Private data leaks in logs Post-Mortem


#1

From 9th of Sep logs file of Status Desktop started to contain all
kind of text information rendered on application’s window surface. The
issue was resolved yesterday with commit into react-native-desktop.

Link to Post-Mortem:
https://notes.status.im/s/By3jgQwjX


#2

Kudos to @max and the team for being the first ones to create a Post-Mortem.


#3

Something which would be interesting to see in the PM is how we plan to reduce the chance of something like this happening in the future. Maybe by adding an E2E test that looks for sensitive data in the logs/console output?


#4

We have discussed possibility to disable logs by default and have special option to turn logs on under advanced settings. Maybe with some additional warning.

But above doesn’t solve possibility of sensitive information adding to the logs. Your suggestion might work.

Also in near future it makes sense to reference specific tags of status-react’s 3rd party repos, because at the moment (for react-native-desktop and others desktop modules) we often reference just latest master and ignoring important changes to 3rd party module is a common issue at the moment (build failures, unwanted behavior, possible security holes)


#5

Yeah, we should definitely depend on a specific release/tag of a remote, so that we can guarantee consistent behaviour. This is also important for the reproducible builds effort.


#6

In $job-1 we had Danger (danger.systems) set up so if it detects any changes to something with “log” in it, it creates an additional comment that says
- [ ] I am sure that I didn't add any sensistive information to the log entries (link to the document describing sensitive information). It isn’t perfect, but at least it stops you to think about logs.