...I think we probably could work out way towards agreeing to disagree on
this one - but I also suspect there's some common ground hiding there
somewhere!
Yes - full openness surrounding the length of time IP data is stored for may
increase 'gamability' in some areas - it may also cause other unspoken, or
un-thought of problems.
The benefits to doing so are in my view a bit fuzzier and related to big
picture community health issues and an abstract concept of what's 'right' -
perhaps it'll suffice to say for now that I currently believe it would be a
net gain to be open, honest, and clear about this sort of stuff.
best,
Peter
PM.
On Sun, Aug 10, 2008 at 5:07 PM, Gerard Meijssen
<gerard.meijssen(a)gmail.com>wrote;wrote:
Hoi,
Security through obscurity is when the way the security is implemented is
undocumented, it is not peer reviewed. If anything this does not apply to
the WMF, the MediaWiki software and the policies as implemented by our
communities. When precise details like how long are results from check user
activity retained are public knowledge, the only persons who benefit from
this knowledge are the persons who aim to game the system. When they
consider that this information stays available, it will hinder their
ability
to make mischief.
Thanks,
GerardM
On Sun, Aug 10, 2008 at 8:56 AM, private musings <thepmaccount(a)gmail.com
wrote:
It's interesting that you mention 15 days,
Jon - as I think the trend has
been in the other direction - towards retaining information for a longer
period - perhaps to better combat vandal accounts?
It was at one point communicated to me that IP data was retained for
approx
one month - recently it has been confirmed to me
that IP data is now
stored
for at least three months - I'm not really
sure quite what I think the
time
period should be, but I would prefer it to be
disclosed openly - I don't
really find arguments supporting security through obscurity wholly
compelling.
Also - I'd like to confirm that general discussion of checkuser form and
function appropriate to this mailing list? - I'm not sure of the norms
around here, and it seems a bit... well... heated, and I don't want to
poke
anyone into further rudeness.
best,
Peter,
PM.
_______________________________________________
foundation-l mailing list
foundation-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/foundation-l
_______________________________________________
foundation-l mailing list
foundation-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/foundation-l