Tech View: Logs can track web activities as well as ID your location

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

How many times have we heard the warning, “Be careful what you do on your computer, it’s all logged.” Is this true? Should folks be concerned that big brother is looking over their shoulder? What exactly is a log, and what’s in it?

Every time you access a cloud-based service, multiple records of your activities are typically made. Simply put, these activities are compiled in files, and those files are what we call logs.

Activities are recorded at several different levels. Security logs detail both successful and unsuccessful logins. Application logs record the various functions of the app. Network logs contain information about the various flows of data.

But of course, the logs that folks seem to be most concerned about are the records of their work activities. The short answer is that all of your activities are logged. Where you signed in from, maybe not the exact physical address, but pretty close. The device with which you signed in, the app you used and, of course, the time the sign-in (although not always the sign-out) occurred.

So, for example, if you are working remotely, took off to Vegas for the week but pretended to still be in Hawaii, your employer (or at least your employer’s IT staff) can see that you signed in from southern Nevada with your iPhone and used Zoom. With just a bit of diligence, your itinerary can be discerned, e.g., a sign-in at the Honolulu airport, another one at McCarran and the reverse on the way home. They can see whether you used your laptop and if you accessed any work files from the cloud.

Not to say this in and of itself is bad — after all, isn’t that the allure of working remotely? And aren’t we encouraging the reverse to increase our own tourist count? Of course, many employers don’t believe that their staff can be as productive working in locales such as Waikiki or Vegas, but that’s a management issue, not an IT issue.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

A close second to work activities is general internet activities. The short answer here is that your ISP logs all of your internet actions: websites you hit, files you download — in some cases, on unsecure websites, they can even see the data you pass back and forth.

Not to be judgmental, but if you are engaging in anything even remotely nefarious, consider using a VPN, which we’ve talked about here before. With a VPN, your ISP only sees encrypted data (gibberish, for all intents and purposes) between you and the VPN provider. And the VPN provider does not keep logs.

Finally, be assured that most seasoned IT folks really don’t care to spend time poring through logs looking for incriminating activity. Even with advanced logging systems, reading logs are tedious at best and painful to many. The examination of logs is more reactive than proactive and is done only when some other activity casts suspicion on you.

———

John Agsalud is an IT expert with more than 25 years of information technology experience in Hawaii and around the world. He can be reached at jagsalud@live.com.