Monday, February 14, 2005


The Electronic Frontier Foundation (EFF) has released logfinder, a software tool to help people reduce the unnecessary collection of personal information about computer users. Often computer network servers automatically log information about who has visited a website and when, or who has sent and received email. Such data tells a lot about a user's browsing and email habits and could be used in privacy-invasive ways. Moreover, log data must be turned over to government entities with court orders and can be subpoenaed by opposing sides in court cases.

By finding unwanted log files, logfinder informs system administrators when their servers are collecting personal data and gives them the opportunity to turn logging off if it isn't gathering information necessary for administering the system.

Logfinder was conceived by security consultant Ben Laurie and written by EFF Staff Technologist Seth Schoen. It's intended to complement EFF's recent white paper, Best Practices for Online Service Providers, in which the organization argues that administrators should remove as many logs as possible and delete all personally identifying data from them.

It would make sense for most libraries to run this and then decide just what information is needed and what collections files can be turned off. This is a system level tool in UNIX, not something for the average user.

No comments: