Ubuntu 12.04 Will Bring OS-Level Security Options

Wednesday, March 14, 2012

Article by Micah Lee

Like many operating systems, Ubuntu stores information about how you use your computer. This is often convenient because it helps you quickly open recently used documents or search recently used folders.

But it also means that anyone with access to your computer can learn these things as well. In the upcoming release, Ubuntu 12.04 (currently in beta, to be released April 26) is introducing operating system-wide privacy settings that let you delete portions of your activity log, disable logging for specific types of files and applications, or disable activity logging altogether.

Keep in mind that these settings only apply to the GNOME activity log. Many other parts of your operating system log things by default and that logging needs to be disabled separately, if it is possible at all.

For example browsers like Firefox and Chrome keep a history of all the websites you visit by default; instant messaging programs like Pidgin and Empathy log your chats by default; when you open a terminal and type commands, those commands get logged to

~/.bash_history

when you use vim, a history of your vim commands gets logged to

~/.viminfo

and a history of everyone who logs into your computer and every command that gets run as sudo gets logged to

/var/log/auth.log.

Retrofitting operating systems to support privacy against local attackers is a worthy objective, but not an easy one [pdf]. We hope that Ubuntu and other projects will be in this for the long haul. The first step is probably defining clear API and mechanisms to enable non-GNOME applications to be told about the user's preferences for logging, and opening a lot of bug reports to get them respected.

For now, you can now delete your GNOME activity log from the past hour, day, week, a specific date range, or everything stored on your computer.

You are also able to keep your activity log but not log anything for specific types of files or for specific folders. You might want to, for example, not log any activity in

/media/truecrypt1

You can choose not to log activity for specific applications. This does not disable all logging from those applications. If you add Pidgin to this list, Ubuntu won't save any activity logs for Pidgin, but your chat history still gets saved by default. You need to edit Pidgin's preferences to disable this behavior.

You can optionally send anonymous usage information to the Ubuntu developers. This is disabled by default and requires administrator access on the computer to enable.

And finally, if you want to completely disable all activity logging on your computer, you can turn the Record Activity switch from ON to OFF.

Cross-posted from Electronic Frontier Foundation

Possibly Related Articles:
8454
Operating Systems
Information Security
Privacy Application Security Operating Systems Ubuntu API Electronic Frontier Foundation EFF Gnome logging
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.