Hi Brian,
I'm still not entirely clear on your complaint. Are you talking about Wikimedia (not random users, nor Wikipedia Administrators) having access to IP addresses from system logs? Or something else? What does "The IP address is helpful, but not necessary" mean?
Cheers, David...
On Mon, Mar 30, 2015 at 10:14 AM, Brian J Mingus brian.mingus@colorado.edu wrote:
Hi David,
It is a bit of hyperbole, but reductio arguments have their role in helping to make certain things clear.
If you force users to log in, you can still identify them. The IP address is helpful, but not necessary.
On Sun, Mar 29, 2015 at 7:12 PM, David Carson carson63000@gmail.com wrote:
Hi Brian,
"Dox'ing yourself"? That's a pretty wild hyperbole.
But just to clarify: are you taking issue with the fact that not-logged-in users have their IP addresses publicly visible? Or with the fact that all edits have IP addresses privately recorded?
I originally thought you were talking about the latter, but now I'm not sure. If it's actually the former, I've got no disagreement with you.
Given that anyone can edit without making their IP public simply by registering a pseudonym and logging in, and given that many new editors might not be aware of the implications of revealing their IP (if they're editing from a static address at work, for instance), it seems to me that the easiest solution - and one which I think would cause absolutely zero astonishment in the minds of new users - would simply be to require users to register a pseudonym and log in in order to edit.
But if you're concerned about the effect that this would have on casual "drive-by" fixes and improvements by people who aren't invested enough in the project to register, then sure, encrypt or hash the IP address before displaying it publicly. I don't think randomizing it on every edit would be a good idea, because I think it's important to be able to tell whether a succession of edits were from the same editor.
Cheers, David...
On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus < brian.mingus@colorado.edu> wrote:
Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this.
On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63000@gmail.com wrote:
"Wikipedia:Free speech" ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read.
http://en.wikipedia.org/wiki/Wikipedia:Free_speech
It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal.
If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia.
Cheers, David...
On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus < brian.mingus@colorado.edu> wrote:
In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them.
But if you recall, I simply stated that recording IP addresses is invasive. And it is.
This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming.
For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical.
Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people.
On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes okeyes@wikimedia.org wrote:
In order:
- Yes, the WMF is suing the NSA. There are a few threads/blog posts
about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way.
The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers.
That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus
there
would be a good starting point to changing this.
On 29 March 2015 at 11:57, James Farrar james.farrar@gmail.com
wrote:
> Wikipedia is suing the NSA? Seriously? > On 28 Mar 2015 11:23, "Brian J Mingus" brian.mingus@colorado.edu wrote: > >> It has worked up to now, but I'm thinking that, especially given Wikimedia >> is suing the NSA, it is no longer justifiable. If the NSA can't
track
>> citizens, Wikimedia shouldn't be tracking them either. Seems
simple :)
>> >> On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa-ml@ariis.it wrote: >> >> > On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: >> > > I think it's rather curious that edits to Wikipedia aren't
private.
Why >> > log >> > > the IP address? Why log anything? It's invasive. >> > >> > I guess it's a sensible choice against abuse (vandalism) while
still
>> > allowing non registered users editing rights >> > >> > >> > _______________________________________________ >> > WikiEN-l mailing list >> > WikiEN-l@lists.wikimedia.org >> > To unsubscribe from this mailing list, visit: >> > https://lists.wikimedia.org/mailman/listinfo/wikien-l >> > >> _______________________________________________ >> WikiEN-l mailing list >> WikiEN-l@lists.wikimedia.org >> To unsubscribe from this mailing list, visit: >> https://lists.wikimedia.org/mailman/listinfo/wikien-l >> > _______________________________________________ > WikiEN-l mailing list > WikiEN-l@lists.wikimedia.org > To unsubscribe from this mailing list, visit: > https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Oliver Keyes Research Analyst Wikimedia Foundation
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l