Tim Schwartz <[email protected]> writes: > This is super helpful btw. Thanks. > > What do people generally use as a rule of thumb on timing for log > rotations on web servers that are privacy focused?
Depends on your threat model, but possibilities are: 1. no logs at all, no rotation needed (when you have a ton of data, this is actually a lot easier) 2. logs only in memory (vulnerable to vampire tap, or preservation orders) 3. rotate stored logs in as short of a time as possible so that you can balance usefulness against being an arbitrarily deputized state agent. when it comes to logging people generally want it for one of these things: 1. surveillance capitalism - monetize visitors behaviors, sell to data brokers, track you across the web, advertising 2. ego vanity - it feels good to know that 500 more people visited your site this month, compared to last month 3. debugging If you can get over the first two (requires a bit of transcendence above the earthly trappings of being human), the third one is really the only reason to have any logs at all. Fortunately, you can actually get by without keeping any logs, and just turn them on *when you need to debug something* and then *turn them off immediately afterwards*. In this scenario, you are only giving up the possibility of debugging past problems that you cannot reproduce. A worthy sacrifice. _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
