Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Log source
The story of event logging begins at sea and is related to navigation. One of the important aspects of navigation is dead reckoning: estimating your current position based on course, speed and time from a known, observed point. In the end of 15th century, speed at sea was measured with a small wooden log. A so-called âDutchmanâs Logâ was dropped overboard from the bow of the ship and the navigator measured the time elapsing before it passed the stern.
The technique evolved to a chip log attached to a light line which was connected the stern. As the ship moved away from the log, the length of line paid out during the emptying of a sandglass was the measure of the speed. Knots were tied to the string to increase the accuracy of measuring: the navigator counted the knots and calculated the speed from that.
Fun fact: today, sailors and aircraft pilots still express speed in knots, so in a way it all is related to event logging.
Saving log events
The readings from the log tossing and speed were written down to the ships logbook which could be considered as a first occurence of so called event logs. Later on, captains started marking down all other events to the logbook that were occurring on the ship: the ports the ship had visited, routine events, crew behaviour, significant incidents, weather conditions, whales encountered, other ships and other interesting stuff they noticed. Thus making the log book a pretty exhaustive source of information.
Archiving logs
There was no reason to keep those books in the ship after they filled up, so they were archived in the docks. For example, the US ships kept their archived logbooks in the United States Navy office in Washington. As usually, logs were gathered but no-one really gave any attention to them. At least they werenât ârotatedâ or âoverwrittenâ if you get my drift.
Log Analysis
It was until the late 1830âs when the collected and archived log files started to give some additional value besides being just historical notes in archives. Due to an accident, Matthew Fontaine Maury became a librarian of the many unorganized ship logbooks. He started to organize and analyze thousands of old ship logs and charts in order to collect information about the winds, calms, currents for all seas in all seasons and other observations in the logs, e.g. the migration of whales that have been spotted from the ships.
Mauryâs work on ocean currents led him to a theory of the Northwest Passage and the hypothesis that an area in the ocean near the North Pole is occasionally free of ice. His theory was based on the old whaler ships logs which indicated the designs and markings of harpoons in whales. Harpoons found in captured whales in the Atlantic had been shot by ships in the Pacific and vice versa at a frequency that would have been impossible if the whales had traveled around Cape Horn.
Thanks to the analysed data he was able to prove his theory and showed how using the oceanâs currents and winds drastically reduce the length of ocean voyages. In other wordsâââMauryâs work on old logs can be considered as a first occurrence of an actual log analysis to gain benefit from log books.
Fun fact: Mauryâs work prepared a profile of the Atlantic seabed, which proved the feasibility of laying a transatlantic telegraph cable so in a wayâââlog analysis helped to connect the two continent with electronic data exchange.
About Logging in
But anyway, back to the logbook. The term has spread to a wide variety of other usages. They were used to mark down people when they were entering or leaving the premises or certain rooms and to âclock inâ when arriving to work, thus creating a log event (an entry to the logbook).
In computer science, the terms became common with the time sharing systems of the 1960s. The noun âloginâ comes from the verb â(to) log inâ, and with the analogy of the verb âto clock inâ. Computer systems keep a log of usersâ access to the system. âTo sign inâ connotes the same idea, but is based on the analogy of manually signing a log or visitorsâ book.
In computer security, logging in is the process by which an individual gains access to a computer system by identifying and authenticating themselves. A proper login log event should contain enough information to understand how the login process was executed and not to include information that could compromise the usersâ account or session (e.g. passwords, private keys or session id-s should not be logged). The reasoning for that is quite simple: log files might get into the wrong hands thus they shouldnât give away more information then necessary.
Login event
From a proper authentication log event you should find answers to the following questions: who, when, where, whence, what and how. You want to have the username that was used to authenticate (who), proper timestamp of the event (when), the system identifier where the user tried to log in (where), IP address or the terminal name of the device that was used to initiate the login process (whence), the fact that it was a login event (what) and device or method that was used to login e.g. password or smart-card (how). Additionally you might want to log down the result of the event (success, failure or an attempt) and additional system-specific information (user-agent, hashed session ID-s or cookies, password length or a public key serial number that was used etc that you might find relevant for later analysis).
The irony
Unfortunately due to poor logging quality there are often situations where user events (including identifying process) are not logged. Which brings us to the irony: if you donât log your login process then arenât you kind of fighting the whole concept of âloginâ. So when designing Your next information system, please be sure to at least log Your authentication process correctly.
History and irony of logging (in) was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.