-
A lot of software uses
systemd-journaldto log errors, -
The bash shell saves everything you type into the terminal,
-
wtmp, btmp, utmp all track exactly who is logged in and when,
-
The package manager logs all software you install and keeps the logs after uninstallation,
-
And the kernel writes part of the RAM which may contain sensitive information to the disk when your PC crashes.
While the OS isn’t sending these logs to Microsoft or Google, anyone who gets into your PC while you are logged in and your data is unencrypted can see much of what you have been doing.
If you want to be private, you must disable them.
My favourite is that kernel writes in ram. Kid, do you even know how computers work at all? Where should the kernel write? On paper?
Anyway, worry about getting your pc compromised and prevent unwanted access both physical and remote, logs will help you detect unwanted access, so there is that: logs keep you safe.
Do not turn off logging. Or do turn off logging, it’s your machine after all and you are free, as in Linux, to do so if you want.
But your privacy will not be any safer.
I think the Problem is the kernel dumping RAM to disk in crash. Potentially containing secrets.
That’s optional and should not be enabled by default. If your distro does that, I would think about switching.
But when you need it, it’s a feature that must be there… Or debugging is impossible. Think of driver development for example.
But it needs to be enabled.