logoalt Hacker News

ambicapteryesterday at 8:25 PM1 replyview on HN

> may have built observability dashboards and audit logs, but those are editable and partisan

Why would these be editable?


Replies

brian_kuanyesterday at 8:47 PM

Because they live in infrastructure the vendor itself controls - there's some conflict of interest there. Things like retention, rotation, deletion, what gets included/excluded, etc are all decisions the vendor makes. Same reason why compliance requires audits!

The hash chain doesn't make the log unwritable, it makes any edit detectable.