diff options
| author | David Goulet <dgoulet@torproject.org> | 2020-03-11 12:26:10 -0400 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2020-07-08 11:11:58 -0400 |
| commit | 942ecfa835bc50ed11912df034abf5f184d46033 (patch) | |
| tree | 61270fa467b0180471265a06ab28bf5eccb6aaa1 /doc | |
| parent | b049cc3ace18dd42493ca768cf4636dfd89569fc (diff) | |
| download | tor-942ecfa835bc50ed11912df034abf5f184d46033.tar.gz tor-942ecfa835bc50ed11912df034abf5f184d46033.zip | |
doc: Add a WARNING section to Tracing.md
Explain what is safe or not with tracing data.
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/HACKING/Tracing.md | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/doc/HACKING/Tracing.md b/doc/HACKING/Tracing.md index 8cf68321a4..d898bee172 100644 --- a/doc/HACKING/Tracing.md +++ b/doc/HACKING/Tracing.md @@ -4,7 +4,25 @@ This document describes how the event tracing subsystem works in tor so developers can add events to the code base but also hook them to an event tracing framework (i.e. tracer). -## Basics +## WARNING ## + +Tracing the tor daemon **always** generates sensitive data if used in +production (on the public network). + +It **is** ethical for researchers to use tracing for their own tor client (for +example: building paths, timings, or performance). + +It is **NOT** ethical to archive, publish or keep data containing other users' +activity such as relay data or anything that handles users' traffic. This +of course includes any logs below notice level. + +Publishing analysis of tracing data containing user traffic is **NOT** safe +either. + +In other words, tracing data that contains other users's activity is **NOT** +safe to publish in any form. + +## Basics ### Tracing is separated in two different concepts. The tracing API and the tracing probes. |