• A lot of software uses systemd-journald to log errors,

  • The bash shell saves everything you type into the terminal,

  • wtmp, btmp, utmp all track exactly who is logged in and when,

  • The package manager logs all software you install and keeps the logs after uninstallation,

  • And the kernel writes part of the RAM which may contain sensitive information to the disk when your PC crashes.

While the OS isn’t sending these logs to Microsoft or Google, anyone who gets into your PC while you are logged in and your data is unencrypted can see much of what you have been doing.

If you want to be private, you must disable them.

  • FG_3479@lemmy.worldOP
    1·
    6 hours ago

    Drive encryption is useless if your laptop is taken while unlocked. Learn from Ross Ulbricht.

    • artyom@piefed.socialEnglish
      1·
      1 hour ago

      Ross was foolish to be running the largest black market in the world from a public library. They make magnetic kill switches for that sort of thing. No amount of security is impervious to bad decisions.

    • TheFogan@programming.devEnglish
      3·
      5 hours ago

      and security on pages is useless if you are logged in.

      We’re already talking the least of security problems (IE the device being physically confiscated).

      In ross’s case which hurt him more do you think, the fact that his system probably had logs of what he installed… or the fact that it was taken while he was logged in as administrator to the silk road? and it supposedly contained a journal… not system logs, but activities that he specifically wrote out detailing his daily activities.

      The point again is someone gaining physical access to the computer itself, while you are literally in the process of doing things that you don’t want known about, what you are currently working on is 100x more valuable to the thief, feds or whatever, than any of the low level stuff that the logs are likely to be recording.