Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UI settings: Add option to disable logging to files #12948

Open
kiminuo opened this issue Apr 29, 2024 · 3 comments
Open

UI settings: Add option to disable logging to files #12948

kiminuo opened this issue Apr 29, 2024 · 3 comments

Comments

@kiminuo
Copy link
Collaborator

kiminuo commented Apr 29, 2024

@BTCparadigm asked me to open this issue.

Description

The goal is to add to the UI settings an option to specify whether logs should be stored in logging files (Logs.txt and TorLogs.txt) or not. UX-wise I would expect a toggle button.

We have --LogsMode command line option to specify which logging targets are to be used (see #12919 (comment)). So code-wise it should be reasonbly ready for adding of the new option to settings.

Reasoning

This is to be considered whether we should really have it or not. The original issue mentioned as a reason:

Given that probably only few users ever look at their Wasabi logfiles and that there can be privacy implications of logfiles getting in the wrong hands, I'm wondering if we should allow users to disable log filesystem persistence (only print to stdout).

Questions

  • Should the option be on / off by default?
  • Where would the option be located in the UI settings?

Note that if it is on, we'll have very hard time to get logs when a user needs some support.
@Kruwed
Copy link
Collaborator

Kruwed commented Apr 29, 2024

Questions

* Should the option be on / off by default?

* Where would the option be located in the UI settings?

*I think logs should stay on by default.
*This feature is a tradeoff that fills an extremely narrow gap in the threat model, so I would categorize it under "Advanced" in the global gear settings.

@soosr
Copy link
Collaborator

soosr commented Apr 30, 2024

It is probably too late, but #9805 doesn't make sense. The issue refers to https://www.privacyaffairs.com/cve-2021-22929-brave-tor-vulnerability/ that says:

The discovered vulnerability can allow an attacker who obtains physical access to a device to view the exact timestamps that someone connected to a v2 onion address.

Do we really think that the user should be afraid of the Logs when an attacker has access to their device?

Questions

* Should the option be on / off by default?

* Where would the option be located in the UI settings?

*I think logs should stay on by default. *This feature is a tradeoff that fills an extremely narrow gap in the threat model, so I would categorize it under "Advanced" in the global gear settings.

☝👍

@kiminuo
Copy link
Collaborator Author

kiminuo commented Apr 30, 2024
edited

*This feature is a tradeoff that fills an extremely narrow gap in the threat model, so I would categorize it under "Advanced" in the global gear settings.

Personally, I don't think it's worthy of a UI settings change, I just reported it.

Do we really think that the user should be afraid of the Logs when an attacker has access to their device?

It would make more sense if the rest was encrypted. Like Transactions.sqlite file.

#6670 would be more valuable (to us) to fix, if we are talking about logs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Relevance Realization
Status: 🧩 Triaged
Milestone
No milestone
Development

No branches or pull requests
3 participants
@soosr @kiminuo @Kruwed