On Sun, 29 Apr 2001, Declan McCullagh wrote:
>Right, in most circumstances you're not required to keep logs. But there
>are some cases, albeit a fairly narrow subset, in which you'd want to have
>log files that are available to you but not an adversary using legal process.
>
>-Declan
If you need your logs for technical debugging, do your technical
debugging diligently and daily, and erase them immediately after.
Until the moment they are erased, they are vulnerable to theft,
whether the thief has a subpeona or not.
If you want to preserve relevant information from your logfiles,
just lift out the relevant information and nothing else. Mung
it into a completely different form (so it's not a "logfile"
anymore), encrypt it, and save it to a private directory. With
any luck, a regular data thief won't find it. Short of making a
bad mistake, even if they do find it they won't be able to decrypt.
If you're forced to guide a thief with a subpeona to it, there's
no guarantee that the info *you* found relevant is the same info
they want.... and also the precedent on whether you can be jailed
for refusing to reveal a key you keep in your head is fuzzy at
best.
Bear
