• A lot of software uses systemd-journald to log errors,

  • The bash shell saves everything you type into the terminal,

  • wtmp, btmp, utmp all track exactly who is logged in and when,

  • The package manager logs all software you install and keeps the logs after uninstallation,

  • And the kernel writes part of the RAM which may contain sensitive information to the disk when your PC crashes.

While the OS isn’t sending these logs to Microsoft or Google, anyone who gets into your PC while you are logged in and your data is unencrypted can see much of what you have been doing.

If you want to be private, you must disable them.

  • hoshikarakitaridia@lemmy.world
    8·
    1 day ago

    This is more of a “be aware of your footprint” and less of a “security concern”. This post is pressing hard on the fear of data getting stolen, however none of these things are major ways in which your data gets stolen.

    It’s phishing, social engineering, default configurations, weak passwords, no MFA, compromised online-services and supply-chain-attacks, and then, and only then are we even talking about actual CVEs in your local system and app environment. And usually we are talking old ones; for apps which you haven’t updates in a while, as they are the most common.

    What I’m saying is for your target audience, this is exactly the wrong thing to focus on. Tech savvy users might wanna look into this but they are very likely aware of all these things, and amateurs definitely should focus on basic security practices.

    • FG_3479@lemmy.worldOP
      11·
      9 hours ago

      The problem with logs is that drive encryption is uselss in a Ross Ulbricht like situation where someone takes your laptop while ut is unlocked.

      • TheFogan@programming.devEnglish
        11·
        6 hours ago

        and what isn’t… pretty sure in a Ross Ulbricht situation… there was more than enough stuff he needed to remain private currently open, and in the main files. Ulbright could have been on a live CD on a computer with no physical hard drive, and it wouldn’t have helped him since they nailed him after he had logged into the silk road.

        • hoshikarakitaridia@lemmy.world
          1·
          5 hours ago

          Yeah if you wanna go tht way you have to go etheral and memory only. That means either a VM with auto reset, or tails or something. However, this is not feasible for the average Linux user.