i'll bet greenhost is ammenable to privacy focused logging configs. .hc
Tim Schwartz: > Thanks Micah, > > Yeah I really only think server logs are valuable as debugging, if $$$ is the > core concept behind data analytics, then better to do it with a different > system than straight server logs anyway. I really like this idea… > >> Fortunately, you can actually get by >> without keeping any logs, and just turn them on *when you need to debug >> something* and then *turn them off immediately afterwards*. In this >> scenario, you are only giving up the possibility of debugging past >> problems that you cannot reproduce. A worthy sacrifice. > > Though once you are scaling to a few servers or a higher level production > environment, turning on / off logs might not be such an easy feat. > > Is anyone aware of managed hosting systems that have opted for privacy > focused logging options? Might be an interesting space to investigate in > general. > > Cheers, > Tim > > >> On Jan 30, 2018, at 9:42 AM, micah <mi...@riseup.net> wrote: >> >> Tim Schwartz <t...@timschwartz.org> writes: >> >>> This is super helpful btw. Thanks. >>> >>> What do people generally use as a rule of thumb on timing for log >>> rotations on web servers that are privacy focused? >> >> Depends on your threat model, but possibilities are: >> >> 1. no logs at all, no rotation needed (when you have a ton of data, this >> is actually a lot easier) >> >> 2. logs only in memory (vulnerable to vampire tap, or preservation >> orders) >> >> 3. rotate stored logs in as short of a time as possible so that you can >> balance usefulness against being an arbitrarily deputized state agent. >> >> when it comes to logging people generally want it for one of these >> things: >> >> 1. surveillance capitalism - monetize visitors behaviors, sell to data >> brokers, track you across the web, advertising >> >> 2. ego vanity - it feels good to know that 500 more people visited your >> site this month, compared to last month >> >> 3. debugging >> >> If you can get over the first two (requires a bit of transcendence above >> the earthly trappings of being human), the third one is really the only >> reason to have any logs at all. Fortunately, you can actually get by >> without keeping any logs, and just turn them on *when you need to debug >> something* and then *turn them off immediately afterwards*. In this >> scenario, you are only giving up the possibility of debugging past >> problems that you cannot reproduce. A worthy sacrifice. > > _______________________________________________ > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > To unsubscribe, email: guardian-dev-unsubscr...@lists.mayfirst.org > -- PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: guardian-dev-unsubscr...@lists.mayfirst.org
