On 6/15/07, Slim Virgin slimvirgin@gmail.com wrote:
On 6/15/07, Kat Walsh kat@mindspillage.org wrote:
On 6/15/07, Slim Virgin slimvirgin@gmail.com wrote:
Trojan admin accounts can do a lot of damage. They can view and copy deleted material; unblock abusive users; unprotect pages that would be better left protected; cause endless arguments on AN/I by questioning other admins; log and hand out conversations on the admins' channel, and doubtless other things I haven't thought of.
I still don't see why someone using an anonymizing proxy, who has maintained a consistent identity, does not resemble another user, and otherwise does not ping anyone's trouble radar, is more of a risk here than any other admin for whom we do not know any personal details.
We have some details for most admins, if only the IP address if it's needed. That allows checkusers to look for sockpuppetry, and it allows the Foundation to respond to a request from a court for the admin's details in case of libel, for example. It's minimal accountability, and to take even that away would mean that someone who was permabanned could easily be up and running several admin accounts a few months later, and could cause a lot of trouble, with almost no way of getting caught. Look at Wikitruth, for example, and the reposting of possibly libelous or distressing material. Look at the trouble caused by people posting IRC logs from the admins channel.
Someone permabanned *can* be up and running several admin accounts a few months later. It's just that most of the people we permaban are unable to handle the social aspects for long enough to become admins, rather than the technical measures we employ, that stops them from doing so most of the time.
Being able to produce even minimal details in case of wanting to find out an editor's identity depends on several things, and is not consistent. I don't think the accountability argument flies here; we just don't know who any of our admins are who do not choose to tell. And an editor posting logged-out from an open proxy we don't know about can just as well post something libelous as an admin can (and something that looks plausible might stay for longer than we like to think about) -- but the admin has a strong disincentive to do so, as it would ruin the reputation of the identity they'd chosen, which takes a significant amount of effort to build up.
I suspect most of the cases of admins abusing what little technical power they have are people not editing from proxies, just people who are casually anonymous (that is, not taking any particular privacy measures beyond not revealing their real name and personal details), and whose damage is small enough compared to the amount of energy it would take to stop them that no one does so.
(I could be the one feeding data to Wikitruth and sending out text of deleted revisions, for all anyone knows. I hope that I have established enough of a reputation that others trust I am not the one doing it! I'm not, but all you truly have to go on is my say-so.)
I think the important point is that it's a violation of policy to edit with open proxies, so it's a bit rich for an editor to ask to become an admin, who'll be able to block others for policy violations, while violating it themselves every single time they edit. If they want to change the policy, they should try to do that openly before standing.
I just can't get too upset about it. Here, as in general, I'd rather look at the intent of the policy and the effects of breaking it. No one would even know that the user was violating this policy if someone hadn't gone to the trouble to bring it up. What's the intent of the policy? To prevent people from causing trouble unchecked. (If we cared so much about being able to find out the identity of editors -- or admins -- we'd have some sort of proactive measures in place to that effect, but we don't.) There's no indication that CW is doing that or is even suspected of it; if the account smelled funny I suspect it would have been blocked long ago. (I don't know what all the checkusers have to say about it, though.)
It would have been better to bring up the proxy usage openly, sure; I also think it would have been better to bring up the knowledge of it privately first.
(And since I hate it when mailing lists turn into a back and forth between two people that leave others with a flurry of posts to read if they want to participate, I'm stepping back from the thread at least until after I wake up again.)
-Kat