On Thu, 2003-04-03 at 09:51, Jimmy Wales wrote:
Well, I side generally with those who say that we
should respect
anonymity. But I also still say that allowing sysops to access
signed-in-users ip numbers for the purpose of stopping
logged-in-vandal-attacks is not a significant compromise of anyone's
anonymity.
I have no firm objection to allowing sysops to see users' ips, but I see
limited benefit in it and it's not on my list of priorities. If someone
else wants to code it up, they're welcome to do so.
But do remember that that's one more magic sysop power for the cabal. I
don't like widening the gap like that, even if it is free to join.
People seem to have a wrong idea of how much
information an ip number
contains. Usually, very little. An ip number gets you as far as an
ISP, no further. There may be rare exceptions, but in the main,
knowing an ip number doesn't tell you very much that's personally
identifiable about a person.
Well, it's rare that an IP will resolve to something as detailed as
Joe.Blow.At.34.Sycamore.Street.Idylville.city.CA.US. ;) However IPs
that belong to a small school, company, or local ISP can give more
localizing information with just a reverse DNS lookup than many people
might be comfortable with handing out.
And of course, if _everybody_ shows IP addresses left and right, you're
opening up possibilities for cross-referencing and profile-building,
which is where the privacy advocates will really start freaking out.
If Joe Blow posts an article under a pseudonym on Wikipedia that's
critical of his employer / repressive government, then posts a boring
everyday message on some bulletin board under his real name, and the two
can be connected by a publicly visible IP address... Goodbye, Joe!
I'm not saying we should shred all records after 24 hours and encrypt
our hard drives. ;) But we should pay attention to how our behavior fits
into a larger context. If our policy is that sysophood is what everyone
should have, but you have to show good faith and ask for it, then
allowing sysops to view IP addresses of logged-in users is very nearly
equivalent to posting them in public view.
The reason we show IP addresses for "anonymous" edits is in my view not
to track and ban vandals. It's just to tack the only identifying
information we have available onto edits as an attribution. If that
helps to stop vandalism, well that's helpful too.
We should respect anonymity, but we should also
recognize that there
are a lot of myths about anonymity. Just think how many people refuse
to log in because they want to remain anonymous. They don't really
get it, I think.
Yes, that's counterproductive. :)
-- brion vibber (brion @
pobox.com)