I understand that this is a very, very difficult subject for yegg and the DDG maintaners, but there's a problem:
1) DDG is located in the U.S.
2) DDG is a search engine that promises freedoms from those government surveillance that all the other search engines in the U.S. are exposed to
3) DDG is growing quite a lot in popularity (via ddg.gg/traffic).
Even if DDG is not compromised right now, how can we retain trust in the service in the long term? I don't find it unreasonable that DDG would be approached and gagged in the long term, if not already.
As the recent TrueCrypt weirdness has been playing out, I have little incentive to believe any computing service that relies on entities that are not within my immediate circle of trust. While Open code may not be infallible, one has good cause to trust in open code that runs locally and is not abusing the user (provided the open code is properly ethical and audited). With web services, we have no idea whether or not you're literally just another outlet of institutionalized spying.
I will just add that I will continue to use this service regardless as there is really no other alternative (I mean, I could use YaCy but it just doesn't provide). I understand that this is a near-impossible question to answer! I mean, what can you do? There's really nothing short of a good P2P solution that could try to combat this issue; however, that can of worms has many potential vulnerabilities. DDG has at least proven itself to be an open communicator with its users, caring about delivering a lean product that at least can be trusted to not spy on a business level. These are very valuable traits that are extremely rare with the likes of whatever garbage social web platform du jour running the web today. I have little doubt in DDG's honesty in its mission. The only real solutions to these damaging problems is to eradicate these harmful programs!
I write this in attempts to get a serious and meaningful conversation out of this.