I reported Grawp to Verizon earlier this week and got the following response, I'm circulating it here so that others reporting vandals to ISPs can follow their format. But more importantly can anyone tell me how to work out Destination IP address & Destination port(s)?
Jonathan (WereSpielChequers)
--- On Tue, 20/1/09, abuse@verizon.net abuse@verizon.net wrote:
From: abuse@verizon.net abuse@verizon.net Subject: Re: [AB-C24281409F] Threats by one of your customers to rape and bugger a Wikipedia user To: dahsun@yahoo.com Date: Tuesday, 20 January, 2009, 8:43 PM Thank you for writing.
Your report contained no log file excerpt, or incomplete information, and therefore cannot be investigated.
In order to investigate your report, please submit a new report with a log file excerpt providing the specific details for the malicious traffic specific to a Verizon Online customer only.
Log file excerpts must be in plain text format, and include:
- Source IP address - Source port(s) - Destination IP address - Destination port(s) - Date - Specific time - Time zone (in which the log file time stamp isrecorded) - Brief synopsis
Additionally, please note that due to the number of reports we receive, reports with log files containing extraneous information not pertinent to the specific report cannot be accepted.
Verizon Internet Services Security can only take action in response to traffic initiated by Verizon Internet customers. Traffic from non-Verizon sources must be reported directly to the appropriate owner of the IP space that is initiating the traffic.
The following web site may be helpful in determining the owner of the originating IP space:
We hope this provides the necessary information in order to re-submit your report with the data needed, so that an investigation may be initiated.
Sincerely,
Verizon Online Abuse http://www2.verizon.net/policies http://www.verizon.net/security Abuse@verizon.net
==== Original Message ====
- Threats by one of your customers to rape and bugger a
Wikipedia user Added by system at Monday, Jan 19 2009 09:17 am X-MailFrom: dahsun@yahoo.com X-RcptTo: security@abuse.mailsrvcs.net Received: from [172.18.169.123] by [172.18.45.30] (abacus) for security@abuse.mailsrvcs.net; Mon Jan 19 09:17:21 2009 Received: from web54109.mail.re2.yahoo.com ([206.190.37.244]) by vms169123.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with SMTP id 0KDQ009N854X2XE0@vms169123.mailsrvcs.net for security@abuse.mailsrvcs.net (ORCPT security@verizon.net); Mon, 19 Jan 2009 09:17:21 -0600 (CST) Received: (qmail 55849 invoked by uid 60001); Mon, 19 Jan 2009 15:17:16 +0000 Received: from [82.44.83.239] by web54109.mail.re2.yahoo.com via HTTP; Mon, 19 Jan 2009 07:17:15 -0800 (PST) Date: Mon, 19 Jan 2009 07:17:15 -0800 (PST) From: Dahsun dahsun@yahoo.com Subject: Threats by one of your customers to rape and bugger a Wikipedia user X-Originating-IP: [206.190.37.244] To: security@verizon.net Reply-to: dahsun@yahoo.com Message-id: 462123.55297.qm@web54109.mail.re2.yahoo.com MIME-version: 1.0 X-Mailer: YahooMailWebService/0.7.260.1 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: quoted-printable DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
b=UCdIgtiXRsWAhvhf8NKxKxQ9vYZAubqs6qyz0NrAB/pmKuh9smtFqntcNLZlMn3JogFojttb5+1kt4vSpTuY3PRM/U7tKsL9V9SAfZbeWRWmaDZPYCrZ+4Pr4u4vkUSesUqSsiIeEaDbqMsMXcpQeVmdt+XY7HoPRdENdijxXWI=;
X-YMail-OSG: QZ3aUWQVM1nhCP1GFxfRrYCzIxcq6z0yNEov_Km_Tf4Ld5FhTFk-
MIME element (text/plain) Dear Verizon,
According to ARIN 71.167.96.32 is one of your IP addresses. If so were you aware of this edit:
http://en.wikipedia.org/w/index.php?title=User:Juliancolton&diff=prev&am...
One of a series of vandalisms on Wikipedia by that IP, and looking very similar to other vandalism on Wikipedia by various Verizon IP addresses.
I expect that as a socially responsible company you have policies to deal with such incidents; however if you do decide to continue supplying Internet services to that particular customer would it be possible for you to assign them a permanent IP address so we can indefinitely block that particular address from editing Wikipedia?
Yours Sincerely
Dahsun
They're asking for server logs, only devs (and possibly checkusers - but they won't be able to get all the infomation) are able to access that kind of info. Think about it he's a paying customer, its in their interests to keep him(though I think thanks to grawp a majority or Wikipedia users don't use Verizon and will try to avoid them). - Chris
On Wed, Jan 21, 2009 at 6:49 PM, Dahsun dahsun@yahoo.com wrote:
I reported Grawp to Verizon earlier this week and got the following response, I'm circulating it here so that others reporting vandals to ISPs can follow their format. But more importantly can anyone tell me how to work out Destination IP address & Destination port(s)?
Jonathan (WereSpielChequers)
--- On Tue, 20/1/09, abuse@verizon.net abuse@verizon.net wrote:
From: abuse@verizon.net abuse@verizon.net Subject: Re: [AB-C24281409F] Threats by one of your customers to rape and
bugger a Wikipedia user
To: dahsun@yahoo.com Date: Tuesday, 20 January, 2009, 8:43 PM Thank you for writing.
Your report contained no log file excerpt, or incomplete information, and therefore cannot be investigated.
In order to investigate your report, please submit a new report with a log file excerpt providing the specific details for the malicious traffic specific to a Verizon Online customer only.
Log file excerpts must be in plain text format, and include:
- Source IP address - Source port(s) - Destination IP address - Destination port(s) - Date - Specific time - Time zone (in which the log file time stamp isrecorded) - Brief synopsis
Additionally, please note that due to the number of reports we receive, reports with log files containing extraneous information not pertinent to the specific report cannot be accepted.
Verizon Internet Services Security can only take action in response to traffic initiated by Verizon Internet customers. Traffic from non-Verizon sources must be reported directly to the appropriate owner of the IP space that is initiating the traffic.
The following web site may be helpful in determining the owner of the originating IP space:
We hope this provides the necessary information in order to re-submit your report with the data needed, so that an investigation may be initiated.
Sincerely,
Verizon Online Abuse http://www2.verizon.net/policies http://www.verizon.net/security Abuse@verizon.net
==== Original Message ====
- Threats by one of your customers to rape and bugger a
Wikipedia user Added by system at Monday, Jan 19 2009 09:17 am X-MailFrom: dahsun@yahoo.com X-RcptTo: security@abuse.mailsrvcs.net Received: from [172.18.169.123] by [172.18.45.30] (abacus) for security@abuse.mailsrvcs.net; Mon Jan 19 09:17:21 2009 Received: from web54109.mail.re2.yahoo.com ([206.190.37.244]) by vms169123.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with SMTP id 0KDQ009N854X2XE0@vms169123.mailsrvcs.net for security@abuse.mailsrvcs.net (ORCPT security@verizon.net); Mon, 19 Jan 2009 09:17:21 -0600 (CST) Received: (qmail 55849 invoked by uid 60001); Mon, 19 Jan 2009 15:17:16 +0000 Received: from [82.44.83.239] by web54109.mail.re2.yahoo.com via HTTP; Mon, 19 Jan 2009 07:17:15 -0800 (PST) Date: Mon, 19 Jan 2009 07:17:15 -0800 (PST) From: Dahsun dahsun@yahoo.com Subject: Threats by one of your customers to rape and bugger a Wikipedia user X-Originating-IP: [206.190.37.244] To: security@verizon.net Reply-to: dahsun@yahoo.com Message-id: 462123.55297.qm@web54109.mail.re2.yahoo.com MIME-version: 1.0 X-Mailer: YahooMailWebService/0.7.260.1 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: quoted-printable DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
b=UCdIgtiXRsWAhvhf8NKxKxQ9vYZAubqs6qyz0NrAB/pmKuh9smtFqntcNLZlMn3JogFojttb5+1kt4vSpTuY3PRM/U7tKsL9V9SAfZbeWRWmaDZPYCrZ+4Pr4u4vkUSesUqSsiIeEaDbqMsMXcpQeVmdt+XY7HoPRdENdijxXWI=;
X-YMail-OSG: QZ3aUWQVM1nhCP1GFxfRrYCzIxcq6z0yNEov_Km_Tf4Ld5FhTFk-
MIME element (text/plain) Dear Verizon,
According to ARIN 71.167.96.32 is one of your IP addresses. If so were you aware of this edit:
http://en.wikipedia.org/w/index.php?title=User:Juliancolton&diff=prev&am...
One of a series of vandalisms on Wikipedia by that IP, and looking very similar to other vandalism on Wikipedia by various Verizon IP addresses.
I expect that as a socially responsible company you have policies to deal with such incidents; however if you do decide to continue supplying Internet services to that particular customer would it be possible for you to assign them a permanent IP address so we can indefinitely block that particular address from editing Wikipedia?
Yours Sincerely
Dahsun
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
You can safely assume that all ports, source and destination, are 80. Errors on that should hav no consequence. The information about his source IP#s is on his checkuser report. Destination IP#s are not. Verizon might be able to get that from the datestamp on their own records. One list is almost entirely in Verizon's space. So, you can do it like this, for one example:
- Source IP address: 207.172.128.101 - Source port(s): 80 - Destination IP address: Wikipedia.org (not known to me) - Destination port(s): 80 - Date: 2008-10-16 - Specific time: 17:40:56 - Time zone (in which the log file time stamp isrecorded): UTC - Brief synopsis: Replaced content with "if some kid needs this for a report then.......................FUCK OFF!"
Retrieved from http://en.wikipedia.org/w/index.php?title=Piracy&oldid=245781063
"Dahsun" dahsun@yahoo.com wrote in message news:583575.28053.qm@web54107.mail.re2.yahoo.com...
I reported Grawp to Verizon earlier this week and got the following response, I'm circulating it here so that others reporting vandals to ISPs can follow their format. But more importantly can anyone tell me how to work out Destination IP address & Destination port(s)?
Jonathan (WereSpielChequers)
--- On Tue, 20/1/09, abuse@verizon.net abuse@verizon.net wrote:
From: abuse@verizon.net abuse@verizon.net Subject: Re: [AB-C24281409F] Threats by one of your customers to rape and bugger a Wikipedia user To: dahsun@yahoo.com Date: Tuesday, 20 January, 2009, 8:43 PM Thank you for writing.
Your report contained no log file excerpt, or incomplete information, and therefore cannot be investigated.
In order to investigate your report, please submit a new report with a log file excerpt providing the specific details for the malicious traffic specific to a Verizon Online customer only.
Log file excerpts must be in plain text format, and include:
- Source IP address - Source port(s) - Destination IP address - Destination port(s) - Date - Specific time - Time zone (in which the log file time stamp isrecorded) - Brief synopsis
Additionally, please note that due to the number of reports we receive, reports with log files containing extraneous information not pertinent to the specific report cannot be accepted.
Verizon Internet Services Security can only take action in response to traffic initiated by Verizon Internet customers. Traffic from non-Verizon sources must be reported directly to the appropriate owner of the IP space that is initiating the traffic.
The following web site may be helpful in determining the owner of the originating IP space:
We hope this provides the necessary information in order to re-submit your report with the data needed, so that an investigation may be initiated.
Sincerely,
Verizon Online Abuse http://www2.verizon.net/policies http://www.verizon.net/security Abuse@verizon.net
==== Original Message ====
- Threats by one of your customers to rape and bugger a
Wikipedia user Added by system at Monday, Jan 19 2009 09:17 am X-MailFrom: dahsun@yahoo.com X-RcptTo: security@abuse.mailsrvcs.net Received: from [172.18.169.123] by [172.18.45.30] (abacus) for security@abuse.mailsrvcs.net; Mon Jan 19 09:17:21 2009 Received: from web54109.mail.re2.yahoo.com ([206.190.37.244]) by vms169123.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with SMTP id 0KDQ009N854X2XE0@vms169123.mailsrvcs.net for security@abuse.mailsrvcs.net (ORCPT security@verizon.net); Mon, 19 Jan 2009 09:17:21 -0600 (CST) Received: (qmail 55849 invoked by uid 60001); Mon, 19 Jan 2009 15:17:16 +0000 Received: from [82.44.83.239] by web54109.mail.re2.yahoo.com via HTTP; Mon, 19 Jan 2009 07:17:15 -0800 (PST) Date: Mon, 19 Jan 2009 07:17:15 -0800 (PST) From: Dahsun dahsun@yahoo.com Subject: Threats by one of your customers to rape and bugger a Wikipedia user X-Originating-IP: [206.190.37.244] To: security@verizon.net Reply-to: dahsun@yahoo.com Message-id: 462123.55297.qm@web54109.mail.re2.yahoo.com MIME-version: 1.0 X-Mailer: YahooMailWebService/0.7.260.1 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: quoted-printable DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
b=UCdIgtiXRsWAhvhf8NKxKxQ9vYZAubqs6qyz0NrAB/pmKuh9smtFqntcNLZlMn3JogFojttb5+1kt4vSpTuY3PRM/U7tKsL9V9SAfZbeWRWmaDZPYCrZ+4Pr4u4vkUSesUqSsiIeEaDbqMsMXcpQeVmdt+XY7HoPRdENdijxXWI=;
X-YMail-OSG: QZ3aUWQVM1nhCP1GFxfRrYCzIxcq6z0yNEov_Km_Tf4Ld5FhTFk-
MIME element (text/plain) Dear Verizon,
According to ARIN 71.167.96.32 is one of your IP addresses. If so were you aware of this edit:
http://en.wikipedia.org/w/index.php?title=User:Juliancolton&diff=prev&am...
One of a series of vandalisms on Wikipedia by that IP, and looking very similar to other vandalism on Wikipedia by various Verizon IP addresses.
I expect that as a socially responsible company you have policies to deal with such incidents; however if you do decide to continue supplying Internet services to that particular customer would it be possible for you to assign them a permanent IP address so we can indefinitely block that particular address from editing Wikipedia?
Yours Sincerely
Dahsun
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
69.139.6.164 For your convenience, that is comcast, and their whois record is too short, so I do not know where.
http://en.wikipedia.org/w/index.php?title=User:71.107.165.252&action=edi... That is Verizon in Reston, Virginia. Right state, wrong city, depending on technology available. I was thinking that Verizon could, under normal load conditions, keep users in the same 64k block of IP#s, and I do not know that they even try.
http://en.wikipedia.org/w/index.php?title=User:67.233.195.172&action=edi... That is EMBARQSERVICES.NET in Winter Park, Florida.
http://en.wikipedia.org/w/index.php?title=User:88.109.84.158&action=edit... http://www.tiscali.co.uk 20 Broadwick Street London W1F 8HT +44 207 087 2000 abuse-mailbox: abuse@uk.tiscali.com (There is a list of repeated, identical messages of warning via tiscali that are misidentified as death threats on his checkuser page.)
http://en.wikipedia.org/w/index.php?title=User:68.110.105.92&action=edit... Cox Communications, Atlanta. That's all I get without calling up their web site. Reporting address should be abuse@cox.com
213.114.174.153 address: Box 47645 address: 117 94 Stockholm address: Sweden abuse-mailbox: abuse at bredband.com
If it's all the same guy, then maybe he really does know something about piracy. The rest of them hav convenient links to whois information. Last time I checked, they also worked.
Do you people seriously not see a problem with PUBLICLY disclosing the relationship between the IP address and the particular individual, which is basically what is being done in the context of this thread on this particular publicly-archived mailing list?
Not in the case of an adult banned user and a SEEMINGLY unresponsive ISP. If anything, since one guy seems to hav openned a channel to Verizon's abuse department, the problem might go away. I do not see any other way to do it, because police do not figure into the equation, as far as I hav seen in this guy's history. In short, "How would you do it?".
"Kurt Maxwell Weber" kmw@armory.com wrote in message news:200901251258.28099.kmw@armory.com...
Do you people seriously not see a problem with PUBLICLY disclosing the relationship between the IP address and the particular individual, which is basically what is being done in the context of this thread on this particular publicly-archived mailing list? -- Kurt Weber kmw@armory.com
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On Wednesday 28 January 2009 03:26, Jay Litwyn wrote:
Not in the case of an adult banned user and a SEEMINGLY unresponsive ISP. If anything, since one guy seems to hav openned a channel to Verizon's abuse department, the problem might go away. I do not see any other way to do it, because police do not figure into the equation, as far as I hav seen in this guy's history. In short, "How would you do it?".
Yes, because a website is a WAY WAY WAY more important concern than the privacy of a real person.
If he wanted his privacy he should have heeded the warnings to cease the excessive and rather annoying vandalism he does. I don't think giving Verizon this information is a violation of our privacy policy as we are doing so to stop persistant vandalism and abuse. He has had plenty of chances to stop.
On 1/28/09, Kurt Maxwell Weber kmw@armory.com wrote:
On Wednesday 28 January 2009 03:26, Jay Litwyn wrote:
Not in the case of an adult banned user and a SEEMINGLY unresponsive ISP. If anything, since one guy seems to hav openned a channel to Verizon's abuse department, the problem might go away. I do not see any other way to do it, because police do not figure into the equation, as far as I hav seen in this guy's history. In short, "How would you do it?".
Yes, because a website is a WAY WAY WAY more important concern than the privacy of a real person. -- Kurt Weber kmw@armory.com
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Divulging his IP to his provider seems standard, advisable, and perfectly ethical. We aren't just talking about minor vandalism, he has inspired numerous copycats and has harassed (or his copycats have) many editors.
I've not looked, but if our privacy policy disallows this even in such circumstances as this, we need to look at revising it.
- Chris
On Thu, Jan 29, 2009 at 6:09 PM, Wilhelm Schnotz wilhelm@nixeagle.orgwrote:
If he wanted his privacy he should have heeded the warnings to cease the excessive and rather annoying vandalism he does. I don't think giving Verizon this information is a violation of our privacy policy as we are doing so to stop persistant vandalism and abuse. He has had plenty of chances to stop.
On 1/28/09, Kurt Maxwell Weber kmw@armory.com wrote:
On Wednesday 28 January 2009 03:26, Jay Litwyn wrote:
Not in the case of an adult banned user and a SEEMINGLY unresponsive
ISP.
If anything, since one guy seems to hav openned a channel to Verizon's abuse department, the problem might go away. I do not see any other way
to
do it, because police do not figure into the equation, as far as I hav seen in this guy's history. In short, "How would you do it?".
Yes, because a website is a WAY WAY WAY more important concern than the privacy of a real person. -- Kurt Weber kmw@armory.com
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Sent from my mobile device
User:Nixeagle on all wikimedia foundation wikis. Administrator on English wikipedia and meta.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On Thu, Jan 29, 2009 at 7:47 PM, Chris Down neuro.wikipedia@googlemail.com wrote:
Divulging his IP to his provider seems standard, advisable, and perfectly ethical. We aren't just talking about minor vandalism, he has inspired numerous copycats and has harassed (or his copycats have) many editors.
I've not looked, but if our privacy policy disallows this even in such circumstances as this, we need to look at revising it.
It does, very explicitly. Discussing it on an open, publicly archived mailing list is a different matter and really seems quite unnecessary.
It is the policy of Wikimedia that personally identifiable data collected in the server logs, or through records in the database via the CheckUser feature, or through other non-publicly-available methods, may be released by Wikimedia volunteers or staff, in any of the following situations:
- In response to a valid subpoena or other compulsory request from law
enforcement, 2. With permission of the affected user, 3. When necessary for investigation of abuse complaints, 4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues, 5. *Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to a service provider, carrier, or other third-party entity to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers,* 6. Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.
Am I missing something?
- Chris
On Thu, Jan 29, 2009 at 8:20 PM, Sam Korn smoddy@gmail.com wrote:
On Thu, Jan 29, 2009 at 7:47 PM, Chris Down neuro.wikipedia@googlemail.com wrote:
Divulging his IP to his provider seems standard, advisable, and perfectly ethical. We aren't just talking about minor vandalism, he has inspired numerous copycats and has harassed (or his copycats have) many editors.
I've not looked, but if our privacy policy disallows this even in such circumstances as this, we need to look at revising it.
It does, very explicitly. Discussing it on an open, publicly archived mailing list is a different matter and really seems quite unnecessary.
-- Sam PGP public key: http://en.wikipedia.org/wiki/User:Sam_Korn/public_key
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On Thu, Jan 29, 2009 at 8:35 PM, Chris Down neuro.wikipedia@googlemail.com wrote:
It is the policy of Wikimedia that personally identifiable data collected in the server logs, or through records in the database via the CheckUser feature, or through other non-publicly-available methods, may be released by Wikimedia volunteers or staff, in any of the following situations:
- In response to a valid subpoena or other compulsory request from law
enforcement, 2. With permission of the affected user, 3. When necessary for investigation of abuse complaints, 4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues, 5. *Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to a service provider, carrier, or other third-party entity to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers,* 6. Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.
Am I missing something?
No. But it is common sense that we should do the least amount possible to sort the problem out. The publication of private data in a thread like this is completely unnecessary. Repeat: it is quite within the privacy policy to reveal this info to Verizon (and even publicly on-wiki, if an IP block is helpful). This thread is completely gratuitous and unnecessary.
I very strongly believe we should not be vindictive in our dealing with problematic users. We should seek to sort out our problems, not to cause problems for others, no matter how many problems they've caused us.
Sam
If you have *working* ideas feel free to tell us, we have already programmed bots that do nothing but look for his vandalism. We *have* done everything we possibly can on wiki that I can think of. The only on wiki action left to us is to block all of his ISP from editing. If you have alternative ideas speak out.
To those on this thread, possibly move this to a page on wikipedia (the proxy project, or a case in his name on WP:SSP) Regardless some of his information needs to be published so we can deal with him. (on wikipedia or here makes no difference, both are public)
On 1/29/09, Sam Korn smoddy@gmail.com wrote:
On Thu, Jan 29, 2009 at 8:35 PM, Chris Down neuro.wikipedia@googlemail.com wrote:
It is the policy of Wikimedia that personally identifiable data collected in the server logs, or through records in the database via the CheckUser feature, or through other non-publicly-available methods, may be released by Wikimedia volunteers or staff, in any of the following situations:
- In response to a valid subpoena or other compulsory request from
law enforcement, 2. With permission of the affected user, 3. When necessary for investigation of abuse complaints, 4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues, 5. *Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to a service provider, carrier, or other third-party entity to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers,* 6. Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.
Am I missing something?
No. But it is common sense that we should do the least amount possible to sort the problem out. The publication of private data in a thread like this is completely unnecessary. Repeat: it is quite within the privacy policy to reveal this info to Verizon (and even publicly on-wiki, if an IP block is helpful). This thread is completely gratuitous and unnecessary.
I very strongly believe we should not be vindictive in our dealing with problematic users. We should seek to sort out our problems, not to cause problems for others, no matter how many problems they've caused us.
Sam
-- Sam PGP public key: http://en.wikipedia.org/wiki/User:Sam_Korn/public_key
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On Fri, Jan 30, 2009 at 12:33 AM, Wilhelm Schnotz wilhelm@nixeagle.org wrote:
If you have *working* ideas feel free to tell us, we have already programmed bots that do nothing but look for his vandalism. We *have* done everything we possibly can on wiki that I can think of. The only on wiki action left to us is to block all of his ISP from editing. If you have alternative ideas speak out.
To those on this thread, possibly move this to a page on wikipedia (the proxy project, or a case in his name on WP:SSP) Regardless some of his information needs to be published so we can deal with him. (on wikipedia or here makes no difference, both are public)
Wikis have this advantage of being editable, of course...
Name, location, IP address, everything, though? This is completely pointless. I fail to see any fashion in which publishing such information aids the effort to counter him. I am not blind to the problems he has caused -- I have spent no little time in dealing with him -- but I will not agree that this thread and the complete disregard for private data that it has contained are useful or justifiable.
Sam
Something that would definitely help is to have more CUs around when he attacks. That way we can dig up more sleepers and block the proxies that he's been using. According to Luna he was using one proxy for at least a month before it was blocked. - Chris
On Fri, Jan 30, 2009 at 9:45 AM, Sam Korn smoddy@gmail.com wrote:
On Fri, Jan 30, 2009 at 12:33 AM, Wilhelm Schnotz wilhelm@nixeagle.org wrote:
If you have *working* ideas feel free to tell us, we have already programmed bots that do nothing but look for his vandalism. We *have* done everything we possibly can on wiki that I can think of. The only on wiki action left to us is to block all of his ISP from editing. If you have alternative ideas speak out.
To those on this thread, possibly move this to a page on wikipedia (the proxy project, or a case in his name on WP:SSP) Regardless some of his information needs to be published so we can deal with him. (on wikipedia or here makes no difference, both are public)
Wikis have this advantage of being editable, of course...
Name, location, IP address, everything, though? This is completely pointless. I fail to see any fashion in which publishing such information aids the effort to counter him. I am not blind to the problems he has caused -- I have spent no little time in dealing with him -- but I will not agree that this thread and the complete disregard for private data that it has contained are useful or justifiable.
Sam
-- Sam PGP public key: http://en.wikipedia.org/wiki/User:Sam_Korn/public_key
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
You don't need to publish that unless you/we plan to use it as evidence for a report to his ISP.
What I mean is the socks and IP ranges should be kept track of in some manner somewhere if it is intended to be reported to his ISP and of course the normal amount required for admins to act on the information. (what information is released needs to be kept somewhere easy to search (SSP))
Further tracking of his activity is probably better done on wikipedia (using a case named for him in WP:SSP). I don't think much more can be done or said about him on this thread.
On 1/29/09, Sam Korn smoddy@gmail.com wrote:
On Fri, Jan 30, 2009 at 12:33 AM, Wilhelm Schnotz wilhelm@nixeagle.org wrote:
If you have *working* ideas feel free to tell us, we have already programmed bots that do nothing but look for his vandalism. We *have* done everything we possibly can on wiki that I can think of. The only on wiki action left to us is to block all of his ISP from editing. If you have alternative ideas speak out.
To those on this thread, possibly move this to a page on wikipedia (the proxy project, or a case in his name on WP:SSP) Regardless some of his information needs to be published so we can deal with him. (on wikipedia or here makes no difference, both are public)
Wikis have this advantage of being editable, of course...
Name, location, IP address, everything, though? This is completely pointless. I fail to see any fashion in which publishing such information aids the effort to counter him. I am not blind to the problems he has caused -- I have spent no little time in dealing with him -- but I will not agree that this thread and the complete disregard for private data that it has contained are useful or justifiable.
Sam
-- Sam PGP public key: http://en.wikipedia.org/wiki/User:Sam_Korn/public_key
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On Thu, Jan 29, 2009 at 07:47:05PM +0000, Chris Down wrote:
Divulging his IP to his provider seems standard, advisable, and perfectly ethical. We aren't just talking about minor vandalism, he has inspired numerous copycats and has harassed (or his copycats have) many editors.
I've not looked, but if our privacy policy disallows this even in such circumstances as this, we need to look at revising it.
My objection is not and has never been to giving the information to Verizon. Had you bothered to read my original e-mail, you would know that what I object to is the disclosure of this information on a publicly-archived mailing list.
-- Kurt Weber kmw@armory.com
"Kurt Maxwell Weber" kmw@armory.com wrote in message news:200901281218.09438.kmw@armory.com...
On Wednesday 28 January 2009 03:26, Jay Litwyn wrote:
Not in the case of an adult banned user and a SEEMINGLY unresponsive ISP. If anything, since one guy seems to hav openned a channel to Verizon's abuse department, the problem might go away. I do not see any other way to do it, because police do not figure into the equation, as far as I hav seen in this guy's history. In short, "How would you do it?".
Yes, because a website is a WAY WAY WAY more important concern than the privacy of a real person.
The phone number through Fran Rogers was a more personal release, and even in the presence of an answering machine, it could be more effective. I am more concerned with how feasible it is to reduce the load on personnel. I am sure these volunteers would rather spend time writing signal than cancelling noise. _______ I FOUND JESUS! He was in my trunk when I got back from Tijuana.
On Sun, Jan 25, 2009 at 11:03 AM, brewhaha%40edmc.net brewhaha@edmc.net wrote:
You can safely assume that all ports, source and destination, are 80.
No, you can absolutely not assume that all ports are 80. The destination port is 80, but the source port could be pretty much anything, it gets randomized every new connection (this is a big part of the reason NAT works, for instance). I imagine that it would be hugely helpful for Verizon to have that information, it's much easier to then pick up the right connection from the deluge of wrong connections.
--Oskar