Removal/obfuscation of personally identifiable information from panic logs

tomasz86 · July 31, 2020, 4:30pm

Apart from actual technical information, the panic logs currently seem to contain the following data.

Computer name and user name
Config file path
Folder and device names and IDs
IP addresses

and also

If Syncthing has been compiled locally, then that folder path is also included.

There may be more, but this is what I can see in my panic log files.

Except for 5, the data comes from the standard Syncthing logs, but the difference is that those are local. The panic logs, on the other hand, are reported automatically, and their on/off switch is hidden under the Advanced Configuration, which means that many of the casual users may not even be aware of it.

Is all this information really needed for troubleshooting? If not, then I would like to strongly propose removing/obfuscating it before uploading the logs, just to ensure that no personally identifiable information is ever exposed outside of the user’s computer.

imsodin · July 31, 2020, 4:39pm

All of this is not part of reported panic logs. Panic logs are only the part where it says “panic: …” and then lots of "goroutine"s. No personal info in there. There’s some metadata attached, but that’s just build info: Version, OS, architecture (probably not complete).

tomasz86 · July 31, 2020, 4:47pm

Well, I was looking at the panic-*-*.reported.log files, so I apologise if I got a wrong impression. I have now checked the Docs (https://docs.syncthing.net/users/crashrep.html), and if the one included there is correct, then you are indeed right.

Although the first line does seem to contain the computer and user name, does it not? I mean specifically the XXX@XXX part after the version number, which is jb@kvin.kastelo.net in the Docs, and my computername@username here. Is this because I am using a locally compiled version?

imsodin · July 31, 2020, 4:55pm

I guess it’s indeed a bit misleading that it’s named reported. The local panic log has the additional info, as it’s relevant, but it gets “sanitized” before sending it. The reported part on the filename indicates to Syncthing that it doesn’t need to report it again.

That’s the computer of the builder, yes. If you build your binaries yourself, that will indeed be included.

tomasz86 · July 31, 2020, 5:02pm

Yeah, but I should have read the Docs before posting anyway .

Would it be a problem if I add a note to the Docs about the inclusion of the builder’s computer name and folder path when using self-built binaries?

imsodin · July 31, 2020, 5:06pm

Definitely not, that’s a good thing to document.

Catfriend1 · July 31, 2020, 6:41pm

If you don’t prefer to add that build meta you could

SET COMPUTERNAME=unknown
SET USERDOMAIN=unknown
SET USERNAME=unknown

before the build.

tomasz86 · August 1, 2020, 6:10am

Thank you!

I guess that there is no way to do anything about the Go installation folder and Syncthing build folder paths being included in the logs?

I have filed a pull request to update the Docs.

calmh · August 1, 2020, 6:19am

There is, there’s a build flag to only store the relative paths. I tried to enable it a little while back but it’s Go 1.14+ only and we’re currently allowing build with Go 1.13. We’ll add it to the build scripts when Go 1.15 is out.