bt
join:2009-02-26
canada
kudos:1 Reviews:
 ·Start Communicat..
| reply to globus9991
Re: Why is Tek still keeping logs??? said by globus9991:said by bt:said by globus9991:Here we go again. As I explained above, there are NO *valid* business / technical or legal reasons to keep logs. Please don't repeat this without arguments to support your point of view.
Opinion Seriously??? I'll agree that the matter of law isn't opinion, but neither of us are lawyers with full knowledge of the relevant areas of practice.
Sure, tech issues can be logged after they're noticed. But there is always a business case to be made for being proactive instead of reactive. A good enough business case to outweigh the downsides/costs/etc? That's the golden question.
It is your opinion that when it comes to logging, the risks outweigh the benefits of being proactive. A customer getting one of these emails will probably agree with you. But the customer calling in and being told that they need to suffer through some intermittent issue for a few more days so there are logs that support can go over might disagree with your opinion.
So yes - seriously. |
|
|
|
| reply to TSI Gabe
said by TSI Gabe:We need logs for many other reasons.
Spammers, abuse, troubleshooting. Usage.
We also get court ordered abuse/hacking cases unrelated to copyright.
Spammers, abuse, troubleshooting are all tech reasons. If they happened, how exactly will this help you? What's done is done. If they are happening then you can log specifically on or about the problem. Clever ISPs use trigger software instead of logs. Logs are cumbersome and obsolete. Real-time or near-real time is the way to go. This is *exaclty* what the Swedis ISPs did and it worked OK for them. Not need to have widespread logging.
Usage? You don't need to log IPs. Just session start, end and bytes transferred (if the account is limited). Many ISPs do just that.
Court orders? Sure. But *only* when you receive one. If you don't have any logs then you simply report so. If this is not the case, please provide a reference to at least 1 Canadian Law that mandates widespread logging. |
|
Reviews:
·TekSavvy DSL
| reply to globus9991
I don't want to be an ass and tell TekSavvy how to do their jobs. But I agree with globus9991.
There are ways around the technical aspects of requiring logs. No IPs needs to be logged. They can use account IDs and such instead. If someone is having a technical issue and having the IPs logged would help with solving that issue then the logging can be enabled temporarily for that specific reason.
They can also lower the retention time and enable longer times for specific users if required by law. |
|
| reply to bt
said by bt:Sure, tech issues can be logged after they're noticed. But there is always a business case to be made for being proactive instead of reactive. A good enough business case to outweigh the downsides/costs/etc? That's the golden question.
It is your opinion that when it comes to logging, the risks outweigh the benefits of being proactive. A customer getting one of these emails will probably agree with you. But the customer calling in and being told that they need to suffer through some intermittent issue for a few more days so there are logs that support can go over might disagree with your opinion.
So yes - seriously.
No, not seriously.
Then, how did the Swedish ISPs do it?
I didn't see an uproar in swedish customers when they stopped logging. On the contrary, I saw a healthy support from them to the ISPs that had the vision to and the ba**s to stop this practice. Besides, where does it stop?
How many fishing expeditions from shark lawyers do we have to endure before a meaningful law/regulation is enacted? Why suffer through all that if ISPs can fix it overnight.
As to a customer not getting its issue fixed overnight, don't get me laughing!!! Did you actually worked for IT??? I can pretty much guarantee that NOTHING gets solved overnight. Furthermore, it is much more time efficient to turn logging on for a specific customer when a complaint is received than to spend countless hours wading through logs. Real-time or near-real-time is the way to go. |
|
 TSI GabePremium,VIP
join:2007-01-03
Chatham, ON
kudos:2 | Wow, i'll come back when things calm down. |
|
bt
join:2009-02-26
canada
kudos:1 Reviews:
·Start Communicat..
1 edit | reply to globus9991
said by globus9991:Then, how did the Swedish ISPs do it?
Differently. That they have been successful with such methods just means that it's a valid method, it doesn't mean it's the only method. And if it's better or worse is a matter of opinion.
said by globus9991:As to a customer not getting its issue fixed overnight, don't get me laughing!!! Didn't say that.
said by globus9991:Did you actually worked for IT??? Yes. For (gasp) an ISP! And (gasp) not as a phone drone!
said by globus9991:I can pretty much guarantee that NOTHING gets solved overnight. Furthermore, it is much more time efficient to turn logging on for a specific customer when a complaint is received than to spend countless hours wading through logs. Real-time or near-real-time is the way to go.
Again, never said anything about an issue being solved right away, or overnight, because of the existence of logging. |
|
MFido
join:2012-10-19
kudos:1 | reply to TSI Gabe
said by TSI Gabe:Wow, i'll come back when things calm down.
Give them a hand .... and they will tell you how to run your business ... LOL |
|
kovy
join:2009-03-26
kudos:8 | reply to globus9991
Why did you sign with Teksavvy if you knew they logged things ? |
|
1 edit | said by kovy:Why did you sign with Teksavvy if you knew they logged things ?
Because everybody else is quite worst ... given my choices.
But you are missing the point.
Tek should be jumping at this opportunity.
The basic rule of business is that you want to differentiate yourself from your competition.
Now that this is all over the news, can you imagine the sales boost that Tek would have if it would be to announce a new: "no logging" policy?
Free marketing!
Free advertisement!
This kind of "press" you can't get even paying for it.
Alas, Tek is blind by design. They can't see beyond their CYA policies.
That's the point of this post. |
|
| reply to bt
said by bt:said by globus9991:Then, how did the Swedish ISPs do it?
Differently. That they have been successful with such methods just means that it's a valid method, it doesn't mean it's the only method. And if it's better or worse is a matter of opinion. Well, I worked with both methods and I can tell you from experience that what you want is a near instantaneous alarm when things go wrong (or appear to go wrong) than find out a few days after the fact when the damage is done and have to wad through a few Gigs worth of logs. Yes, heuristic, near-real-time software is better. It is adaptable and/or rule-based. It can look for new forms of abuse or detect subtleties. You can see, in real-time what's going on. Those are all things that logs can't do. Yes. it is a superior method.
said by bt:said by globus9991:Did you actually worked for IT??? Yes. For ( gasp) an ISP! And ( gasp) not as a phone drone! Well.. my office had a phone (IP based, of course) but I didn't use it that much. Spent most of the time with hardware / software. Besides, the drone part was mainly outsourced, so I wouldn't know.
said by bt:said by globus9991:I can pretty much guarantee that NOTHING gets solved overnight. Furthermore, it is much more time efficient to turn logging on for a specific customer when a complaint is received than to spend countless hours wading through logs. Real-time or near-real-time is the way to go.
Again, never said anything about an issue being solved right away, or overnight, because of the existence of logging. No, but you implied that by having logs things would get solved faster. On average, they do not. |
|
bt
join:2009-02-26
canada
kudos:1 Reviews:
·Start Communicat..
| said by globus9991:said by bt:said by globus9991:Then, how did the Swedish ISPs do it?
Differently. That they have been successful with such methods just means that it's a valid method, it doesn't mean it's the only method. And if it's better or worse is a matter of opinion. Well, I worked with both methods and I can tell you from experience that what you want is a near instantaneous alarm when things go wrong (or appear to go wrong) than find out a few days after the fact when the damage is done and have to wad through a few Gigs worth of logs. Oh, I agree on that. But I've seen many situations where you need to wade through logs to find out what the cause of the problem is. You can do that a lot sooner if the logs already exist.
Real-time is better for spotting problems. Logs are better for spotting causes.
said by globus9991:Yes, heuristic, near-real-time software is better. It is adaptable and/or rule-based. It can look for new forms of abuse or detect subtleties. You can see, in real-time what's going on. Those are all things that logs can't do. Yes. it is a superior method.
And real-time can't give you a history to back-track through when necessary. The superior method for troubleshooting (so not getting into cost analysis, legal issues, etc, which bring further pros and cons to each method) is a combination of both real-time and logging. |
|
Reviews:
 ·TekSavvy Cable
·Rogers Hi-Speed
| reply to TSI Gabe
Re: Why is Tek still keeping logs??? said by TSI Gabe:Wow, i'll come back when things calm down.
Gabe, if you can ignore the lunacy and help us have a calm discussion about this, I can assure you that most of us appreciate it. To your knowledge, is the 90 day logging window here to stay? Is there any momentum towards shortening (or lengthening) the window? |
|
| reply to bt
said by bt:Oh, I agree on that. But I've seen many situations where you need to wade through logs to find out what the cause of the problem is. You can do that a lot sooner if the logs already exist.
Real-time is better for spotting problems. Logs are better for spotting causes. Yes, but with a properly configured real-time software, it starts logging when the issue is first detected. And, it intelligently logs only relevant packets. For any intent and purposes, you are loosing almost no important information to determine causality.
said by bt:And real-time can't give you a history to back-track through when necessary. The superior method for troubleshooting (so not getting into cost analysis, legal issues, etc, which bring further pros and cons to each method) is a combination of both real-time and logging.
Not in my experience. Widespread logs area always a headache. They do suffer as you said, from, cost analysis, troubleshooting, legal, storage, backup and a myriad of other issues.
When I am looking at a log, I want the min info that will be useful, and just the timeframe that is useful. Everything else is just a pain in the neck and not worth my time.
Real-time is the way to go. That's how most *modern* data-centers do it. |
|
| reply to The Mongoose
said by The Mongoose:said by TSI Gabe:Wow, i'll come back when things calm down.
Gabe, if you can ignore the lunacy and help us have a calm discussion about this, I can assure you that most of us appreciate it. To your knowledge, is the 90 day logging window here to stay? Is there any momentum towards shortening (or lengthening) the window? Or canceling this policy altogether? (Yes, I am ignoring you MG) |
|
| reply to globus9991
Ditto on the calming down.
Gabe is this something you could ask/present?
I realize logging is needed for troubleshooting etc, but is it in fact 100% obligatory by law? I understand that it is useful for keeping hacking etc under control as well, but theoretically speaking, are we (as ISPs) obliged by law to do it.
I ask this more as my position as a small ISP as well. I have not been able to get 100% concrete answers to this very question either. If it's not obliged by law, I would gladly do away with it on my network. (Yes I realize it gives birth to the network being the cesspool of the internet, but in all honesty I really couldn't care less to fund all the effort it takes in managing it and dealing with requests such as this. If I could give a blanket "Sorry the logs don't exist, f*** off" reply I'd be much happier.)
No it's not a nice truth, but it's the truth. |
|
| said by voxframe:Ditto on the calming down.
Gabe is this something you could ask/present?
I realize logging is needed for troubleshooting etc, but is it in fact 100% obligatory by law? I understand that it is useful for keeping hacking etc under control as well, but theoretically speaking, are we (as ISPs) obliged by law to do it.
I ask this more as my position as a small ISP as well. I have not been able to get 100% concrete answers to this very question either. If it's not obliged by law, I would gladly do away with it on my network. (Yes I realize it gives birth to the network being the cesspool of the internet, but in all honesty I really couldn't care less to fund all the effort it takes in managing it and dealing with requests such as this. If I could give a blanket "Sorry the logs don't exist, f*** off" reply I'd be much happier.)
No it's not a nice truth, but it's the truth.
That's the spirit!!!
That's one that get's it!!!
And no, you network does not have to be a cesspool.
Congrats!! |
|
bt
join:2009-02-26
canada
kudos:1 Reviews:
·Start Communicat..
| reply to globus9991
said by globus9991:Yes, but with a properly configured real-time software, it starts logging when the issue is first detected. And, it intelligently logs only relevant packets. For any intent and purposes, you are loosing almost no important information to determine causality. Even properly configured, it can miss out on earlier stages that a human eye might spot (with the benefit of hindsight).
It's only as good as the person who programmed it, and only knows what that person thought of making it know.
said by globus9991:said by bt:And real-time can't give you a history to back-track through when necessary. The superior method for troubleshooting (so not getting into cost analysis, legal issues, etc, which bring further pros and cons to each method) is a combination of both real-time and logging.
Not in my experience. Widespread logs area always a headache. They do suffer as you said, from, cost analysis, troubleshooting, legal, storage, backup and a myriad of other issues. Real-time also suffers from cost analysis, troubleshooting, etc. Not all of the issues are the same, but there are just as many of them.
said by globus9991:When I am looking at a log, I want the min info that will be useful, and just the timeframe that is useful. Everything else is just a pain in the neck and not worth my time. Basic log viewing software can help with that. I'm not saying you should be popping the log open in notepad and going through it line by line... |
|
Reviews:
·TekSavvy Cable
·Rogers Hi-Speed
| reply to voxframe
Vox,
I've been reading up on this and can't find anything legally obliging an ISP to keep logs. They certainly aren't obligated to in the USA, but most of them do...the bigger the ISP, the longer the logging window.
The reason seems to be that law enforcement gets fairly snippy in the US if you trim back the logging window. Given that we're talking about the land of the Patriot Act and quite a bit of anti-terror snooping, that's not really surprising. So even though they don't have to most ISPs do log...for the reasons Gabe gave, plus a desire not to instigate any friction with law enforcement agencies that can make life difficult.
I'm still looking for concrete rules in Canada. Oddly some privacy regulations like PIPEDA actually require companies to retain certain information, even though the primary purpose of the regulation is supposed to be privacy protection.
I'll let you know if I come across anything concrete...hopefully you're allowed to just turn off the logs. |
|
