On 5/29/07, Slim Virgin slimvirgin@gmail.com wrote:
On 5/29/07, George Herbert george.herbert@gmail.com wrote:
I am far more worried that one of Merkey's anon detractors claims that they just got past RFA with another as-yet-unnamed account ...
Quite a few groups are claiming to have succeeded in getting RfAs through, and in some cases more than one admin account per person, because the process has become almost completely formulaic. It's one of the reasons I don't like to see high article edit counts (with minor edits) and low talk-page interaction, because that's one of the ways they claim to get them through. (And that's not a comment on Gracenotes, before anyone interprets it that way.)
I don't know what the solution is, because a large chunk of the community still argues that adminship's no big deal, which means there's no will to check who's being given it.
The real problem is that there's no time to check who's being given it. I spend a moderate amount of time, 5-10 min or so, perusing a candidate, unless I already know them extensively. This compares rather negatively with the several hours it takes me to ferret out details in serious abuser / sockpuppeteer cases and track all the relevant stuff down. And even in those cases, unless I RFCU on them, I am left with a lingering feeling that I don't know enough about them.
Even admins have a hard time doing permanent long-term spree damage faster than they can be emergency desysopped (and the delay while finding a steward). But there's potential there, and the potential damage an insidious covert admin-powers abuser could cause as opposed to a blatant spree vandal is something not well discussed.
There are unfortunately two lessons from industry: One, 4 out of 5 attacks (IT security, industrial espionage, some types of physical violence in workplace) come from inside. Two, paranoia about that statistic has caused many businesses to take drastic precautions that implode morale and destroy anything worth saving about the business.
We have to trust people to get stuff done in order for the project to exist. But both keeping eyes open and thinking about what the bad guys may be doing is important.