On Wed, Jan 24, 2024, at 04:16, Stephen Farrell wrote: > > Hiya, > > On 24/01/2024 03:32, Willy Tarreau wrote: > > Even worse, sometimes > > you can discover by accident that you're having a trace caught in emergency > > while trying to spot a big prod problem and that was stored on your USB > > thumb drive, and when you (re)discover this, you're very happy to see > > that the data were encrypted. > > That's interesting - I think if there were a usable reference that > describes such a situation, or multiple thereof, that'd be quite > useful. Do you know of such?
Probably a stretch but Cloudflare blogged [1] [2] about how unencrypted HTTP information contained in the HAR format was stored on a vendor's systems. This contained an authentication token that was stolen and used to launch attacks. The scenario is similar, well-intentioned folks want to debug an issue. But the debug data can contain unnecessary toxic information. Sanitising the debug logs as described in [1] is one approach. Not capturing the fields in the first place, when then are not absolutely necessary, would be even better. Cheers Lucas [1] - https://blog.cloudflare.com/introducing-har-sanitizer-secure-har-sharing [2] - https://blog.cloudflare.com/how-cloudflare-mitigated-yet-another-okta-compromise/
