In addition, we'd be making significantly more difficult the detection and mitigation of abusive anonymous editing. Currently, when someone edits as an IP, gets blocked, resets their router, and changes the last octet, we can easily tell they're socking around a block. And to mitigate that, we can then consider an appropriate range block, if they keep doing it.
With a "pseudo pseudonym" used instead of the IP, a checkuser would be required to do that in both those cases, rather than an admin just being able to. That would be a good deal more load on the checkusers, since they would then be responsible for running checks on anonymous editors as well as accounts. A plus there would be that checkusers could definitively link anonymous socking to accounts, which today they can't do for privacy reasons, but realistically, I'd be more in favor of just removing that restriction--if you're editing abusively, you shouldn't have the right to have us help you conceal it.
That doesn't necessarily make it a no go, but even today, anyone concerned about having their IP show up need only create an account, and we've got pretty clear warnings indicating that the IP will be left in the public history if you edit anonymously. If people don't take that simple step, see that warning, and save the edit anyway, I think we can pretty safely conclude that they do not mind if their IP is in the edit history.
Todd
On Sat, Nov 12, 2016 at 3:20 PM, Lucas Teles teleswiki@gmail.com wrote:
That would require a precise prediction of how it would affect countervandalism. Sometimes a very good clue we have about a sockpuppeteer is the information we get from the IP. Not the number itself, but location and ISP. If that change can make this impossible to find out, that may be a bad idea.
We can also recognize a long term vandal by their IP range when they have dynamic IPs. Providing another kind of identification instead of the IP could also take out this ability.
The price for that could be lots of checkusers with headaches.
Teles
Em sáb, 12 de nov de 2016 às 19:00, Vi to vituzzu.wiki@gmail.com escreveu:
Honestly I cannot find pros since it's a free choice to edit without logging, so it's not up to me to find them :D if it would depend solely
on
me this thread would even exist ;)
Meanwhile I weight in the biggest con: the inability to use rangeblocks
and
an unacceptable weakening of our ability to investigate sockpuppetry and abuse.
Vito
2016-11-12 22:54 GMT+01:00 Lodewijk lodewijk@effeietsanders.org:
While it is tempting to start with cons, I think for most of the
community
members, the question will be: 'what alternatives are there to
accomplish
more or less the same' with regards to fighting vandalism and
sockpuppetry.
And answering that question would start with describing how we actually
do
make use of this data. Sounds like a good process to go through, but
this
puts more emphasis on 2).
Lodewijk
2016-11-12 21:36 GMT+01:00 Vi to vituzzu.wiki@gmail.com:
Point #1, with current means, will simply imply the end of
countervandalism
with IPs.
Vito
2016-11-12 21:02 GMT+01:00 Brion Vibber bvibber@wikimedia.org:
The biggest privacy problem in Wikipedia has always been the
permanent
public exposure of casual editors' IP addresses.
Secondarily, we store logged-in editors' IP addresses for a limited
time,
exposing all editors' IP addresses to access by staff and volunteer accounts which could be stolen or misused as well as to any
potential
attacker who gains sufficient access to the database systems.
I would like to suggest that the Wikimedia editor community, along
with
the
Wikimedia Foundation as steward of the software and servers, have a
serious
consultation about committing to fix this:
- Eliminate IP address exposure for non-logged-in editors. Those
editors
should be either given a random, truly anonymous identifier, or
required
to
create a pseudonym as a login.
- Seriously think about how this will affect workflows tracking
and
fighting vandalism, and provide tools that do not depend on public
exposure
of network addresses.
- Avoid public exposure or long-term logging of any other
location-specific or network-specific information about anonymous
users.
- Consider stronger controls on storage of IP addresses in the
databases
and how they are secured, in the face of possible attacks through
social
engineering, security vulnerabilities, or state action. Think about
what
really needs to be stored and what types of data recovery are
possible
when
storing truly personal-private data in shared databases.
-- brion vibber (brion @ pobox.com / brion @ wikimedia.org) Lead Software Architect, Wikimedia Foundation _______________________________________________ Wikimedia-l mailing list, guidelines at:
wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/
mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- Steward for Wikimedia Foundation. Administrator at Portuguese Wikipedia and Wikimedia Commons. Sent from mobile. Please, excuse my brevity. +55 (71) 99707 6409 _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe