Contents of C:\Users\%USER%\AppData\Local\Frontier_Developments\Products\elite-dangerous-odyssey-64\Logs

[Morbad]

The contents of the game's netlogs isn't sensitive information in the context in which they are collected. It includes numerical IDs and the IPs/ports of the peers the client was connected to, peers who had to expose themselves to such connections to participate in this peer-to-peer game.

Anyway, since I didn't get to see the OP's video, I've used context clues to source one that I think is probably close enough:

Spoiler: T-800 finds the NETLOGS

Source: https://www.youtube.com/watch?v=2wNTIPaBbPI

letting people who otherwise wouldn't be aware of it that it exists and how to get at it is irresponsible to say the least

Security through obscurity is false security. Also, I generally consider exposing and publicizing vulnerabilities to be a good thing...so they can be addressed and so that those responsible for addressing them can be held accountable. Depending on circumstances it may be prudent to point out an apparent flaw privately, at first, but if nothing is done in a reasonable amount of time and the vulnerability is still putting people at risk, exposing it to force the issue, and to warn those who may be affected that they need to take their security into their own hands, would be the responsible thing to do.

OP defined the practical problem pretty clearly.

Knowing the IP of someone connected to your system or the port that was used for that specific connection (which doesn't necessarily have to be open to arbitrary connections...the game uses various NAT traversal protocols) doesn't sound like much of a problem to me.

Sure a malicious actor could use the time stamps in the CMDR logs from the "Saved Games" folder to match IDs from the netlogs to CMDR names and then know whose IP that is, which may be used to attempt to launch some sort of attack upon that individual, but--as previously mentioned--that information can be obtained nearly as easily other ways.

FDev are clearly unhappy with anyone posting forensic evidence, so that's not going to happen.

Evidence of what?

Regardless, Frontier isn't going to stop anyone from posting their netlogs, if they obfuscate the client IP address they contain.

 

[CMDR Mechan]

That a video existed is irrelevant to me.

I just am trying to pick up the pieces of what the original claim is so I can validate it. We'll end up with plenty of people getting an opinion or concern based on what they hear. The fire has started, the video taken down, and investigations can't be made without understanding what the original claim was.

Regardless on whether or not there's a legitimate issue with the Netlog, more eyes means more validation either way.

I am aware I said earlier that without the claim explained this is a non-issue, but the security minded side of me won't be satisfied until I can understand the concern to begin with.

This is my statement on the matter, upon taking said video private, as posted on my channel, copied and pasted here lest I don’t get further accused of farming for clicks …

***

Earlier today I posted a video showing how IP addresses are plaintext-logged in the Elite: Dangerous netlogs. I thought that to be informative about a dynamic which I felt was far from best practice, and, like all things, it was information which individual CMDRs could choose to do whatever they wanted with. (Plus, shining a big spotlight on what I feel are issues with the game has been a historically pretty effective manner of getting them fixed.)

Since publishing the video, the reception has been ... shall we say, rather fierce? ... on pretty much opposite camps. On one hand, a quarter of the community accused me of publicly revealing what sounded like the secrets to creating WMDs. For them, I was enabling doxxing behaviors, and I was complicit in some of the worst crimes the game has ever seen. Another quarter of the community accused me of ... pretty much the opposite ... ragebaiting on a nothingburger. That IP addresses, public or private, are not a security risk, everyone logs them ... who cares. A third quarter accused me of just being salty at FDEV and vindicative, and childish, or whatnot. Maybe, maaaaaybe, a fourth quarter got my intended meaning of more-knowledge, more-power to the players.

Since almost nobody seemed to be happy with that one, and since I've had enough drama recently, and I certainly don't want to be contributing to more drama, I've made the rare decision to take the video private.

Tomorrow I'll be talking about a separate initiative to prepare for a ... quite unique ... challenge with the upcoming Panther Mk2. Hopefully it'll be more fun and less controversial.

I'm tired of controversy.

 

[Helmut Grokenberger]

Earlier today I posted a video showing how IP addresses are plaintext-logged in the Elite: Dangerous netlogs. I thought that to be informative about a dynamic which I felt was far from best practice, and, like all things, it was information which individual CMDRs could choose to do whatever they wanted with. (Plus, shining a big spotlight on what I feel are issues with the game has been a historically pretty effective manner of getting them fixed.)

Since publishing the video, the reception has been ... shall we say, rather fierce? ... on pretty much opposite camps.

The way you wrote it, based on "feelings" and trying to "shine a spotlight on what [you] feel are issues" makes me think you didn't really understand what is going on and tried to gain attention and traction within your community in the hope Frontier "listens to you".

What you "uncovered" isn't actually breaking news, and you can shine as many spotlights on it as you feel neccessary, but this isn't an an issue to "fix", this is how peer to peer works. Hence the name. As a content creator you have a certain responsibility to educate yourself before posting videos like the one in question. And talking about "best practices", have you actually tried contacting Frontier about this "issue" before shining a spotlight on it?

On one hand, a quarter of the community accused me of publicly revealing what sounded like the secrets to creating WMDs. For them, I was enabling doxxing behaviors, and I was complicit in some of the worst crimes the game has ever seen. Another quarter of the community accused me of ... pretty much the opposite ... ragebaiting on a nothingburger. That IP addresses, public or private, are not a security risk, everyone logs them ... who cares.

I've read the comments under your community post. Those who accuse you of creating WMDs are still unedicated about the topic at hand even after your video and community post and basically just ragebaited into "hurr durr Frontier too dumb for networking", and those telling you (rightly so) that this is a nothingburger are trying to tell you that you've been overzealous with that video. Maybe it's time to let that sink in instead of reacting salty.

Maybe, maaaaaybe, a fourth quarter got my intended meaning of more-knowledge, more-power to the players.

If it was more knowledge you are after, maybe you should have educated your audience a bit more clearly that this "issue" of exposed connection metadata is a side effect of peer-to-peer connections, and there is nothing to "fix" except remodeling the network structure of the game, which isn't going to happen. Maybe you did in your video, I couldn't see it, but judging by a large portion of the comments on your post, a lot of people took your word as gospel and are now almost less knowledgable than before and are, again, just blaming Frontier for being incompetent in one form or another.

Since almost nobody seemed to be happy with that one, and since I've had enough drama recently, and I certainly don't want to be contributing to more drama, I've made the rare decision to take the video private.

Tomorrow I'll be talking about a separate initiative to prepare for a ... quite unique ... challenge with the upcoming Panther Mk2. Hopefully it'll be more fun and less controversial.

I'm tired of controversy.

Mate, it's been said before here and in your comment sections - you created that drama yourself. If you're tired of controversy, try not being controversial for a change. Get off the prediction and rant train, stop clinging to datamining, speculation and ragebait, and stick to productive stuff.

 

[Starshot_Jigawatts]

Keeping a list of public IP's in the client game-files isn't what I would call a "best practice" from a security standpoint. And those of you arguing that this exposes players to literally ZERO risk of bad-actor abuse? Well, you're just lying. Period. The risk is small yes, but it's not no risk at all so stop pretending it is.

I would like a company who also stores my log-in information, my physical address and also my credit card information to use best practices across the board. Or at least not stupid crap like plain-texts of sensitive information laying around.

Seems like common sense to me. But then again, I don't have a burning hatred of Elite Dangerous streamers like most of this forum has.

 

[ꝁestrel]

I'm tired of controversy.

Making the video private was the right move. Good on you.

You should really reflect on this situation.

Please consider this: we are living in a dark time. The amount of poor quality information masquerading as fact is overwhelming society in a very bad way. The sciences (including computer sciences) in particular are under threat from people who "do their own research" and aren't equipped to understand the nuance of complex topics. Large language models and their "hallucinations" have exacerbated this problem by orders of magnitude.

Some of us old computer nerds who saw the rise of the internet in the 80s and 90s didn't see this coming. Maybe some of us did but I don't think the majority saw it coming. We thought that a more connected internet would make us more informed, compassionate, and on track to that Star Trek utopia we fantasized about. But all it seems to have done is promote lazy thinking, scary ideas, etc... actually, not promote... it entrenched them. Bad ideas are entrenched now. Because every bad idea can find at least a few thousand supporters from around the world.

So when you make a video about a subject you're obviously not an expert in you are making this problem worse. That's why the response to your video and comments has been so hostile. People well versed in computer security are dealing with bad information constantly and, this time, the source of that bad information was listening to feedback.

To that end I have a recommendation for you if you're open to it. If you want to cover a serious subject such as network security please reach out and ask an expert. Most of the time this will cost you nothing. There are computer security discords, security.stackexchange.com, mailing lists, etc. You can even send an email to university professors! There are a lot of professionals who are willing to answer simple questions for nothing.

One of the concepts that security experts will point to is "security by obscurity":

Security through obscurity - Wikipedia

en.wikipedia.org

Now imagine you covered that in your video! You would educate your viewers on a very important security concept and actually teach them how to harden their own systems and lives. You yourself would also learn that this is still a divisive topic in the security community. The general best practice is to not rely on obscurity alone but adding obscurity on top of an already secured system could (arguably!) be a good thing.

If you have an audience, please take serious topics seriously. Even if you see yourself as just some guy making videos about video games. People will take you seriously as though you're an expert. And if you get it wrong it can be harmful in ways you simply can't predict. Consult experts and be on the positive side of the mass information dystopia

 

[Koma Pahu]

Making the video private was the right move. Good on you.

You should really reflect on this situation.

Please consider this: we are living in a dark time. The amount of poor quality information masquerading as fact is overwhelming society in a very bad way. The sciences (including computer sciences) in particular are under threat from people who "do their own research" and aren't equipped to understand the nuance of complex topics. Large language models and their "hallucinations" have exacerbated this problem by orders of magnitude.

Some of us old computer nerds who saw the rise of the internet in the 80s and 90s didn't see this coming. Maybe some of us did but I don't think the majority saw it coming. We thought that a more connected internet would make us more informed, compassionate, and on track to that Star Trek utopia we fantasized about. But all it seems to have done is promote lazy thinking, scary ideas, etc... actually, not promote... it entrenched them. Bad ideas are entrenched now. Because every bad idea can find at least a few thousand supporters from around the world.

So when you make a video about a subject you're obviously not an expert in you are making this problem worse. That's why the response to your video and comments has been so hostile. People well versed in computer security are dealing with bad information constantly and, this time, the source of that bad information was listening to feedback.

To that end I have a recommendation for you if you're open to it. If you want to cover a serious subject such as network security please reach out and ask an expert. Most of the time this will cost you nothing. There are computer security discords, security.stackexchange.com, mailing lists, etc. You can even send an email to university professors! There are a lot of professionals who are willing to answer simple questions for nothing.

One of the concepts that security experts will point to is "security by obscurity":

Security through obscurity - Wikipedia

en.wikipedia.org

Now imagine you covered that in your video! You would educate your viewers on a very important security concept and actually teach them how to harden their own systems and lives. You yourself would also learn that this is still a divisive topic in the security community. The general best practice is to not rely on obscurity alone but adding obscurity on top of an already secured system could (arguably!) be a good thing.

If you have an audience, please take serious topics seriously. Even if you see yourself as just some guy making videos about video games. People will take you seriously as though you're an expert. And if you get it wrong it can be harmful in ways you simply can't predict. Consult experts and be on the positive side of the mass information dystopia

Very well put.

I can testify to willingness to help of university staff.

I’ve reached out to a few over the years, on various topics, and have each time found them going above and beyond in helping me find my answers. - and that’s just as a curious member of the public.

This isn’t aimed at anyone in particular, and certainly not CMDR Mechan, but there is an issue in this community of people thinking they know more than they do because they’ve been playing video games for decades.*

This controversy has highlighted it beautifully, with people getting themselves in a tizzy when they learn how the internet works. Dunning-Kruger at its finest.

*Not to say there’s not also a lot of very knowledgeable people in this community too.

 

[Helmut Grokenberger]

Keeping a list of public IP's in the client game-files isn't what I would call a "best practice" from a security standpoint. And those of you arguing that this exposes players to literally ZERO risk of bad-actor abuse? Well, you're just lying. Period. The risk is small yes, but it's not no risk at all so stop pretending it is.

I would like a company who also stores my log-in information, my physical address and also my credit card information to use best practices across the board. Or at least not stupid crap like plain-texts of sensitive information laying around.

Seems like common sense to me. But then again, I don't have a burning hatred of Elite Dangerous streamers like most of this forum has.

This isn't about if Frontier stores the IP addresses or other connection metadata along with your customer credentials on their servers - that would indeed possibly be an issue from a GDPR standpoint (or whatever privacy rules apply in your jurisdiction). It is about the client logging locally which connections it establishes with other computers on the internet. Which, if you ask me, any network client I use on my machine should.

 

[Rat Catcher]

This isn't about if Frontier stores the IP addresses or other connection metadata along with your customer credentials on their servers

I have no idea how other organisations may work in a global sense, but my ISP leases my connection an IP address, rather than allocating the same address as a permanent fixture. So the connection I made yesterday morning to any internet destination is highly unlikely to have the same IP address as I am currently connected with, or indeed connected with in the afternoon of the same day.

But, maybe I have no understanding of how these things work, that appears to be pretty common.

(I did used to pay for a fixed address back in the day, when I felt the need for such)

 

[Helmut Grokenberger]

I have no idea how other organisations may work in a global sense, but my ISP leases my connection an IP address, rather than allocating the same address as a permanent fixture. So the connection I made yesterday morning to any internet destination is highly unlikely to have the same IP address as I am currently connected with, or indeed connected with in the afternoon of the same day.

But, maybe I have no understanding of how these things work, that appears to be pretty common.

(I did used to pay for a fixed address back in the day, when I felt the need for such)

My ISP also assigns IP addresses dynamically, but not very dynamically . In practice, I sometimes keep the same IP address over weeks. And there is also this ongoing battle (for years now) on how long ISPs should be mandated to store connection metadata - here, the legislators over and over discussed this and passed multiple laws that either got canned by our highest courts, or were found to conflict with EU privacy laws. Then there is the whole GDPR thing regulating what any service provider can and cannot store with and without consent. It's a hot can of worms, but I don't think all this applies here. This is about the logging behavior of a local network client. Making drama out of the fact that a network client logs its connections locally is... interesting. Imagine if people knew about the power of netstat or wireshark.

 

[CMDR Mechan]

Making the video private was the right move. Good on you.

You should really reflect on this situation.

Please consider this: we are living in a dark time. The amount of poor quality information masquerading as fact is overwhelming society in a very bad way. The sciences (including computer sciences) in particular are under threat from people who "do their own research" and aren't equipped to understand the nuance of complex topics. Large language models and their "hallucinations" have exacerbated this problem by orders of magnitude.

Some of us old computer nerds who saw the rise of the internet in the 80s and 90s didn't see this coming. Maybe some of us did but I don't think the majority saw it coming. We thought that a more connected internet would make us more informed, compassionate, and on track to that Star Trek utopia we fantasized about. But all it seems to have done is promote lazy thinking, scary ideas, etc... actually, not promote... it entrenched them. Bad ideas are entrenched now. Because every bad idea can find at least a few thousand supporters from around the world.

So when you make a video about a subject you're obviously not an expert in you are making this problem worse. That's why the response to your video and comments has been so hostile. People well versed in computer security are dealing with bad information constantly and, this time, the source of that bad information was listening to feedback.

To that end I have a recommendation for you if you're open to it. If you want to cover a serious subject such as network security please reach out and ask an expert. Most of the time this will cost you nothing. There are computer security discords, security.stackexchange.com, mailing lists, etc. You can even send an email to university professors! There are a lot of professionals who are willing to answer simple questions for nothing.

One of the concepts that security experts will point to is "security by obscurity":

Security through obscurity - Wikipedia

en.wikipedia.org

Now imagine you covered that in your video! You would educate your viewers on a very important security concept and actually teach them how to harden their own systems and lives. You yourself would also learn that this is still a divisive topic in the security community. The general best practice is to not rely on obscurity alone but adding obscurity on top of an already secured system could (arguably!) be a good thing.

If you have an audience, please take serious topics seriously. Even if you see yourself as just some guy making videos about video games. People will take you seriously as though you're an expert. And if you get it wrong it can be harmful in ways you simply can't predict. Consult experts and be on the positive side of the mass information dystopia

This is a very well thought-out reply.

Thank you - very much appreciate your input!

 

[Markov Chaney]

Earlier today I posted a video showing how IP addresses are plaintext-logged in the Elite: Dangerous netlogs. I thought that to be informative about a dynamic which I felt was far from best practice, and, like all things, it was information which individual CMDRs could choose to do whatever they wanted with. (Plus, shining a big spotlight on what I feel are issues with the game has been a historically pretty effective manner of getting them fixed.)

Since publishing the video, the reception has been ... shall we say, rather fierce? ... on pretty much opposite camps. On one hand, a quarter of the community accused me of publicly revealing what sounded like the secrets to creating WMDs. For them, I was enabling doxxing behaviors, and I was complicit in some of the worst crimes the game has ever seen. Another quarter of the community accused me of ... pretty much the opposite ... ragebaiting on a nothingburger. That IP addresses, public or private, are not a security risk, everyone logs them ... who cares. A third quarter accused me of just being salty at FDEV and vindicative, and players.

Well, another tiny fraction of the community, by which I mean me, asked if you had observed responsible disclosure or raised it formally with FDev.

You don't seem to have answered that question yet - and your first paragraph quoted here strongly suggests that you have chosen not to take either of these more responsible routes.

 

[Doctor Dread]

I'm tired of controversy.

Indeed. Let's settle it once for all, it has to be 2K.

 

[Ian Doncaster]

This isn't about if Frontier stores the IP addresses or other connection metadata along with your customer credentials on their servers - that would indeed possibly be an issue from a GDPR standpoint (or whatever privacy rules apply in your jurisdiction)

Though would very likely be covered under the "legitimate purposes" justification for a company running an online game, provided that the storage duration and any subsequent processing was proportionate to that. Frontier have notified that they may/will do so (EULA 7.2, probably elsewhere as well)

Keeping a list of public IP's in the client game-files isn't what I would call a "best practice" from a security standpoint. And those of you arguing that this exposes players to literally ZERO risk of bad-actor abuse? Well, you're just lying. Period. The risk is small yes, but it's not no risk at all so stop pretending it is.

The only scenario I can think of where it increases the risk of abuse is a fairly complicated one:
1) Player A joins a peer-to-peer session in Elite Dangerous with Player B
2) At this point, neither's computer is compromised by a hostile party, nor is either player themselves a hostile party to the other (if they are the log file is irrelevant as the network connections can be monitored more straightforwardly in real-time instead)
3) Player A's computer does not have any other network logging software running at the time.
4) Later, Player A's computer is compromised by a party hostile to Player B
5) The hostile party uses the stored ED logs to discover Player B's IP address on a particular date
6) The hostile party is then able to combine this with other information to abuse Player B.

Sure, it's non-zero, but it's extremely marginal (and requires the hostile party to be top level in terms of resources - national espionage or similar private concerns). Anyone for who this is a serious threat shouldn't be playing online games at all because that sets their baseline risk so much higher to begin with.

 

[Starshot_Jigawatts]

The only scenario I can think of where it increases the risk of abuse is a fairly complicated one:
1) Player A joins a peer-to-peer session in Elite Dangerous with Player B
2) At this point, neither's computer is compromised by a hostile party, nor is either player themselves a hostile party to the other (if they are the log file is irrelevant as the network connections can be monitored more straightforwardly in real-time instead)
3) Player A's computer does not have any other network logging software running at the time.
4) Later, Player A's computer is compromised by a party hostile to Player B
5) The hostile party uses the stored ED logs to discover Player B's IP address on a particular date
6) The hostile party is then able to combine this with other information to abuse Player B.

Sure, it's non-zero, but it's extremely marginal (and requires the hostile party to be top level in terms of resources - national espionage or similar private concerns). Anyone for who this is a serious threat shouldn't be playing online games at all because that sets their baseline risk so much higher to begin with.

You're making an overly-convoluted scenario in my opinion. But fine, you admit the risk is not-zero so there's no more need to go down this route. That was my only point, that people claiming this is a "nothingburger" are not being truthful.

Can I try a different approach though? Can you think of any reason why this file is literally necessary to the operation of the game client in P2P mode? I can't think of a reason, because it's certainly not.

For me it's not so much that this file exists that's troubling, it's that the same company that keeps so much more damaging personal information about us would do this. So it begs the question: What other stupid practices are they implementing in storing THAT information?

 

[Helmut Grokenberger]

The risk is always non-zero unless you turn your computer off, so that's not really helpful. If a player decides to be malicous, all it needs is to fly around in open an run a network monitor to collect IP addresses. From there all you need is a bit of knowledge how the internet works as well as a bit of social engineering. Remember the SPEAR guy? Not having the local net log would have prevented nothing.

 

[Starshot_Jigawatts]

This isn't about if Frontier stores the IP addresses or other connection metadata along with your customer credentials on their servers - that would indeed possibly be an issue from a GDPR standpoint (or whatever privacy rules apply in your jurisdiction). It is about the client logging locally which connections it establishes with other computers on the internet. Which, if you ask me, any network client I use on my machine should.

I full well know what it's about, you haven't addressed my point though. Saying this local file poses zero-risk to players is a flat out dishonest assertion. So why have the file in the first place? If it has a legitimate use it should be encrypted or obfuscated by some means, certainly that would be a best-practice.

ANY information that allows another player to pierce the veil of Commander anonymity in Elite should be frowned upon by FDEV. Even if it's something players can easily do themselves, that's totally besides the point. That doesn't mean FDEV should just roll out the red carpet and make it a no-brainer lol.

 

[Ian Doncaster]

Can I try a different approach though? Can you think of any reason why this file is literally necessary to the operation of the game client in P2P mode? I can't think of a reason, because it's certainly not.

It's a log file, so almost by definition it's not necessary to normal operation in the moment.

For debugging it's essential. If someone has network or instancing problems then one of the key things that Frontier needs to know to fix them is "what connections was the client trying to make, and did they work?", and they might well ask for you to send that log file in. (This is not theoretical: they will do this if you report particular issues)

That was my only point, that people claiming this is a "nothingburger" are not being truthful.

There comes a point where the incremental risk is so insignificant that it doesn't need to be considered, and storing a log of connections made by a computer on that computer is so routine as to be in that category in most cases.

If you think my scenario is overcomplicated (and I think I picked the simplest possible where the existence of the log file makes any difference whatsoever to someone with malicious intent), tell me a simpler one.

 

[Yiryi-Sa]

ANY information that allows another player to pierce the veil of Commander anonymity in Elite should be frowned upon by FDEV.

Perhaps write to FDev?

 

[Helmut Grokenberger]

So why have the file in the first place?

It's a log file, so almost by definition it's not necessary to normal operation in the moment.

For debugging it's essential. If someone has network or instancing problems then one of the key things that Frontier needs to know to fix them is "what connections was the client trying to make, and did they work?", and they might well ask for you to send that log file in. (This is not theoretical: they will do this if you report particular issues)

There's your answer. You never need log files. Until you need them.

 

[Koma Pahu]

I wonder how many of those who have just discovered the log file and are outraged by it, activity take precautions to protect their identities online.

I’m not internet security expert but I do know enough to know there’s shedloads I don’t, and my IP address being logged on some other players computer is pretty low on my concerns navigating the modern internet.