On Fri, 31 Jan 2003, Sheldon Rampton wrote:
M Carling wrote:
If this turns out a be a serious problem, one idea
would be to only allow
logged-in users to make changes (except in the Sandbox).
That won't do much to keep out banned people. If someone wants to
continually evade the ban, all they would have to do is subscribe a
different user name every time they need to log in.
It would discourage some but not all vandals and would do so without
significantly discouraging contributors.
Banning IP numbers isn't a very satisfactory
solution either. To get
around that barrier, just visit a different Internet cafe every day.
In the event that this becomes more of a problem, perhaps the tech
folks should start working on a more substantial system for
authenticating subscribers. Here's what I think would work:
(1) Establish a toggle that people with developer status can use to
switch between "permission required" and "no permission required"
mode for accepting new subscriptions. When "permission required" is
turned ON, new subscribers would have to pass their submission
request through a sysop, who would have to approve it before they can
begin posting. When it is turned OFF, people can subscribe the same
way they do now. Most of the time, it would be turned OFF, but in
situations where a persistent vandal is active, it could be turned
ON. That would make it possible to deny access to the vandal until he
or she loses interest and goes elsewhere.
This only works in conjuction with my idea above of requiring users to log
in to make changes. Better to try only the less intrusive part first, and
if it doesn't suffice, something more radical can be considered.
(2) Create a special page, computer-generated and
available only to
sysops, which lists all of the pending submission requests. It will
list the nickname of each pending subscriber alongside a check box,
so a sysop can go through and quickly approve a batch of names simply
by running down the list, checking the boxes, and clicking a "submit"
button. A separate check box next to each user name can be used to
flag individuals for further scrutiny, and clicking on the name
itself will take you to a talk page for that user. Most users can be
quickly approved this way simply by verifying that their IP number is
not on a banned list or range. The others can be contacted via email
and asked a few questions. Of course, vandals could still get through
eventually by giving disingenuous answers, but there would be enough
barriers to entry to slow them down and keep them from simply running
amok at will.
I like this idea better, but with a modification. Sysops could designate
trusted users so that most submissions would not need to be queued for a
check. Those that need to be checked can be examined directly to see
whether or not they are vandalous -- no need to engage in an email
exchange.
M Carling