Privacy Policy Added to Basilisk Site

Board for discussions around the Basilisk web browser.

Moderator: Basilisk-Dev

User avatar
Basilisk-Dev
Lunatic
Lunatic
Posts: 317
Joined: 2022-03-23, 16:41
Location: Chamber of Secrets
Contact:

Privacy Policy Added to Basilisk Site

Unread post by Basilisk-Dev » 2023-01-17, 04:16

I added a Privacy Policy section to the Basilisk site. Someone emailed me asking for info regarding what data is logged by Basilisk related services and I've seen a couple comments on the forum asking about it.
https://basilisk-browser.org/privacy.shtml

I don't think I missed anything, but if I did let me know and I'll make sure it gets added.
Basilisk Project Owner

viewtopic.php?f=61&p=230756

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Privacy Policy Added to Basilisk Site

Unread post by Moonchild » 2023-01-17, 09:20

Looks good, some minor grammatical nits in one sentence:
This logging is only reviewed when we need to block a malicious IP address. Other than that one circumstance, this logging is never reviewed in any way, neither by a human, nor by a computer program.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
Bilbo47
Fanatic
Fanatic
Posts: 234
Joined: 2017-11-18, 04:24

Re: Privacy Policy Added to Basilisk Site

Unread post by Bilbo47 » 2023-01-18, 01:22

Grammar pedantry ➜ suggested precision:
This logging is reviewed only when we need to block a malicious IP address. Other than that one circumstance, this logging is never reviewed in any way, neither by a human[,] nor by a computer program.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Privacy Policy Added to Basilisk Site

Unread post by Moonchild » 2023-01-18, 23:51

That'd be more a stylistic choice than anything else ;)
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
random
Apollo supporter
Apollo supporter
Posts: 33
Joined: 2022-07-22, 06:31

Re: Privacy Policy Added to Basilisk Site

Unread post by random » 2023-01-19, 21:04

This is the main site for Basilisk. We log IP addresses and user agents that request pages on this domain for one week. Logs are rotated once weekly at 00:00 UTC on Sunday. This logging is only when we need to block a malicious IP address. Other than that one circumstance this logging is never reviewed in any way, neither by a human or by a computer program.
"Rotated" usually means that the log file is renamed. As a user I don't care if or when log files are rotated, but I do care when the logged data is deleted / irrecoverably destroyed. A week is also way to long, especially if some IPs are kept much shorter (6, 5, 4, 3, 2 or 1 day or just for a second before rotation), which clearly shows that there is no need for keeping it longer (or rotate does not mean delete at all and you are keeping the log files for much longer).

It feels like you are describing the default configuration of your server. From a privacy perspective the question why you need it longer than 24 hours.
If you don't want your IP logged, simply don't browse the Basilisk site.
Sorry, too late. IP is already logged when reading the policy on the website ;)

If you don't like it, don't use the service is not a good privacy policy. Just imagine Google would allow to do this: We collect everything. If you don't like it, don't use our service.

But overall I like it. Short and easy to understand. (Personally I do not care much about logged IPs or I would use Tor)

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Privacy Policy Added to Basilisk Site

Unread post by Moonchild » 2023-01-19, 22:10

random wrote:
2023-01-19, 21:04
If you don't like it, don't use the service is not a good privacy policy. Just imagine Google would allow to do this: We collect everything. If you don't like it, don't use our service.
Sorry for butting in here in reply; of course basilisk-dev can respond in any way they want but I'd like to respond with a general consideration here:
It's a good remedy if you don't agree with the privacy policy as there is no real remedy otherwise for sites having stated privacy policies (unless they go out of their way of offering data deletion services, e.g. social media sites). The reality in your Google example is exactly that. If you use Google services, Google will collect data. Their privacy policy merely informs you what they collect, why, and how it's being used. If you disagree then your only recourse is to not use them. I think it's only fair that this remedy is offered as part of this privacy policy here in case you for some reason cannot agree with it. My own site and service policies have similar statements for clarity, as well.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
Basilisk-Dev
Lunatic
Lunatic
Posts: 317
Joined: 2022-03-23, 16:41
Location: Chamber of Secrets
Contact:

Re: Privacy Policy Added to Basilisk Site

Unread post by Basilisk-Dev » 2023-01-20, 17:44

random wrote:
2023-01-19, 21:04
"Rotated" usually means that the log file is renamed. As a user I don't care if or when log files are rotated, but I do care when the logged data is deleted / irrecoverably destroyed. A week is also way to long, especially if some IPs are kept much shorter (6, 5, 4, 3, 2 or 1 day or just for a second before rotation), which clearly shows that there is no need for keeping it longer (or rotate does not mean delete at all and you are keeping the log files for much longer).

It feels like you are describing the default configuration of your server. From a privacy perspective the question why you need it longer than 24 hours.
This is incorrect. See for example the Wikipedia article on Log rotation.
Off-topic:
Unrelated: The new Wikipedia design is very ugly.
In information technology, log rotation is an automated process used in system administration in which log files are compressed, moved (archived), renamed or deleted once they are too old or too big
In my case I have it set to delete the logs after 1 week, hence the old logs are rotated out. This fits the definition of log rotation per the Wikipedia article. In addition to that the tool I used to configure this weekly deletion of logs is called "logrotate".
random wrote:
2023-01-19, 21:04
If you don't like it, don't use the service is not a good privacy policy. Just imagine Google would allow to do this: We collect everything. If you don't like it, don't use our service.
I disagree here 100%. This is exactly what Google already does now. If you don't want Google to collect information, do not use Google services. I don't use Google (neither search nor Gmail nor YouTube) for precisely this reason.
Basilisk Project Owner

viewtopic.php?f=61&p=230756

Locked