On 08/05/07, Matthew Brown <morven(a)gmail.com>
wrote:
We're not professional. Except for a tiny bunch of people who work
for the Foundation, we're all volunteers and our time is not
especially coordinated. Wikipedia is what it is, and part of that is
that we've grown faster than our organization has.
-Matt
The project should be managed professionally if it is indeed a serious
project. Otherwise it's all just a bit of a larf and it'll eventually come
crashing down. However, the project *is* taken seriously by those of us
involved, and attempts to pass itself off as a serious endeavour. Indeed
that mostly works, and so a large section of the media and the public take
the project seriously (maybe they shouldn't). That is why I consider it
serious for us to be so unprofessional about such a critical issue as site
security.
Is there an official line on what needs to be done, and what exactly
administrators should do with respect to passwords? Has it been relayed to
each and every administrator in a proper fashion? (the email I received was
rather informal) Is this information put to new admins (or even ordinary
users) in a coherent fashion? I do not think being knowledgable on the
subject of password security should be a necessary criterion for a Wikipedia
administrator. So there needs to be a definitive process for the uninitiated
to follow.
Who are you calling unprofessional? The people who quickly, competently
and comprehensively fixed the problem on the server side, or the people
who jumped up and down on the lists and wikis about the need for everyone
to change their passwords? I think you should make that clear.
-- Tim Starling