No logs here, move along....
May 26, 2003 3:09 PM   Subscribe

The No Logs Network is encouraging web hosts and system admins to refrain from keeping site access logs, saying their storage can constitute a threat to free speech. It sounds like a good idea, but considering how paranoid many system admins tend to be, one has to wonder whether it could ever really take off as a movement.
posted by mrbula (24 comments total)
A secondary issue could be whether most average Internet users would be able to understand (or agree) why such a movement would be important. I think I could get a lot of the geeks I know to support something like this, but the vast majority of my friends would probably squint and ask me why I was bothering them with all this "technical stuff."
posted by mrbula at 3:13 PM on May 26, 2003

I tend to think that the owner or administrator of a website has the right to whatever information is available about the people accessing their own information. I tend to view websites as private property, so if people want to keep track of who is visiting, referring to, or making use of their content, it's their own right, and I'm not sure how you could really contest that idea.
posted by catfood at 3:23 PM on May 26, 2003

This is stupid. Web site owners and sysadmins alone can't make this work. When someone visits a particular site there are tracks all over the place, from the local client machine to the DNS servers resolving the hostname to myriad of ISPs along the route to a host without all of the above getting in on the action this is pointless, let alone if there is actually some sort of financial transaction takes place.
posted by bitdamaged at 3:23 PM on May 26, 2003

Logs are important for forums, even free-speech ones, to track problem posters and effectively ban them. I run a discussion forum that's completely free-speech provided you commit no crime (you can't post the DeCSS, nor links to copyrighted content). I've had to rely extremely heavily on logs in order to determine which IPs are used by problem posters and ban the /24s of those posters (the entire 255 IP address subnetwork they use, and in very extreme cases the /16s for a short period of time).

Without logs, I'd never stand a chance of ridding myself of people who insist on breaking the law just to be an asshole and give me extra work. I know that as far as viewing static content goes I'd be more than happy to give up logs older than three months (# of pageviews and monthly unique IP tallies aside) as they are no longer useful for security purposes, but for parts of the site where viewing and creating/modifying interactive content is done and you as an administrator can be held legally liable for the publication of criminal materials logs are an absolute necessity.

Also, what bitdamaged said about ISPs and DNS servers, though I'm in favor of people running their own DNS servers where possible and the WWW shifting to end-to-end encryption anyway, both of which would make his point moot 'in the far-flung future!'

Finally, keep in mind something - many websites are dependent on advertisements and the advertisers' code already logs all the IPs and scads of other info from people viewing the website anyway - this sort of makes not logging a moot point. Still, I wish the No Logs guys the best of luck - I certainly don't like having my info logged.
posted by Ryvar at 3:41 PM on May 26, 2003

If you are concerned about free speech, you need to encrypt all your internet traffic. Use SSL tunneling so all your web activity is hidden from prying eyes and the only IPs reported will be from your SSL server. If you're really freaked out about this, send all email (Gnu-) PGP encrypted, and read it on an encrypted ssh connection.

I don't see why the privacy of individuals is up to organizations and people running webservers, it should be up to individuals.

It's like those supermarket club cards. There have been several instances where a person's purchase history was used against them in a court of law, but if you're concerned with your personal liberty, you don't solve the problem by telling Safeway to stop issuing club cards and savings. You end the problem by not letting them datamine your purchases in the first place, which is simple. Never use a club card and only pay cash for groceries.
posted by mathowie at 3:50 PM on May 26, 2003

Now I'm wondering what the hell you could possibly buy at Safeway to get you into trouble with the law...
posted by catfood at 4:03 PM on May 26, 2003

Never use a club card and only pay cash for groceries.

and get ripped off. i have a better idea. criminalize discriminatory pricing.
posted by quonsar at 4:56 PM on May 26, 2003

Matt: regarding privacy/security - as a bona fide paranoid, the best solution for my money if I was going whole hog would be GPG-encrypted mail with key length set to 4096 bits or more (thanks to DJ Bernstein's advancements in RSA factoring it is now possible to break 1024-bit keys in realtime if you're the NSA and have about $1 billion lying around), sent through MixMaster remailer networks (the only way to guarantee TRUE anonymity on the Internet, ever).

I'd also probably setup the website completely on Freenet rather than the WWW, which would be an interesting endeavour as the medium doesn't exactly lend itself to interactive/dynamic content - but it is still possible to pull off.

Back in real life, while we have a pretty nasty locked-down and stripped-clean OpenBSD server setup, we still wanted something moderately useable in the 'anybody surfing off the web can participate with a normal browser' without going into SSL/TSL crap - many of our participants are employees of major corporations surfing through very restrictive firewalls (that block both incoming AND outgoing port 8080 packets to prevent shopping on during working hours, bastards).

Anyways, all that aside, here's how to handle Safeway tracking your purchases: take a friend's old card and then sign on for Rob of's army of Safeway clones. As usual, Rob of Cockeyed reveals himself as the most godlike individual to ever grace the Internet.
posted by Ryvar at 5:26 PM on May 26, 2003

This is a nice idea, however any company that quotes access stats for a site in anything official probably has to keep the access logs for a number of years in order to meet auditing regulations. Given that this accounts for the majority of commercial sites it's never going to work.

And as has been previously mentioned the amount of information that the banner advertisers keep is huge.

On the plus side not logging can speed up your server so it has some extra geek points.
posted by mr_stru at 5:52 PM on May 26, 2003

The thing logs are most useful for is statistical correlation, which means that you don't need IP addresses, you just need a unique identifier; so you feed your logs through a one-way hashing mechanism of some kind; that way you get accurate stats while protecting privacy.
posted by hob at 7:14 PM on May 26, 2003

I keep logs for ten days. That's firmly established Official Site Policy, which will basically take a court order for me to change. I doubt any court can get an order out within ten days, but hey, that seems to be their problem. Ten days of logs is plenty for me to be able to grep back and find out anything that happened recently, and otherwise who cares? I've got compiled stats from before that.

I think computery type people get a little too excited about having permanent records of anything that ever happened anywhere, myself. I'm happy letting the past be the past.
posted by rusty at 7:21 PM on May 26, 2003

Someone hack these guys back to the stone-age, and see how anti-site-log these guys are.
posted by Dark Messiah at 8:19 PM on May 26, 2003

The only problem with site logs is that they can be subpoenaed if the government wants to restrict the speech of, say, a poster to MetaFilter. I have no problem with Matt knowing who I am; I do have a problem with the FBI knowing who I am. This is reminiscent of library practice — many libraries destroy circulation records once you return a book to prevent your reading habits from being used against you.

I wonder if site logs could be encrypted, with the key being stored on a computer outside the relevant jurisdiction; might this mean that the courts could only subpoena the encrypted logs? IANAL.
posted by IshmaelGraves at 9:05 PM on May 26, 2003

Am I the only one who has a philosophical problem with the idea of banning people by IP address? Or especially address blocks? I, like probably 99% of Internet users, use a large ISP that hands out dynamic IPs, even for DSL connections, which means if Joey Joe Joe Junior Asshat was posting things obnoxious enough to to get his IP block banned, and I happen to draw an IP in that block the next time my router and my DSL provider play musical chairs, *I* can't access even though I did no wrong.

Having said that, no I don't have a better solution, other than perhaps banning by MAC address (would this even work? Are MAC addys visible to outside sites?) Though, that might not stop JJJ Asshat should he have another computer, or access to a MAc address spoofing utility...

IshmaelGraves: While this may be cold comfort to some, I suspect the "FBI subpoena problem" needs a legal/constitutional solution, not a technical one. (Whether or not you're likely to get it is a subject for another thread.)
posted by arto at 9:44 PM on May 26, 2003

Since determining that there was a problem with Squid at work but not actually being able to fix it, we don't even run a proxy here anymore, nevermind logging it.

Any logs we do make are for debugging purposes only, or because that's the default and I haven't noticed it to turn it off. One server purges any logs it does make on a dairly basis because it's an old PC with little or no space on the hard drive.

Employee use of the Internet is left as a problem for the department managers to solve, iff need be. Either the staff are doing their job or not -- the internet is not the cause of low performance, just a related symptom.
posted by krisjohn at 11:47 PM on May 26, 2003

Are MAC addys visible to outside sites?

No. They're a layer below TCP/IP in the network stack, so they do not travel over the Internet.
posted by kindall at 12:28 AM on May 27, 2003

Having said that, no I don't have a better solution, other than perhaps banning by MAC address (would this even work? Are MAC addys visible to outside sites?) Though, that might not stop JJJ Asshat should he have another computer, or access to a MAc address spoofing utility...

Not only are they a layer below TCP/IP as noted by kindall, it's possible to get your drivers in both Linux and Windows (the former far more easily than the latter) to misreport the MAC address. This is very, very useful for swapping computers on certain AT&T cable modem networks, *ahem*.
posted by Ryvar at 3:32 AM on May 27, 2003

Run my own DNS and server, and I run a log parser over the web server logs every few days days, primarily for troubleshooting, but I do track referrers (I'd like to know where they are coming from, like vistors from MeFi). I do keep them in archival format though.
posted by Samizdata at 5:05 AM on May 27, 2003

Logs are an awfully good way of finding out which IP is sending you 500,000 hits a day (10 hits/second), which is what happened to me a weekend or two ago. That's one reason to block an IP, arto.
posted by mcwetboy at 6:51 AM on May 27, 2003

IP blocks are of limited short-term value in extremely unusual situations. Like mcwetboys example of some IP pumping out requests in a presumably automated fashion. Using them against humans is pretty pointless. There are much better ways to block a specific person at the application layer (banning a username, for example), and if someone is determined enough to avoid that, they will easily route around your IP blocks.
posted by rusty at 7:13 AM on May 27, 2003

IP bans are often aimed at the entire block of the offender's ISP, and are aimed at forcing the ISP to deal with the offending user. This works best when you manage to piss off other users who use that ISP enough to get them to complain to the local abuse@ address.

The main problem with all this is that the FBI can obtain a court order to force you to turn on your logs.
posted by hob at 9:08 AM on May 27, 2003

Surprised not to see any mention here of, where dumping the logs after 24 hours is the main thing they do.
posted by soyjoy at 9:34 AM on May 27, 2003

Oh a note about ads collecting information.

I don't know what software did it but one of my little adbusting apps created a Hosts file that routes most ad domains to (the default loopback IP addy). It's a fairly efficient and simple way to block many ads (especially those annoying flash ads that go over the content) and their associated info harvesters.
posted by bitdamaged at 10:41 AM on May 27, 2003

"Never use a club card and only pay cash for groceries."

"and get ripped off. i have a better idea. criminalize discriminatory pricing."

Many of my friends and I simply trade our grocery cards. We use fake names to register them and then every few weeks trade the cards. This way we get to take advantage of discounts, but the data miners get crap information.

"Now I'm wondering what the hell you could possibly buy at Safeway to get you into trouble with the law..."

One example I have heard is someone who sued a grocery chain because they slipped and fell at one of their stores. The chain used the information they culled from their data mines--namely that this person bought a lot of liquor--and then argued that the person was probably drunk at the time of their fall. I don't recall the outcome of the case.
posted by terrapin at 11:09 AM on May 27, 2003

« Older meanwhile in the congo   |   Evil through and through. Newer »

This thread has been archived and is closed to new comments