every week. Visit Disconnect on the web at

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

Published: 2015-07-05
SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote authenticated users to execute arbitrary SQL commands via modified serialized data in a salt cookie.

Published: 2015-07-04
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

Published: 2015-07-04
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report