• A lot of software uses systemd-journald to log errors,

  • The bash shell saves everything you type into the terminal,

  • wtmp, btmp, utmp all track exactly who is logged in and when,

  • The package manager logs all software you install and keeps the logs after uninstallation,

  • And the kernel writes part of the RAM which may contain sensitive information to the disk when your PC crashes.

While the OS isn’t sending these logs to Microsoft or Google, anyone who gets into your PC while you are logged in and your data is unencrypted can see much of what you have been doing.

If you want to be private, you must disable them.

  • FG_3479@lemmy.worldOP
    1·
    6 hours ago

    The problem with logs is that drive encryption is uselss in a Ross Ulbricht like situation where someone takes your laptop while ut is unlocked.

    • TheFogan@programming.devEnglish
      1·
      2 hours ago

      and what isn’t… pretty sure in a Ross Ulbricht situation… there was more than enough stuff he needed to remain private currently open, and in the main files. Ulbright could have been on a live CD on a computer with no physical hard drive, and it wouldn’t have helped him since they nailed him after he had logged into the silk road.

      • hoshikarakitaridia@lemmy.world
        1·
        2 hours ago

        Yeah if you wanna go tht way you have to go etheral and memory only. That means either a VM with auto reset, or tails or something. However, this is not feasible for the average Linux user.