Does anyone have experience contacting schools regarding vandalism and can offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school can do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but some are constructive. The volume of vandalism is moderate, but manageable (on our end) and not high as I've seen with other schools. And have no idea how many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff do? Any suggestions?
--Aude
Why not file a report or ask someone over at WP:ABUSE? They usually have experience in handling these types of situations.
On 5/1/07, Aude audevivere@gmail.com wrote:
Does anyone have experience contacting schools regarding vandalism and can offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school can do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but some are constructive. The volume of vandalism is moderate, but manageable (on our end) and not high as I've seen with other schools. And have no idea how many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff do? Any suggestions?
--Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
The talk page there seems rather inactive, though I notice that Durova has contacted schools with some success. I'll see what Durova suggests, though welcome any other advice on what schools realistically can do, short of asking for an anon. only block on the IP.
I'd be curious to know how many different kids are responsible for vandalism incidents from the IP. If it's just a small number of kids, maybe something more specific can be done without affecting the rest of the school. Though, I'm not sure what. Not sure a teacher or anyone could really convince a student to behave while on the computer. Or if some technical restrictions can be in place for specific kids.
-Aude
On 5/1/07, Pilotguy pilotguy.wikipedia@gmail.com wrote:
Why not file a report or ask someone over at WP:ABUSE? They usually have experience in handling these types of situations.
On 5/1/07, Aude audevivere@gmail.com wrote:
Does anyone have experience contacting schools regarding vandalism and
can
offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school
can
do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but some are constructive. The volume of vandalism is moderate, but manageable (on
our
end) and not high as I've seen with other schools. And have no idea how many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff
do? Any
suggestions?
--Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Pilotguy http://en.wikipedia.org/wiki/User:Pilotguy -- Wikipedia - http://en.wikipedia.org
Disclaimer: all mail to this address is answered by a Wikimedia contributor, and responses are not to be considered an official statement of the Wikimedia Foundation. For official correspondence, you may contact the site operators at http://www.wikimediafoundation.org. _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
If I remember correctly, in some cases, the school's network admin has specifically requested that the IP be long-term blocked from anonymous editing. I haven't done any abuse reporting here, but I've done so in some other cases. Schools tend to be pretty responsive and helpful, in my experience.
On 5/1/07, Aude audevivere@gmail.com wrote:
The talk page there seems rather inactive, though I notice that Durova has contacted schools with some success. I'll see what Durova suggests, though welcome any other advice on what schools realistically can do, short of asking for an anon. only block on the IP.
I'd be curious to know how many different kids are responsible for vandalism incidents from the IP. If it's just a small number of kids, maybe something more specific can be done without affecting the rest of the school. Though, I'm not sure what. Not sure a teacher or anyone could really convince a student to behave while on the computer. Or if some technical restrictions can be in place for specific kids.
-Aude
On 5/1/07, Pilotguy pilotguy.wikipedia@gmail.com wrote:
Why not file a report or ask someone over at WP:ABUSE? They usually have experience in handling these types of situations.
On 5/1/07, Aude audevivere@gmail.com wrote:
Does anyone have experience contacting schools regarding vandalism and
can
offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school
can
do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but some are constructive. The volume of vandalism is moderate, but manageable (on
our
end) and not high as I've seen with other schools. And have no idea how many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff
do? Any
suggestions?
--Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Pilotguy http://en.wikipedia.org/wiki/User:Pilotguy -- Wikipedia - http://en.wikipedia.org
Disclaimer: all mail to this address is answered by a Wikimedia contributor, and responses are not to be considered an official statement of the Wikimedia Foundation. For official correspondence, you may contact the site operators at http://www.wikimediafoundation.org. _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
Follow up here... I have looked through each individual contribution from the school and do see repeat offenders, with similar edits on different days. The student did insert a bunch of names as part of the vandalism, one which could be the specific kid responsible. I think the school might be able to deal with or maybe restrict the specific student(s) from using Wikipedia. (is that possible?)
I also looked at meta:XFF Projecthttp://meta.wikimedia.org/wiki/XFF_Project, though don't see any schools listed there. Not sure if that's something they can do. If schools can qualify as a "trusted XFF", I can suggest that, should the problem continue and they want to try using XFF.
-Aude
---------- Forwarded message ---------- From: Aude audevivere@gmail.com Date: May 1, 2007 8:09 PM Subject: Re: [WikiEN-l] contacting schools To: English Wikipedia wikien-l@lists.wikimedia.org
The talk page there seems rather inactive, though I notice that Durova has contacted schools with some success. I'll see what Durova suggests, though welcome any other advice on what schools realistically can do, short of asking for an anon. only block on the IP.
I'd be curious to know how many different kids are responsible for vandalism incidents from the IP. If it's just a small number of kids, maybe something more specific can be done without affecting the rest of the school. Though, I'm not sure what. Not sure a teacher or anyone could really convince a student to behave while on the computer. Or if some technical restrictions can be in place for specific kids.
-Aude
On 5/1/07, Pilotguy pilotguy.wikipedia@gmail.com wrote:
Why not file a report or ask someone over at WP:ABUSE? They usually have experience in handling these types of situations.
On 5/1/07, Aude audevivere@gmail.com wrote:
Does anyone have experience contacting schools regarding vandalism and
can
offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school
can
do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but some are constructive. The volume of vandalism is moderate, but manageable (on
our
end) and not high as I've seen with other schools. And have no idea how many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff
do? Any
suggestions?
--Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Pilotguy http://en.wikipedia.org/wiki/User:Pilotguy -- Wikipedia - http://en.wikipedia.org
Disclaimer: all mail to this address is answered by a Wikimedia contributor, and responses are not to be considered an official statement of the Wikimedia Foundation. For official correspondence, you may contact the site operators at http://www.wikimediafoundation.org. _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
On 5/2/07, Aude audevivere@gmail.com wrote:
What other things can the school network administrator and staff do? Any suggestions?
They could probably provide information about the internal IP structure of the institution. I'm not sure if by "school" you're mainly referring to high schools or universities, but they could possibly tell us which IP ranges are used by staff, and hence shouldn't be blocked, for example.
Do we have an effective mechanism for saying "Sorry, your IP comes from a network known for anonymous vandalism. If you'd like to edit Wikipedia, you'll need to create an account"? I know in the past we couldn't do that, but seem to recall things changing. Perhaps we could even enforce the use of email addresses in such instances? There should be no shame in upping our hurdle to contribution for networks with a long history of vandalism.
Steve
I've spent the last hour looking at this some more. I've looked at schools in these categories http://en.wikipedia.org/wiki/Category:High_schools_in_Fairfax_County http://en.wikipedia.org/wiki/Category:Public_schools_in_Montgomery_County%2C... http://en.wikipedia.org/wiki/User:Aude/schools - Results show most other schools in these systems are much worse offenders and have experienced long-term blocks (3, 6 months or so). One was even indefinite, which I'm not sure is okay?
There appears to be one proxy server per school, thus one IP address per high school in these jurisdictions. So by "school", I mean each high school. I should note that not all school systems are set-up this way. In contrast, Arlington County, VA doesn't do that. They have multiple IP addresses for each school. I'm not sure about others. Prince George's County (MD) also has multiple IP addresses per school, though each there has been blocked ~3-5 times. For some reason I can't figure out, I haven't come across vandalism from/to public schools in Washington D.C. (even though I also watchlist them)
Anyway, a long-term block might be in order for the specific school in question. This essentially does the "Sorry, your IP comes from a network know for anonymous vandals..." and we have {{schoolblock}} template.
Though, the vandalism does appear to come from just one or two students. If there was another way of dealing with the problem, such as restricting specific students from accessing Wikipedia (if that is any good?) from school. Don't think it can 100% be stopped, but would vandalism from the school be significantly curtailed? I think it would be interesting to find out if the school can do this and if it would help. If these kids were blocked from Wikipedia (including for doing homework, and all) would this be enough to convince them to stop? or maybe these kids don't care about homework? Or this might be too optimistic.
-Aude
I do not see why we should be at all reluctant to use anon only blocks for a school address. it will not interfere with legitimate editing, and it will discourage the worst of the vandalism, though of course not all. I'd think it should be an early measure, and shouldn't require contact the school at all. Of course, I am talking through my hat, not having first hand experience with this. DGG
On 5/2/07, Aude audevivere@gmail.com wrote:
I've spent the last hour looking at this some more. I've looked at schools in these categories http://en.wikipedia.org/wiki/Category:High_schools_in_Fairfax_County http://en.wikipedia.org/wiki/Category:Public_schools_in_Montgomery_County%2C... http://en.wikipedia.org/wiki/User:Aude/schools - Results show most other schools in these systems are much worse offenders and have experienced long-term blocks (3, 6 months or so). One was even indefinite, which I'm not sure is okay?
There appears to be one proxy server per school, thus one IP address per high school in these jurisdictions. So by "school", I mean each high school. I should note that not all school systems are set-up this way. In contrast, Arlington County, VA doesn't do that. They have multiple IP addresses for each school. I'm not sure about others. Prince George's County (MD) also has multiple IP addresses per school, though each there has been blocked ~3-5 times. For some reason I can't figure out, I haven't come across vandalism from/to public schools in Washington D.C. (even though I also watchlist them)
Anyway, a long-term block might be in order for the specific school in question. This essentially does the "Sorry, your IP comes from a network know for anonymous vandals..." and we have {{schoolblock}} template.
Though, the vandalism does appear to come from just one or two students. If there was another way of dealing with the problem, such as restricting specific students from accessing Wikipedia (if that is any good?) from school. Don't think it can 100% be stopped, but would vandalism from the school be significantly curtailed? I think it would be interesting to find out if the school can do this and if it would help. If these kids were blocked from Wikipedia (including for doing homework, and all) would this be enough to convince them to stop? or maybe these kids don't care about homework? Or this might be too optimistic.
-Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
I have some success with Lancaster University. I originally slapped one of their proxies with a 6 month AO block due to persistent, long term vandalism, but one of the sysadmins contacted me and told me they have XFF headers. After some fruitful discussion/negotiation, I removed the block and put up a header on the talk pages for their four proxies asking anyone who blocks the IP (or issues a warning) to also send an email to their abuse email, or to ask me to send and email. FYI, I have links to the four proxies at [[User talk:Deathphoenix/Lancaster]] (the IP talk page header is at [[User:Deathphoenix/Lancaster]]).
Lancaster's IT department has been quite good at identifying vandals and forwarding the cases to their internal departments. Quite a number of student-vandals have had stern talking-tos from the head of their User Services department, and they have all been quite repentant once they realise that they are NOT anonymous.
My suggestions for the school network admins and staff would be:
1. Implement XFF headers and make sure students have to log in using a unique user ID (easiest would be based on student number) before using school computers. 2. Have an easy-to-contact abuse email address that we can slap on the IP talk page, asking people to forward vandalism diffs. 3. Act promptly to reports sent to the abuse email address and (optionally) let the abuse reporter know when the vandal is identified and if any action has been taken.
Cheers,
DP
On 5/1/07, Aude audevivere@gmail.com wrote:
Does anyone have experience contacting schools regarding vandalism and can offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school can do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but some are constructive. The volume of vandalism is moderate, but manageable (on our end) and not high as I've seen with other schools. And have no idea how many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff do? Any suggestions?
--Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
The same student vandalized again today. Exact same editing pattern, same time of day, etc.
The school network admin has replied to me and will try to find the student. It seems to be the one student responsible for this, over the past 1-2 months and the 1,999 other students there are not a problem. If one or the few students responsible can be stopped, I think it would largely take care of the problem.
I also suggested XFF, which I'm willing to work with them on, and willing to be diligent and keep track of the IP.
-Aude
On 5/2/07, Deathphoenix originaldeathphoenix@gmail.com wrote:
I have some success with Lancaster University. I originally slapped one of their proxies with a 6 month AO block due to persistent, long term vandalism, but one of the sysadmins contacted me and told me they have XFF headers. After some fruitful discussion/negotiation, I removed the block and put up a header on the talk pages for their four proxies asking anyone who blocks the IP (or issues a warning) to also send an email to their abuse email, or to ask me to send and email. FYI, I have links to the four proxies at [[User talk:Deathphoenix/Lancaster]] (the IP talk page header is at [[User:Deathphoenix/Lancaster]]).
Lancaster's IT department has been quite good at identifying vandals and forwarding the cases to their internal departments. Quite a number of student-vandals have had stern talking-tos from the head of their User Services department, and they have all been quite repentant once they realise that they are NOT anonymous.
My suggestions for the school network admins and staff would be:
- Implement XFF headers and make sure students have to log in using a
unique user ID (easiest would be based on student number) before using school computers. 2. Have an easy-to-contact abuse email address that we can slap on the IP talk page, asking people to forward vandalism diffs. 3. Act promptly to reports sent to the abuse email address and (optionally) let the abuse reporter know when the vandal is identified and if any action has been taken.
Cheers,
DP
On 5/1/07, Aude audevivere@gmail.com wrote:
Does anyone have experience contacting schools regarding vandalism and
can
offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school
can
do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but some are constructive. The volume of vandalism is moderate, but manageable (on
our
end) and not high as I've seen with other schools. And have no idea how many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff
do? Any
suggestions?
--Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
Sounds good. XFF would go a long way towards making it easier to deal with future vandals. How many computers do they have in this particular school?
On 5/2/07, Aude audevivere@gmail.com wrote:
The same student vandalized again today. Exact same editing pattern, same time of day, etc.
The school network admin has replied to me and will try to find the student. It seems to be the one student responsible for this, over the past 1-2 months and the 1,999 other students there are not a problem. If one or the few students responsible can be stopped, I think it would largely take care of the problem.
I also suggested XFF, which I'm willing to work with them on, and willing to be diligent and keep track of the IP.
-Aude
On 5/2/07, Deathphoenix originaldeathphoenix@gmail.com wrote:
I have some success with Lancaster University. I originally slapped one
of
their proxies with a 6 month AO block due to persistent, long term vandalism, but one of the sysadmins contacted me and told me they have
XFF
headers. After some fruitful discussion/negotiation, I removed the block and put up a header on the talk pages for their four proxies asking anyone
who
blocks the IP (or issues a warning) to also send an email to their abuse email, or to ask me to send and email. FYI, I have links to the four proxies at [[User talk:Deathphoenix/Lancaster]] (the IP talk page header is at [[User:Deathphoenix/Lancaster]]).
Lancaster's IT department has been quite good at identifying vandals and forwarding the cases to their internal departments. Quite a number of student-vandals have had stern talking-tos from the head of their User Services department, and they have all been quite repentant once they realise that they are NOT anonymous.
My suggestions for the school network admins and staff would be:
- Implement XFF headers and make sure students have to log in using a
unique user ID (easiest would be based on student number) before using school computers. 2. Have an easy-to-contact abuse email address that we can slap on the
IP
talk page, asking people to forward vandalism diffs. 3. Act promptly to reports sent to the abuse email address and (optionally) let the abuse reporter know when the vandal is identified and if any action has been taken.
Cheers,
DP
On 5/1/07, Aude audevivere@gmail.com wrote:
Does anyone have experience contacting schools regarding vandalism and
can
offer advice/best practices?
I had to block one of the schools one of the jurisdictions where I attended school, and comfortable contacting them. They can possibly track down which student did the latest vandalism, but not really sure what the school
can
do to stop them. I only speculate that it's a relatively small number of other kids responsible for previous incidents of vandalism from the school. Does that sound reasonable?
The majority of edits from the school IP are not constructive, but
some
are constructive. The volume of vandalism is moderate, but manageable (on
our
end) and not high as I've seen with other schools. And have no idea
how
many students and staff there edit with accounts. I prefer not simply blocking the whole school because of some bad kids.
What other things can the school network administrator and staff
do? Any
suggestions?
--Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Aude _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
Not sure how many computers, but there are ~2000 students which is typical for high schools in the local area.
Montgomery County is one of the more affluent jurisdictions in the U.S., so I expect they have well-equiped computer labs. This particular school is not more than 10 years old. Who knows, but maybe some students have their own laptops and use wi-fi at the school.
http://en.wikipedia.org/wiki/James_Hubert_Blake_High_School
As an aside, I'm having trouble figuring out why I'm not seeing similar vandalism patterns for city schools in Washington, D.C. I wonder if students don't have the same access to computers or what's going on that accounts for this difference.
-Aude
On 5/2/07, Deathphoenix originaldeathphoenix@gmail.com wrote:
Sounds good. XFF would go a long way towards making it easier to deal with future vandals. How many computers do they have in this particular school?
Not sure why, but some high schools have a lot of vandals, while others have none. As a more affluent jurisdiction, and a school <10 years old, I'd agree that they would have well-equipped computer labs, perhaps with a younger staff, so maybe they'd be open to implementing XFF. Does this school require students to log in to use the computers, or are the computers all publicly accessible.
On 5/2/07, Aude audevivere@gmail.com wrote:
Not sure how many computers, but there are ~2000 students which is typical for high schools in the local area.
Montgomery County is one of the more affluent jurisdictions in the U.S., so I expect they have well-equiped computer labs. This particular school is not more than 10 years old. Who knows, but maybe some students have their own laptops and use wi-fi at the school.
http://en.wikipedia.org/wiki/James_Hubert_Blake_High_School
As an aside, I'm having trouble figuring out why I'm not seeing similar vandalism patterns for city schools in Washington, D.C. I wonder if students don't have the same access to computers or what's going on that accounts for this difference.
-Aude
Deathphoenix wrote:
I have some success with Lancaster University. I originally slapped one of their proxies with a 6 month AO block due to persistent, long term vandalism, but one of the sysadmins contacted me and told me they have XFF headers. After some fruitful discussion/negotiation, I removed the block and put up a header on the talk pages for their four proxies asking anyone who blocks the IP (or issues a warning) to also send an email to their abuse email, or to ask me to send and email. FYI, I have links to the four proxies at [[User talk:Deathphoenix/Lancaster]] (the IP talk page header is at [[User:Deathphoenix/Lancaster]]).
[snip]
My suggestions for the school network admins and staff would be:
- Implement XFF headers and make sure students have to log in using a
unique user ID (easiest would be based on student number) before using school computers.
On the subject of XFF ("X-Forwarded-For") headers, I'd like to note a few important technical details that one should keep in mind:
1. Having a proxy provide XFF headers isn't enough; the address of the proxy also needs to be added to the list of trusted proxies that Wikimedia servers will accept such headers from. That's because such headers would otherwise be trivially easy to fake. To get an address added to the list, you can post a request on [[meta:Talk:XFF project]] or contact a developer with shell access (such as Tim Starling, who's been doing most of the work on the XFF project) directly.
2. One of the requirements for getting a proxy added to the trusted list is that the individual computers behind it have public IP addresses of their own. If the school network is using [[private IP addresses]] internally, XFF headers won't help.
3. Once the address of a proxy has been added to the trusted XFF list, no edits should be seen from that address ever again, and blocking the address of the proxy should have no effect. That's because, as far as MediaWiki is concerned, the edits made via that proxy will no longer be seen as coming from the proxy, but from the IP address of the computer behind the proxy.
I'll repeat that, since it's important: Once a proxy is on the trusted XFF list, *any blocks on it will have no effect*.
4. If the computers behind the proxy are public workstations in, say, a school computer lab, XFF headers may not help prevent vandalism much. By making edits from different workstations be seen as coming from different IPs, they may reduce collateral damage from blocking one workstation; but if the vandals can just switch to another computer, this may end up doing more harm than good. At best, they may make tracking down the vandals easier, if the school requires users to log in to workstations and keeps logs of who used which workstation when; this may often be true at college level schools, but much less so at high schools or even elementary schools.
That last point is also important; to catch vandals, it's not enough that students log in, it's also necessary to keep a log of who used which workstation when _and_ to make said log available to whoever is tasked with handling network abuse issues. Of course, there are significant privacy issues here that need to be considered too.
So, to summarize, XFF headers are only useful for catching school vandals if the school has:
1. their proxy/ies listed in the trusted XFF list, 2. public IP addresses for each workstation, 3. workstations requiring students to log in to use them, 4. a log of who was using which workstation when, and 5. a person with access to said log who can handle complaints.
Of course, it should go without saying that the contact information for the person or department responsible for handling net abuse issues must also be easy to find, if it's to do anyone any good.
(This is all based on my understanding of the XFF implementation in MediaWiki as it was when I last looked at it. If you find any incorrect or outdated information above, please correct me. To increase the odds of this happening, I've crossposted this to wikitech-l in addition to wikien-l.)
I did read the meta page, but your explanation is much better and very helpful. Of course, the student can go log into another computer. That might be more annoying for us to deal with, or require a range block. At the same time, if the school is willing to find the students, then XFF might help. In this case, it sounds like they may be able to find the student anyway.
If the school is interested in XFF, I can provide them with these specifics.
Thanks again for this info.
-Aude
On 5/2/07, Ilmari Karonen nospam@vyznev.net wrote:
My suggestions for the school network admins and staff would be:
- Implement XFF headers and make sure students have to log in using a
unique user ID (easiest would be based on student number) before using school computers.
On the subject of XFF ("X-Forwarded-For") headers, I'd like to note a few important technical details that one should keep in mind:
- Having a proxy provide XFF headers isn't enough; the address of the
proxy also needs to be added to the list of trusted proxies that Wikimedia servers will accept such headers from. That's because such headers would otherwise be trivially easy to fake. To get an address added to the list, you can post a request on [[meta:Talk:XFF project]] or contact a developer with shell access (such as Tim Starling, who's been doing most of the work on the XFF project) directly.
[snip]
(This is all based on my understanding of the XFF implementation in
MediaWiki as it was when I last looked at it. If you find any incorrect or outdated information above, please correct me. To increase the odds of this happening, I've crossposted this to wikitech-l in addition to wikien-l.)
-- Ilmari Karonen
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l