Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
recommended programs
3 views
Skip to first unread message
MarioCPPP
Apr 15, 2023, 12:20:09 PM4/15/23
to
I have discovered (yesterday) GNOME-ACTIVITY-JOURNAL
It is a Tracking SW that stores everything you do (even text
snippets one cuts/pastes from/to clipboard), opened files,
visited web, emails.
I am still far from exploiting its power (and dunno whether
or not it is possibile to filter off some useless things
stored, to reduce the amount of data to revise later), but
one thing is really "WORRYING" ... I installed it TODAY, and
it has made available activity traces dating back to more
than a month ago.
It seems that is able to tap to informations that the system
just stores by itself (where ? logs ? whose logs ?) or by
some of its services (SystemD logs ?). And I find it
somewhat worrying both the number of detailed traces of
usage stored and the fact that GNOME-ACTIVITY-JOURNAL does
not even ask for password to retrieve such info.
Apart from this, it seems a really powerful program and able
to improve "productivity" and daily schedule, recovering
suspended task, and finding past activities. So my
evaluation stays very positive on this program.
Now the problem I will inquiry over is : why and how much
usage traces I leave behind like a slime :D
--
1) Resistere, resistere, resistere.
2) Se tutti pagano le tasse, le tasse le pagano tutti
MarioCPPP
David W. Hodgins
Apr 15, 2023, 2:48:00 PM4/15/23
to
https://wiki.archlinux.org/title/Zeitgeist which is what records the activity.
Regards, Dave Hodgins
MarioCPPP
Apr 15, 2023, 7:32:27 PM4/15/23
to
My perplexity arose not from the fact it relied on
Zeitgeist, but that it was able to exploit data well in
advance of its own install. Where such data came from ? Why
were they just in place to be fetched ? I dunno. But I am
completely ignorant which activities are normally LOGGED and
where and by who (I had suspected SystemD not because of
particular reasons, but since I knew it had its own journal,
not restricted to file system operations).
Have I been more clear ? The recordings turned up "from a
former past", as if sth was just recording before installing
Zeitgeist / gnome activity journal (zeitgeist was installed
contextually, as a dependency)
tnx for reply
>
> Regards, Dave Hodgins
Carlos E.R.
Apr 15, 2023, 11:45:24 PM4/15/23
to
On 2023-04-15 18:20, MarioCPPP wrote:
>
> I have discovered (yesterday) GNOME-ACTIVITY-JOURNAL
>
> It is a Tracking SW that stores everything you do (even text snippets
> one cuts/pastes from/to clipboard), opened files, visited web, emails.
>
> I am still far from exploiting its power (and dunno whether or not it is
> possibile to filter off some useless things stored, to reduce the amount
> of data to revise later), but one thing is really "WORRYING" ... I
> installed it TODAY, and it has made available activity traces dating
> back to more than a month ago.
>
> It seems that is able to tap to informations that the system just stores
> by itself (where ? logs ? whose logs ?) or by some of its services
> (SystemD logs ?). And I find it somewhat worrying both the number of
> detailed traces of usage stored and the fact that GNOME-ACTIVITY-JOURNAL
> does not even ask for password to retrieve such info.
Why should it? You already logged in, and it is your own data.
>
> I have discovered (yesterday) GNOME-ACTIVITY-JOURNAL
>
> It is a Tracking SW that stores everything you do (even text snippets
> one cuts/pastes from/to clipboard), opened files, visited web, emails.
>
> I am still far from exploiting its power (and dunno whether or not it is
> possibile to filter off some useless things stored, to reduce the amount
> of data to revise later), but one thing is really "WORRYING" ... I
> installed it TODAY, and it has made available activity traces dating
> back to more than a month ago.
>
> It seems that is able to tap to informations that the system just stores
> by itself (where ? logs ? whose logs ?) or by some of its services
> (SystemD logs ?). And I find it somewhat worrying both the number of
> detailed traces of usage stored and the fact that GNOME-ACTIVITY-JOURNAL
> does not even ask for password to retrieve such info.
>
> Apart from this, it seems a really powerful program and able to improve
> "productivity" and daily schedule, recovering suspended task, and
> finding past activities. So my evaluation stays very positive on this
> program.
>
> Now the problem I will inquiry over is : why and how much usage traces I
> leave behind like a slime :D
>
>
>
--
David W. Hodgins
Apr 16, 2023, 12:35:52 AM4/16/23
to
On Sat, 15 Apr 2023 19:32:23 -0400, MarioCPPP <NoliMihiFran...@libero.it> wrote:
> Maybe my English is poor enough not to be clear.
> My perplexity arose not from the fact it relied on
> Zeitgeist, but that it was able to exploit data well in
> advance of its own install. Where such data came from ? Why
> were they just in place to be fetched ? I dunno. But I am
> completely ignorant which activities are normally LOGGED and
> where and by who (I had suspected SystemD not because of
> particular reasons, but since I knew it had its own journal,
> not restricted to file system operations).
>
> Have I been more clear ? The recordings turned up "from a
> former past", as if sth was just recording before installing
> Zeitgeist / gnome activity journal (zeitgeist was installed
> contextually, as a dependency)
If it's from prior to zeitgeist being installed, then it's getting most of
> Maybe my English is poor enough not to be clear.
> My perplexity arose not from the fact it relied on
> Zeitgeist, but that it was able to exploit data well in
> advance of its own install. Where such data came from ? Why
> were they just in place to be fetched ? I dunno. But I am
> completely ignorant which activities are normally LOGGED and
> where and by who (I had suspected SystemD not because of
> particular reasons, but since I knew it had its own journal,
> not restricted to file system operations).
>
> Have I been more clear ? The recordings turned up "from a
> former past", as if sth was just recording before installing
> Zeitgeist / gnome activity journal (zeitgeist was installed
> contextually, as a dependency)
the history from the browser history and cache files.
Install the tree package if you haven't already, then open a terminal and
run "ls -l ./.mozilla/firefox/*.default/storage/default/|less" and the other
files "tree -ifa |grep firefox|less" shows.
Other browsers are similar. If you don't clear the cache and history or use
safe mode, everything is recorded. There is some in the journal, but not much
more than what rsyslog records.
Regards, Dave Hodgins
MarioCPPP
Apr 23, 2023, 5:41:58 PM4/23/23
to
I have sort of 7-8 browsers installed and sure, I save
everything.
But not only web-browsing data were found. Every cut/pasted
piece of text (from kate, LibreOffice, leafpad and other),
every folder opened, every video played with VLC or
SMPlayer, audio listened with clementine. Everything
conceivable seems to have left traces.
So I was wondering where from ... The browsers, yes, I knew
they cached a lot, because now I make manual backups with
FIND (including hidden dot files) and revise manually the
outcome in kate and refine the dirt with RegEx, and
regularly find a huge load of cached stuff under brower
abscribable paths.
But I did not expect that program was so smart in retrieving
everything ! It seems to be able to decode every particular
"format" used by all program installed, not just the place
the info are stored.
Seems more a FORENSIC TOOL than just a journaling utility !
>
> Other browsers are similar. If you don't clear the cache and
> history or use
> safe mode, everything is recorded. There is some in the
> journal, but not much
> more than what rsyslog records.
>
> Regards, Dave Hodgins
David W. Hodgins
Apr 23, 2023, 6:44:36 PM4/23/23
to
On Sun, 23 Apr 2023 17:41:48 -0400, MarioCPPP <NoliMihiFran...@libero.it> wrote:
> tnx for competent advice.
> I have sort of 7-8 browsers installed and sure, I save
> everything.
>
> But not only web-browsing data were found. Every cut/pasted
> piece of text (from kate, LibreOffice, leafpad and other),
> every folder opened, every video played with VLC or
> SMPlayer, audio listened with clementine. Everything
> conceivable seems to have left traces.
> So I was wondering where from ... The browsers, yes, I knew
> they cached a lot, because now I make manual backups with
> FIND (including hidden dot files) and revise manually the
> outcome in kate and refine the dirt with RegEx, and
> regularly find a huge load of cached stuff under brower
> abscribable paths.
> But I did not expect that program was so smart in retrieving
> everything ! It seems to be able to decode every particular
> "format" used by all program installed, not just the place
> the info are stored.
> Seems more a FORENSIC TOOL than just a journaling utility !
Many programs store a list of recently opened files. Things from copy/paste
> tnx for competent advice.
> I have sort of 7-8 browsers installed and sure, I save
> everything.
>
> But not only web-browsing data were found. Every cut/pasted
> piece of text (from kate, LibreOffice, leafpad and other),
> every folder opened, every video played with VLC or
> SMPlayer, audio listened with clementine. Everything
> conceivable seems to have left traces.
> So I was wondering where from ... The browsers, yes, I knew
> they cached a lot, because now I make manual backups with
> FIND (including hidden dot files) and revise manually the
> outcome in kate and refine the dirt with RegEx, and
> regularly find a huge load of cached stuff under brower
> abscribable paths.
> But I did not expect that program was so smart in retrieving
> everything ! It seems to be able to decode every particular
> "format" used by all program installed, not just the place
> the info are stored.
> Seems more a FORENSIC TOOL than just a journaling utility !
are not normally saved, but may be depending on the programs used and their
settings. Clipboard managers are an obvious case where the data is stored.
It depends on which desktop environment and clipboard program is being used
as to whether it's stored or not.
User data is stored in /home and /var with temporary things in /tmp and /run.
Programs can be designed to be easy to use, with lots of features or they can
be designed to be very secure. It's rare that user level programs are both easy
to use and highly secure.
Systems level programs tend to be designed to be secure, but are made as easy
as then can be while still secure. User level programs are generally designed
for ease of use with only as much security as can be gotten away with.
High security systems have as few programs installed as they can, and take extra
steps to minimize what's stored by them. Part of hardening a system is making
sure the number of programs installed (attack surface) is made as small as
possible.
Regards, Dave Hodgins
J.O. Aho
Apr 24, 2023, 2:20:26 AM4/24/23
to
On 4/23/23 23:41, MarioCPPP wrote:
>>> where and by who (I had suspected SystemD not because of
what's this SystemD? something new?
>>> where and by who (I had suspected SystemD not because of
> But not only web-browsing data were found. Every cut/pasted piece of
> text (from kate, LibreOffice, leafpad and other)
have their own clipboard history. For gnome I would recommend you
install Clipboard indicator/GPaste or similar so that you can edit your
history and in that regard getting a better control of your clipboard.
> every video played with VLC or SMPlayer, audio listened with clementine.
applications configuration directory.
> But I did not expect that program was so smart in retrieving everything
> ! It seems to be able to decode every particular "format" used by all
> program installed, not just the place the info are stored.
information, people tend to think of similar log files, so it's just
matching a handful regex and you have covered like 95% of all log files.
--
//Aho
Carlos E.R.
Apr 24, 2023, 5:31:56 AM4/24/23
to
system is running. If you have the hard disk in your hand, you can
access any file on it, no limits. Information is not encrypted or
otherwise protected. You can read mail from any user, all office files,
all logs.
If the system is running, then yes, the permission system will limit
what each user can do or read. But a program doesn't need your password
to collect your information.
--
Cheers, Carlos.
David W. Hodgins
Apr 24, 2023, 9:37:03 AM4/24/23
to
is another part.
Regards, Dave Hodgins
J.O. Aho
Apr 25, 2023, 2:00:04 AM4/25/23
to
the data is encrypted as long as the user hasn't yet logged in. This has
also been done with luksfs a long time before fscrypt and the setup
works in a similar way.
--
//Aho
Carlos E.R.
Apr 25, 2023, 2:24:39 AM4/25/23
to
default. When I say that "information is not encrypted" I mean that
applications do not use encryption to protect their data, config, log
files, etc. Heck, some applications do not even encrypt passwords!
(example: fetchmail, rsync).
--
Cheers, Carlos.
J.O. Aho
Apr 25, 2023, 2:39:52 PM4/25/23
to
On 25/04/2023 08:22, Carlos E.R. wrote:
> On 2023-04-25 08:00, J.O. Aho wrote:
>> On 4/24/23 11:30, Carlos E.R. wrote:
>>> On 2023-04-24 00:44, David W. Hodgins wrote:
>>
>>>> High security systems have as few programs installed as they can,
>>>> and take extra steps to minimize what's stored by them. Part of
>>>> hardening a system is making sure the number of programs installed
>>>> (attack surface) is made as small as possible.
>>>
>>> Just remember than in Linux the login password only protects while
>>> the system is running. If you have the hard disk in your hand, you
>>> can access any file on it, no limits. Information is not encrypted or
>>> otherwise protected. You can read mail from any user, all office
>>> files, all logs.
>>
>> Not necessarily, fscrypt allows you to have encrypted home
>> directories, the data is encrypted as long as the user hasn't yet
>> logged in. This has also been done with luksfs a long time before
>> fscrypt and the setup works in a similar way.
>
> Of course you *can* encrypt home or partitions, but that is not the
> default.
Not at this moment, but the idea that RedHat with systemd is to make it
> On 2023-04-25 08:00, J.O. Aho wrote:
>> On 4/24/23 11:30, Carlos E.R. wrote:
>>> On 2023-04-24 00:44, David W. Hodgins wrote:
>>
>>>> High security systems have as few programs installed as they can,
>>>> and take extra steps to minimize what's stored by them. Part of
>>>> hardening a system is making sure the number of programs installed
>>>> (attack surface) is made as small as possible.
>>>
>>> Just remember than in Linux the login password only protects while
>>> the system is running. If you have the hard disk in your hand, you
>>> can access any file on it, no limits. Information is not encrypted or
>>> otherwise protected. You can read mail from any user, all office
>>> files, all logs.
>>
>> Not necessarily, fscrypt allows you to have encrypted home
>> directories, the data is encrypted as long as the user hasn't yet
>> logged in. This has also been done with luksfs a long time before
>> fscrypt and the setup works in a similar way.
>
> Of course you *can* encrypt home or partitions, but that is not the
> default.
home directories to be able to both be transportable and encryptable.
> When I say that "information is not encrypted" I mean that
> applications do not use encryption to protect their data, config, log
> files, etc. Heck, some applications do not even encrypt passwords!
> (example: fetchmail, rsync).
fetchmail has a long history before encryption in transit was even
thought to be important, sadly it hasn't taken a step forward. One that
has is alpine.
--
//Aho
0 new messages