I got reports on this. I'm personally not of a mind to remove it, but it does feel irrelevant to open source. It's more a Linux sysadmin type thing.

I will say, cut down the spam. Any repeated similar musings within a week would be low value and I'd probably remove.

I personally don't agree with this and this wouldn't be relevant to most peoples risk profile.

Worth reflecting on what others have said here. I think you're worrying too much about something that will never be expolitable in standard usage and this is from someone who worries a lot about privacy.

Maybe if this is really important to you check out Tails OS which as far as I'm aware focusses on running in RAM and leaving minimal persistent state.

My favourite is that kernel writes in ram. Kid, do you even know how computers work at all? Where should the kernel write? On paper?

Anyway, worry about getting your pc compromised and prevent unwanted access both physical and remote, logs will help you detect unwanted access, so there is that: logs keep you safe.

Do not turn off logging. Or do turn off logging, it's your machine after all and you are free, as in Linux, to do so if you want.

But your privacy will not be any safer.

Repost.

FUD or at best idiocy at work here.

Its your own machine. Like saying your car knows where you live and where you work. It does, you use it, get a grip on reality. Nobody sniffing your Linux and if somebody has your root oassword they have all your data already so point is mooth.

If someone gets into your PC, you have much bigger problems than them reading the system logs.

REALITY IS NOT PRIVATE OUT OF THE BOX.

EVERY PHYSICAL INTERACTION IS BASED ON CAUSE AND CONSEQUENCE.

IF A DEMON COULD KNOW THE MOMENTUM AND POSITION OF EVERY PARTICLE, THEY COULD LOG EVERY ACTION AND THOUGHT YOU'VE EVER HAD.

WHILE NATURE ISN'T SENDING THESE LOGS TO A DIVINE CREATOR, ANY INTELLECT VAST ENOUGH TO SUBMIT THESE DATA TO ANALYSIS WOULD SEE THE FUTURE, AS THE PAST, PRESENT TO ITS EYES.

IF YOU WANT TO BE PRIVATE, YOU MUST CEASE TO EXIST

Yes, you already posted that 3 days ago

You posted this same silly thing about 3 days ago.

anyway why isn't the advice "encrypt your drives" instead of "disable all logging".

I mean your own examples are like the least serious problem.

Who is logged in and when? So we're talking a multi user system that's clearly hosting a lot... that's kind of important for an administrator to be able to track who is logging in when, to know if something goes wrong.

Package manager logs what's installed. well duh, what's the scenerio that this is even a factor? I don't want big government to know I had, qbittorrent or whatever? There's no program that's likely installed via apt that's illegal to have.

So yeah in short, stuff that's vital if you ever need to troubleshoot, useful in general, almost unthinkable to imagine situations where this is a problem (at least in situations in which someone has your user account, or root access to your system for these to be the high priority.

On the whole the idea there is like.

"If someone steals your car... they could also steal the car users manual".

"If someone gains access to your computer, they could view the log files on it"

My dude, they could view everything on it? The answer is full disk encryption, not turning off log files.

The other day I was writing in my notebook and then I opened it later to check, and everything that I wrote was there! If someone could get their hands on my notebook, they could read all my notes!

There are levels of paranoia that gets to the point of excessive time spent managing your footprint that could be better used elsewhere as I would imagine especially if you're not a high value target. I am not a high value target

I hope you post about this every 3 days for the rest of your life!

This may be true, but if you disable a lot of the logging troubleshooting your PC will become hard or impossible and a lot of people like having a bash history. Its another convenience vs privacy compromise. So just be sure to know what you are doing as always.

This is more of a "be aware of your footprint" and less of a "security concern". This post is pressing hard on the fear of data getting stolen, however none of these things are major ways in which your data gets stolen.

It's phishing, social engineering, default configurations, weak passwords, no MFA, compromised online-services and supply-chain-attacks, and then, and only then are we even talking about actual CVEs in your local system and app environment. And usually we are talking old ones; for apps which you haven't updates in a while, as they are the most common.

What I'm saying is for your target audience, this is exactly the wrong thing to focus on. Tech savvy users might wanna look into this but they are very likely aware of all these things, and amateurs definitely should focus on basic security practices.

BTW adding a space at the start of a bash command stops it from being added to history.

In this case, the only way to be truly private is to use distro on bootable drive with disabled persistent storage.