Hi all,
June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of this global event is to move more ISPs, equipment manufacturers and web services to permanent adoption of IPv6.
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
MediaWiki has been used with IPv6 by third party wikis for some time. Wikimedia uses a set of additional features (GlobalBlocking, CheckUser, etc.) which weren't fully IPv6-ready until recently. In addition, we're working to ensure that all of Wikimedia's various services (mailing lists, blogs, etc.) are IPv6-ready.
== What's the user impact going to be? ==
At least in the June 2-3, 2012 time window, you may see a small number of edits from IPv6 addresses, which are in the form "2001:0db8:85a3:0000:0000:8a2e:0370:7334". See [[w:IPv6 address]].
These addresses should behave as any other IP adress would: You can leave messages on their talk pages; you can track their contributions; you can block them. CIDR notation is supported for rangeblocks.
An important note about blocking: A single user may have access to a much larger number of addresses than in the IPv4 model. This means that range blocks (e.g. address with "/64") have to be applied in more cases to prevent abuse by more sophisticated users.
In the mid term, user scripts and tools that use simple regular expressions to match IPv4 addresses will need to be adapted for IPv6 support to behave correctly. We suspect that IPv6 usage is going to be very low initially, meaning that abuse should be manageable, and we will assist in the monitoring of the situation.
User:Jasper Deng is maintaining a comprehensive analysis of the long term implications of the IPv6 migration here: https://en.wikipedia.org/wiki/User:Jasper_Deng/IPv6
We've set up a test wiki where you can see IPv6 IP addresses. This works by assigning you a fake IPv6 address the moment you visit the wiki, and allows you to see the behavior of various tools with the new address format: http://ipv6test.wmflabs.org/wiki/index.php/Main_Page
The best way to report issues is to register them in Bugzilla and to ensure that they are marked as blockers for the IPv6 tracking bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=35540
We'll post updates to wikitech-l and elsewhere as appropriate.
All best, Erik
Hello Erik,
In our case here we give away /48 IPV6 to users by default. So I'm wondering, when a IP vandalize Wikipedia or any other project and a block will be placed, how is this done?
Will the block just "hit" the IP or will it block a complete range to start with?
Best, Huib
On Fri, Jun 1, 2012 at 11:12 PM, Erik Moeller erik@wikimedia.org wrote:
Hi all,
June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of this global event is to move more ISPs, equipment manufacturers and web services to permanent adoption of IPv6.
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
MediaWiki has been used with IPv6 by third party wikis for some time. Wikimedia uses a set of additional features (GlobalBlocking, CheckUser, etc.) which weren't fully IPv6-ready until recently. In addition, we're working to ensure that all of Wikimedia's various services (mailing lists, blogs, etc.) are IPv6-ready.
== What's the user impact going to be? ==
At least in the June 2-3, 2012 time window, you may see a small number of edits from IPv6 addresses, which are in the form "2001:0db8:85a3:0000:0000:8a2e:0370:7334". See [[w:IPv6 address]].
These addresses should behave as any other IP adress would: You can leave messages on their talk pages; you can track their contributions; you can block them. CIDR notation is supported for rangeblocks.
An important note about blocking: A single user may have access to a much larger number of addresses than in the IPv4 model. This means that range blocks (e.g. address with "/64") have to be applied in more cases to prevent abuse by more sophisticated users.
In the mid term, user scripts and tools that use simple regular expressions to match IPv4 addresses will need to be adapted for IPv6 support to behave correctly. We suspect that IPv6 usage is going to be very low initially, meaning that abuse should be manageable, and we will assist in the monitoring of the situation.
User:Jasper Deng is maintaining a comprehensive analysis of the long term implications of the IPv6 migration here: https://en.wikipedia.org/wiki/User:Jasper_Deng/IPv6
We've set up a test wiki where you can see IPv6 IP addresses. This works by assigning you a fake IPv6 address the moment you visit the wiki, and allows you to see the behavior of various tools with the new address format: http://ipv6test.wmflabs.org/wiki/index.php/Main_Page
The best way to report issues is to register them in Bugzilla and to ensure that they are marked as blockers for the IPv6 tracking bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=35540
We'll post updates to wikitech-l and elsewhere as appropriate.
All best, Erik
-- Erik Möller VP of Engineering and Product Development, Wikimedia Foundation
Support Free Knowledge: https://wikimediafoundation.org/wiki/Donate
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
On Fri, Jun 1, 2012 at 11:20 PM, Huib Laurens sterkebak@gmail.com wrote:
In our case here we give away /48 IPV6 to users by default. So I'm wondering, when a IP vandalize Wikipedia or any other project and a block will be placed, how is this done?
Will the block just "hit" the IP or will it block a complete range to start with?
My understanding is that it currently doesn't apply a range by default, so it would just hit the specific IP unless you apply a CIDR suffix like /48 or /64. This is discussed in more detail here:
https://bugzilla.wikimedia.org/show_bug.cgi?id=24294
On 1 June 2012 17:12, Erik Moeller erik@wikimedia.org wrote:
Hi all,
June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of this global event is to move more ISPs, equipment manufacturers and web services to permanent adoption of IPv6.
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
MediaWiki has been used with IPv6 by third party wikis for some time. Wikimedia uses a set of additional features (GlobalBlocking, CheckUser, etc.) which weren't fully IPv6-ready until recently. In addition, we're working to ensure that all of Wikimedia's various services (mailing lists, blogs, etc.) are IPv6-ready.
== What's the user impact going to be? ==
At least in the June 2-3, 2012 time window, you may see a small number of edits from IPv6 addresses, which are in the form "2001:0db8:85a3:0000:0000:8a2e:0370:7334". See [[w:IPv6 address]].
These addresses should behave as any other IP adress would: You can leave messages on their talk pages; you can track their contributions; you can block them. CIDR notation is supported for rangeblocks.
An important note about blocking: A single user may have access to a much larger number of addresses than in the IPv4 model. This means that range blocks (e.g. address with "/64") have to be applied in more cases to prevent abuse by more sophisticated users.
In the mid term, user scripts and tools that use simple regular expressions to match IPv4 addresses will need to be adapted for IPv6 support to behave correctly. We suspect that IPv6 usage is going to be very low initially, meaning that abuse should be manageable, and we will assist in the monitoring of the situation.
User:Jasper Deng is maintaining a comprehensive analysis of the long term implications of the IPv6 migration here: https://en.wikipedia.org/wiki/User:Jasper_Deng/IPv6
We've set up a test wiki where you can see IPv6 IP addresses. This works by assigning you a fake IPv6 address the moment you visit the wiki, and allows you to see the behavior of various tools with the new address format: http://ipv6test.wmflabs.org/wiki/index.php/Main_Page
The best way to report issues is to register them in Bugzilla and to ensure that they are marked as blockers for the IPv6 tracking bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=35540
We'll post updates to wikitech-l and elsewhere as appropriate.
All best, Erik
Erik, as I am sure has been conveyed to you, some very serious concerns have been identified with respect to this from the checkuser corps (and I mean the global level, not just one or two projects). In particular, the lack of notification, the inability to suddenly redevelop hundreds of tools and scripts that are not IPv6-friendly, and the fact that there is significant uncertainty as to exactly how various standard tools such as CheckUser and Block actually will work, all mitigate against a full, WMF-wide implementation, even for the short term.
I would very strongly urge two things:
1) Get the global notice up and running now. Mailing lists reach less than 0.05% of regular users.
2) Consider implementation on only a small segment of projects, preferably ones that have a small but active Checkuser/Admin team who is interested in participating in this experiment.
Frankly, I do not believe that many of the aspects of this proposed implementation have been considered; in particular, there are pretty significant privacy issues that have not been discussed or addressed. When one is giving a Bugzilla link to illustrate that something has been discussed, it demonstrates pretty soundly that probably no more than 40 users (out of tens of thousands) have any knowledge whatsoever about the proposal.
Let's try to find some middle ground here, okay?
Risker/Anne
----- Original Message ----- From: "Risker" risker.wp@gmail.com To: "Wikimedia Mailing List" wikimedia-l@lists.wikimedia.org Sent: Friday, June 01, 2012 11:11 PM Subject: Re: [Wikimedia-l] Update on IPv6
On 1 June 2012 17:12, Erik Moeller erik@wikimedia.org wrote:
Hi all,
June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of this global event is to move more ISPs, equipment manufacturers and web services to permanent adoption of IPv6.
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
MediaWiki has been used with IPv6 by third party wikis for some time. Wikimedia uses a set of additional features (GlobalBlocking, CheckUser, etc.) which weren't fully IPv6-ready until recently. In addition, we're working to ensure that all of Wikimedia's various services (mailing lists, blogs, etc.) are IPv6-ready.
== What's the user impact going to be? ==
At least in the June 2-3, 2012 time window, you may see a small number of edits from IPv6 addresses, which are in the form "2001:0db8:85a3:0000:0000:8a2e:0370:7334". See [[w:IPv6 address]].
These addresses should behave as any other IP adress would: You can leave messages on their talk pages; you can track their contributions; you can block them. CIDR notation is supported for rangeblocks.
An important note about blocking: A single user may have access to a much larger number of addresses than in the IPv4 model. This means that range blocks (e.g. address with "/64") have to be applied in more cases to prevent abuse by more sophisticated users.
In the mid term, user scripts and tools that use simple regular expressions to match IPv4 addresses will need to be adapted for IPv6 support to behave correctly. We suspect that IPv6 usage is going to be very low initially, meaning that abuse should be manageable, and we will assist in the monitoring of the situation.
User:Jasper Deng is maintaining a comprehensive analysis of the long term implications of the IPv6 migration here: https://en.wikipedia.org/wiki/User:Jasper_Deng/IPv6
We've set up a test wiki where you can see IPv6 IP addresses. This works by assigning you a fake IPv6 address the moment you visit the wiki, and allows you to see the behavior of various tools with the new address format: http://ipv6test.wmflabs.org/wiki/index.php/Main_Page
The best way to report issues is to register them in Bugzilla and to ensure that they are marked as blockers for the IPv6 tracking bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=35540
We'll post updates to wikitech-l and elsewhere as appropriate.
All best, Erik
Erik, as I am sure has been conveyed to you, some very serious concerns have been identified with respect to this from the checkuser corps (and I mean the global level, not just one or two projects). In particular, the lack of notification, the inability to suddenly redevelop hundreds of tools and scripts that are not IPv6-friendly, and the fact that there is significant uncertainty as to exactly how various standard tools such as CheckUser and Block actually will work, all mitigate against a full,
The word is "militate". To mitigate is to lessen the effect of something.
Hi Risker et al,
a few important points: * IPv6 adoption is still below 1% globally [1]. * It's likely that we'll encounter network-level issues well before we hit application-level issues during limited production testing. * In the event that we manage to resolve all issues, it's likely that we'll only see very limited use/abuse of IPv6 addresses and that we'll have plenty of time to adjust procedures and documentation. * We can abort this fairly easily, or as Tim suggests, employ global blocks of IPv6 addresses to manage abuse.
As noted, the plan is to engage in limited production testing this weekend, with possible full deployment by IPv6 Day (Wednesday). I should also note that the degree to which all the complex network and software interactions of a deployment like this can be tested without actually changing or affecting production operations is limited. We're going to be debugging issues in real-time.
I appreciate that this is very short notice for lots of people and apologize for that; thanks to Tilman for helping with the global notice dissemination. There's pretty good likelihood that aside from maybe some brief service interruptions, the user impact is going to be close to nil, either due to an abort early on, or due to very limited IPv6 usage.
Moving towards full IPv6 support is part of our responsibility as a good Internet citizen, and this has been in the works for a long time. It's never been an option not to do this as IPv4 addresses are being exhausted.
Regarding privacy, both IPv4 and IPv6 addresses can be dangerously revealing in terms of personal identity (e.g. some ISPs even tie street address information to your IPv4 address). It's always been fundamentally problematic that MediaWiki reveals this information nakedly, and it's what enabled past large-scale investigations like WikiScanner, for good and for ill. In the mid to long term, I believe we need to investigate moving away from full disclosure of IP addresses when editing without logging in, but this is independent of IPv4/IPv6.
All best, Erik
[1] https://www.google.com/intl/en/ipv6/statistics/
On Sat, Jun 2, 2012 at 6:06 AM, Erik Moeller erik@wikimedia.org wrote:
- IPv6 adoption is still below 1% globally [1].
- It's likely that we'll encounter network-level issues well before we
hit application-level issues during limited production testing.
- In the event that we manage to resolve all issues, it's likely that
we'll only see very limited use/abuse of IPv6 addresses and that we'll have plenty of time to adjust procedures and documentation.
I find it interesting that privacy is the main objection that has come up, because the problem with IPv6 from the POV of WMF is the ready availability of anonymizing proxies.
My own prediction is that, within a short period of time, 99.9999% of edits done through IPv6 will be abuse. I'd say immediately, but 5 days may be a bit too short for hoards of people to figure out how to chain an IPv6 proxy and TOR.
- We can abort this fairly easily, or as Tim suggests, employ global
blocks of IPv6 addresses to manage abuse.
Make sure to practice doing this. It's only a matter of time.
Maybe putting a limit on the number of IPv6 edits that can be made per minute would be a good idea too.
On Sat, Jun 2, 2012 at 8:57 AM, Anthony wikimail@inbox.org wrote:
My own prediction is that, within a short period of time, 99.9999% of edits done through IPv6 will be abuse. I'd say immediately, but 5 days may be a bit too short for hoards of people to figure out how to chain an IPv6 proxy and TOR.
Lest someone suggest that the solution to this is to block the IPv6 proxy. The problem is that most of the legitimate traffic using IPv6 also will be using a proxy/tunnel.
On Jun 2, 2012, at 5:06 AM, Erik Moeller erik@wikimedia.org wrote:
Moving towards full IPv6 support is part of our responsibility as a good Internet citizen, and this has been in the works for a long time. It's never been an option not to do this as IPv4 addresses are being exhausted.
This is the relavent point. For what it is worth I, who am less inclined to follow technical discussions than other kinds, remember that there was enough talk about approaching IPv6 day last year to feel it was settled that WMF was unprepared to participate at that time would make it happen in 2012. It was either here or on wikitech-l.
I am not sure how someone who has strong opinions on the subject would be left unable to follow this when I followed with no such interest. Moe importantly, I don't understand what exactly the objectors see as a better option. No one will fix the scripts until they are broken, it is just the nature of the beast. It seems the whole point of IPv6 day is that no one is very confident about level of breakage of things with IPv6 and no one will be able to gain this confidence until a significant number of sites turn it on and there is not another choice on the matter. Objecting to turning on IPv6 because things will break does not seem to be very informed. This is the point. If anyone doesn't trust that WMF will only make a day of it if the breakage is unmanageable, then they've bigger issues than IPv6. And even still, the sun will rise and we will have a few less IPv4 addresses everyday; there are much better battles to pick.
Birgitte SB
On 1 June 2012 17:12, Erik Moeller erik@wikimedia.org wrote:
Hi all,
June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of this global event is to move more ISPs, equipment manufacturers and web services to permanent adoption of IPv6.
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
MediaWiki has been used with IPv6 by third party wikis for some time. Wikimedia uses a set of additional features (GlobalBlocking, CheckUser, etc.) which weren't fully IPv6-ready until recently. In addition, we're working to ensure that all of Wikimedia's various services (mailing lists, blogs, etc.) are IPv6-ready.
== What's the user impact going to be? ==
At least in the June 2-3, 2012 time window, you may see a small number of edits from IPv6 addresses, which are in the form "2001:0db8:85a3:0000:0000:8a2e:0370:7334". See [[w:IPv6 address]].
These addresses should behave as any other IP adress would: You can leave messages on their talk pages; you can track their contributions; you can block them. CIDR notation is supported for rangeblocks.
An important note about blocking: A single user may have access to a much larger number of addresses than in the IPv4 model. This means that range blocks (e.g. address with "/64") have to be applied in more cases to prevent abuse by more sophisticated users.
In the mid term, user scripts and tools that use simple regular expressions to match IPv4 addresses will need to be adapted for IPv6 support to behave correctly. We suspect that IPv6 usage is going to be very low initially, meaning that abuse should be manageable, and we will assist in the monitoring of the situation.
User:Jasper Deng is maintaining a comprehensive analysis of the long term implications of the IPv6 migration here: https://en.wikipedia.org/wiki/User:Jasper_Deng/IPv6
We've set up a test wiki where you can see IPv6 IP addresses. This works by assigning you a fake IPv6 address the moment you visit the wiki, and allows you to see the behavior of various tools with the new address format: http://ipv6test.wmflabs.org/wiki/index.php/Main_Page
The best way to report issues is to register them in Bugzilla and to ensure that they are marked as blockers for the IPv6 tracking bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=35540
We'll post updates to wikitech-l and elsewhere as appropriate.
All best, Erik
Erik, what time is this scheduled to go live? And on which projects? Please be specific here.
I am gravely concerned about the privacy issues that are attached to IPv6 IP addresses, as they are in many cases almost personally identifying information, something that is not permitted to be released under our privacy policy. Have arrangements been made to hash these IP addresses to prevent them from being publicly available?
Risker/Anne
On Fri, Jun 1, 2012 at 7:08 PM, Risker risker.wp@gmail.com wrote:
On 1 June 2012 17:12, Erik Moeller erik@wikimedia.org wrote:
Hi all,
June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of this global event is to move more ISPs, equipment manufacturers and web services to permanent adoption of IPv6.
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
MediaWiki has been used with IPv6 by third party wikis for some time. Wikimedia uses a set of additional features (GlobalBlocking, CheckUser, etc.) which weren't fully IPv6-ready until recently. In addition, we're working to ensure that all of Wikimedia's various services (mailing lists, blogs, etc.) are IPv6-ready.
== What's the user impact going to be? ==
At least in the June 2-3, 2012 time window, you may see a small number of edits from IPv6 addresses, which are in the form "2001:0db8:85a3:0000:0000:8a2e:0370:7334". See [[w:IPv6 address]].
These addresses should behave as any other IP adress would: You can leave messages on their talk pages; you can track their contributions; you can block them. CIDR notation is supported for rangeblocks.
An important note about blocking: A single user may have access to a much larger number of addresses than in the IPv4 model. This means that range blocks (e.g. address with "/64") have to be applied in more cases to prevent abuse by more sophisticated users.
In the mid term, user scripts and tools that use simple regular expressions to match IPv4 addresses will need to be adapted for IPv6 support to behave correctly. We suspect that IPv6 usage is going to be very low initially, meaning that abuse should be manageable, and we will assist in the monitoring of the situation.
User:Jasper Deng is maintaining a comprehensive analysis of the long term implications of the IPv6 migration here: https://en.wikipedia.org/wiki/User:Jasper_Deng/IPv6
We've set up a test wiki where you can see IPv6 IP addresses. This works by assigning you a fake IPv6 address the moment you visit the wiki, and allows you to see the behavior of various tools with the new address format: http://ipv6test.wmflabs.org/wiki/index.php/Main_Page
The best way to report issues is to register them in Bugzilla and to ensure that they are marked as blockers for the IPv6 tracking bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=35540
We'll post updates to wikitech-l and elsewhere as appropriate.
All best, Erik
Erik, what time is this scheduled to go live? And on which projects? Please be specific here.
I am gravely concerned about the privacy issues that are attached to IPv6 IP addresses, as they are in many cases almost personally identifying information, something that is not permitted to be released under our privacy policy. Have arrangements been made to hash these IP addresses to prevent them from being publicly available?
Risker/Anne _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
What personal information do you think is contained in an IPv6 address?
John Du Hart wrote:
On Fri, Jun 1, 2012 at 7:08 PM, Risker risker.wp@gmail.com wrote:
Erik, what time is this scheduled to go live? And on which projects? Please be specific here.
I am gravely concerned about the privacy issues that are attached to IPv6 IP addresses, as they are in many cases almost personally identifying information, something that is not permitted to be released under our privacy policy. Have arrangements been made to hash these IP addresses to prevent them from being publicly available?
What personal information do you think is contained in an IPv6 address?
I wondered what Risker was referring to as well, so I looked up IPv6 + privacy: https://en.wikipedia.org/wiki/IPv6#Privacy.
After reading that section, it's still unclear to me whether IPv6 is significantly more privacy invasive than IPv4.
MZMcBride
On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhizii@gmail.com wrote:
What personal information do you think is contained in an IPv6 address?
Don't they sometimes contain MAC address information?
On 2 June 2012 13:44, Anthony wikimail@inbox.org wrote:
On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhizii@gmail.com wrote:
What personal information do you think is contained in an IPv6 address?
Don't they sometimes contain MAC address information?
I don't know, but I wouldn't consider my MAC address to be personal information... you might be able to work out what brand of computer I'm using, but I can live with that.
On Sat, Jun 2, 2012 at 8:49 AM, Thomas Dalton thomas.dalton@gmail.com wrote:
On 2 June 2012 13:44, Anthony wikimail@inbox.org wrote:
On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhizii@gmail.com wrote:
What personal information do you think is contained in an IPv6 address?
Don't they sometimes contain MAC address information?
I don't know, but I wouldn't consider my MAC address to be personal information... you might be able to work out what brand of computer I'm using, but I can live with that.
I'm not sure what you're defining personal information as, then.
Is your vehicle's VIN personal information?
On Sat, Jun 2, 2012 at 6:13 AM, Anthony wikimail@inbox.org wrote:
On Sat, Jun 2, 2012 at 8:49 AM, Thomas Dalton thomas.dalton@gmail.com wrote:
On 2 June 2012 13:44, Anthony wikimail@inbox.org wrote:
On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhizii@gmail.com wrote:
What personal information do you think is contained in an IPv6 address?
Don't they sometimes contain MAC address information?
I don't know, but I wouldn't consider my MAC address to be personal information... you might be able to work out what brand of computer I'm using, but I can live with that.
I think that having a problem with the implementation of IPv6 is about 10 years too late now ;) The IPv4 space is being exhausted, and we're going to soon run into the opposite problem that IPv4 addresses will be not identifiable enough as ISP's use NAT.
If someone cares about their mac address information, they can use privacy extensions - http://en.wikipedia.org/wiki/Ipv6#Privacy . Considering that in the vast, vast majority of the consumer (versus production) world, you have to purposefully enable IPv6 (usually with some sort of tunneling), and that these are turned on in most operating systems by default, mac addressing is starting to only become applicable in production environments.
Leslie
On Sat, Jun 2, 2012 at 9:59 AM, Leslie Carr lcarr@wikimedia.org wrote:
On Sat, Jun 2, 2012 at 6:13 AM, Anthony wikimail@inbox.org wrote:
On Sat, Jun 2, 2012 at 8:49 AM, Thomas Dalton thomas.dalton@gmail.com wrote:
On 2 June 2012 13:44, Anthony wikimail@inbox.org wrote:
On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhizii@gmail.com wrote:
What personal information do you think is contained in an IPv6 address?
Don't they sometimes contain MAC address information?
I don't know, but I wouldn't consider my MAC address to be personal information... you might be able to work out what brand of computer I'm using, but I can live with that.
I think that having a problem with the implementation of IPv6 is about 10 years too late now ;)
The problem isn't with IPv6. The problem is with the way WMF uses IP addresses.
Of course, it's about 10 years too late for that too. :)
If someone cares about their mac address information, they can use privacy extensions - http://en.wikipedia.org/wiki/Ipv6#Privacy .
I agree. Though it would probably be a good idea to warn people about the problem, before publishing their address for the world to see. A sentence or two added to the IP address warning which already appears would probably put things on par with IPv4 addresses.
Personally II think WMF is far too loose about IP addresses in the first place. But as I said above, it's about 10 years too late for that.
---
http://csrc.nist.gov/publications/nistpubs/800-122/sp800-122.pdf
Page 2-2
"The following list contains examples of information that may be considered PII."
"Asset information, such as Internet Protocol (IP) or Media Access Control (MAC) address or other host-specific persistent static identifier that consistently links to a particular person or small, well-defined group of people"
"Information identifying personally owned property, such as vehicle registration number or title number and related information"
Granted, it only says "may be considered" PII. Certainly seems definitive to me, though.
And note, of course, that IPv4 addresses also may be considered PII. IPv6 addresses are just sometimes more likely to be persistent/static/consistent, and often link to a smaller, more well-defined group of people. But then, see above, as IPv6 addresses sometimes are more anonymous than IPv4 addresses. It all depends on the implementation.
Anyway, I do think MAC addresses are certainly (in the vast majority of cases), PII. That IPv6 addresses are often PII. And that IPv4 addresses are often PII. I don't think IPv6 addresses are particularly more likely to be PII than IPv4 addresses. So, basically, I think the privacy concern specifically about IPv6 is mostly misplaced. But it would be nice to readdress the privacy concerns over IP addresses in general.
On Jun 2, 2012, at 6:13, Anthony wikimail@inbox.org wrote:
On Sat, Jun 2, 2012 at 8:49 AM, Thomas Dalton thomas.dalton@gmail.com wrote:
On 2 June 2012 13:44, Anthony wikimail@inbox.org wrote:
On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhizii@gmail.com wrote:
What personal information do you think is contained in an IPv6 address?
Don't they sometimes contain MAC address information?
I don't know, but I wouldn't consider my MAC address to be personal information... you might be able to work out what brand of computer I'm using, but I can live with that.
I'm not sure what you're defining personal information as, then.
Is your vehicle's VIN personal information?
It becomes a global unique publicly visible identifier if you always use the same connect method (wireless, ethernet) and don't enable privacy extensions.
In WMF relevant senses, unaware abusers with multiple ISPs become easier to find. And privacy is different, because many end users are IDed that way. But the implications of that are unclear. Someone being outed to an employer or government by MAC? ...
George William Herbert Sent from my iPhone
Hi,
if people wants privacy they should use a account, this is nothing different from IPV4. When the mission is to make sure that everybody can have free knowledge we should not delay IPV6 On Sat, Jun 2, 2012 at 2:44 PM, Anthony wikimail@inbox.org wrote:
On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhizii@gmail.com wrote:
What personal information do you think is contained in an IPv6 address?
Don't they sometimes contain MAC address information?
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
On 2 June 2012 00:08, Risker risker.wp@gmail.com wrote:
Fully enabling IPv6 has been coming a *long* time - over a year, with months of planning and work before even that - as Erik's first message in this thread notes, and it was hardly a secret. Your objections may be entirely too late - it is vanishingly unlikely that two years' effort will suddenly be thrown away. Were you literally unaware until now that this was in the works?
- d.
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even discussed on Wikitech-L. Neither of which 99.99999% of users, including many volunteer developers, have time to follow. This is not just a technical change, it's a cultural one.
I've long stood up for the Engineering Department when it is making changes that have only minor effects on the public face of the project; I know that sometimes users can be hyperactive about minor points. But this isn't a minor point. I'd compare it to Vector - something that there was longterm, active communication about throughout its development cycle, with lots of outreach to volunteer developers and to the community, and opportunities to test things out.
I can't stand up for them this time, though. It's not even discussed well on Mediawiki, and is mostly in passing on the Roadmap.[1] And the few community-based questions that have come up, specifically on Erik's meta userpage, have not been given the courtesy of a reply.
Risker
[1] http://www.mediawiki.org/wiki/Roadmap
On 1 June 2012 19:35, David Gerard dgerard@gmail.com wrote:
On 2 June 2012 00:08, Risker risker.wp@gmail.com wrote:
Fully enabling IPv6 has been coming a *long* time - over a year, with months of planning and work before even that - as Erik's first message in this thread notes, and it was hardly a secret. Your objections may be entirely too late - it is vanishingly unlikely that two years' effort will suddenly be thrown away. Were you literally unaware until now that this was in the works?
- d.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wow Risker, you obviously don't read any mailing lists/ blogs or sign posts. I just did a quick search of my email records for wiki tech and ipv6 the first result that I see is from July 2007. Almost 5 years ago, I also remember a big push last year about this same time for ipv6.
On Friday, June 1, 2012, Risker wrote:
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even discussed on Wikitech-L. Neither of which 99.99999% of users, including many volunteer developers, have time to follow. This is not just a technical change, it's a cultural one.
I've long stood up for the Engineering Department when it is making changes that have only minor effects on the public face of the project; I know that sometimes users can be hyperactive about minor points. But this isn't a minor point. I'd compare it to Vector - something that there was longterm, active communication about throughout its development cycle, with lots of outreach to volunteer developers and to the community, and opportunities to test things out.
I can't stand up for them this time, though. It's not even discussed well on Mediawiki, and is mostly in passing on the Roadmap.[1] And the few community-based questions that have come up, specifically on Erik's meta userpage, have not been given the courtesy of a reply.
Risker
[1] http://www.mediawiki.org/wiki/Roadmap
On 1 June 2012 19:35, David Gerard <dgerard@gmail.com javascript:;> wrote:
On 2 June 2012 00:08, Risker <risker.wp@gmail.com javascript:;> wrote:
Fully enabling IPv6 has been coming a *long* time - over a year, with months of planning and work before even that - as Erik's first message in this thread notes, and it was hardly a secret. Your objections may be entirely too late - it is vanishingly unlikely that two years' effort will suddenly be thrown away. Were you literally unaware until now that this was in the works?
- d.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
I've got about 18 months worth of Wikitech-L in my archives, and there are two threads that talk about IPv6; one from March, that didn't provide a lot of information, and this one. There may be others, but they're not popping up on my search.
Forgive me for failing to read this week's signpost from cover to cover yet; it refers to the previous coverage from June 2011, and quotes Erik Moeller from some unknown and unspecified source. I don't know where he told "the community" that. Do you?
Risker
On 1 June 2012 20:10, John phoenixoverride@gmail.com wrote:
Wow Risker, you obviously don't read any mailing lists/ blogs or sign posts. I just did a quick search of my email records for wiki tech and ipv6 the first result that I see is from July 2007. Almost 5 years ago, I also remember a big push last year about this same time for ipv6.
On Friday, June 1, 2012, Risker wrote:
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even discussed on Wikitech-L. Neither of which 99.99999% of users, including many volunteer developers, have time to follow. This is not just a technical change, it's a cultural one.
I've long stood up for the Engineering Department when it is making
changes
that have only minor effects on the public face of the project; I know
that
sometimes users can be hyperactive about minor points. But this isn't a minor point. I'd compare it to Vector - something that there was
longterm,
active communication about throughout its development cycle, with lots of outreach to volunteer developers and to the community, and opportunities
to
test things out.
I can't stand up for them this time, though. It's not even discussed well on Mediawiki, and is mostly in passing on the Roadmap.[1] And the few community-based questions that have come up, specifically on Erik's meta userpage, have not been given the courtesy of a reply.
Risker
[1] http://www.mediawiki.org/wiki/Roadmap
On 1 June 2012 19:35, David Gerard <dgerard@gmail.com javascript:;> wrote:
On 2 June 2012 00:08, Risker <risker.wp@gmail.com javascript:;>
wrote:
Fully enabling IPv6 has been coming a *long* time - over a year, with months of planning and work before even that - as Erik's first message in this thread notes, and it was hardly a secret. Your objections may be entirely too late - it is vanishingly unlikely that two years' effort will suddenly be thrown away. Were you literally unaware until now that this was in the works?
- d.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Multiple sign posts January 17 this year. There was also a May 2011 foundation announcement along with countless other notes
On Friday, June 1, 2012, Risker wrote:
I've got about 18 months worth of Wikitech-L in my archives, and there are two threads that talk about IPv6; one from March, that didn't provide a lot of information, and this one. There may be others, but they're not popping up on my search.
Forgive me for failing to read this week's signpost from cover to cover yet; it refers to the previous coverage from June 2011, and quotes Erik Moeller from some unknown and unspecified source. I don't know where he told "the community" that. Do you?
Risker
On 1 June 2012 20:10, John <phoenixoverride@gmail.com javascript:;> wrote:
Wow Risker, you obviously don't read any mailing lists/ blogs or sign posts. I just did a quick search of my email records for wiki tech and
ipv6
the first result that I see is from July 2007. Almost 5 years ago, I also remember a big push last year about this same time for ipv6.
On Friday, June 1, 2012, Risker wrote:
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even discussed on Wikitech-L. Neither of which 99.99999% of users,
including
many volunteer developers, have time to follow. This is not just a technical change, it's a cultural one.
I've long stood up for the Engineering Department when it is making
changes
that have only minor effects on the public face of the project; I know
that
sometimes users can be hyperactive about minor points. But this isn't
a
minor point. I'd compare it to Vector - something that there was
longterm,
active communication about throughout its development cycle, with lots
of
outreach to volunteer developers and to the community, and
opportunities
to
test things out.
I can't stand up for them this time, though. It's not even discussed
well
on Mediawiki, and is mostly in passing on the Roadmap.[1] And the few community-based questions that have come up, specifically on Erik's
meta
userpage, have not been given the courtesy of a reply.
Risker
[1] http://www.mediawiki.org/wiki/Roadmap
On 1 June 2012 19:35, David Gerard <dgerard@gmail.com javascript:;javascript:;> wrote:
On 2 June 2012 00:08, Risker <risker.wp@gmail.com javascript:;javascript:;>
wrote:
Fully enabling IPv6 has been coming a *long* time - over a year, with months of planning and work before even that - as Erik's first
message
in this thread notes, and it was hardly a secret. Your objections may be entirely too late - it is vanishingly unlikely that two years' effort will suddenly be thrown away. Were you literally unaware until now that this was in the works?
- d.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; javascript:; Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
I've been a little busy this spring, but I am interested in the IPv6 transition (at work, too) and missed this here as well.
I don't object as Anne is here, but I'm not doing the work she's doing on project either.
-george
On Fri, Jun 1, 2012 at 5:35 PM, John phoenixoverride@gmail.com wrote:
Multiple sign posts January 17 this year. There was also a May 2011 foundation announcement along with countless other notes
On Friday, June 1, 2012, Risker wrote:
I've got about 18 months worth of Wikitech-L in my archives, and there are two threads that talk about IPv6; one from March, that didn't provide a lot of information, and this one. There may be others, but they're not popping up on my search.
Forgive me for failing to read this week's signpost from cover to cover yet; it refers to the previous coverage from June 2011, and quotes Erik Moeller from some unknown and unspecified source. I don't know where he told "the community" that. Do you?
Risker
On 1 June 2012 20:10, John <phoenixoverride@gmail.com javascript:;> wrote:
Wow Risker, you obviously don't read any mailing lists/ blogs or sign posts. I just did a quick search of my email records for wiki tech and
ipv6
the first result that I see is from July 2007. Almost 5 years ago, I also remember a big push last year about this same time for ipv6.
On Friday, June 1, 2012, Risker wrote:
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even discussed on Wikitech-L. Neither of which 99.99999% of users,
including
many volunteer developers, have time to follow. This is not just a technical change, it's a cultural one.
I've long stood up for the Engineering Department when it is making
changes
that have only minor effects on the public face of the project; I know
that
sometimes users can be hyperactive about minor points. But this isn't
a
minor point. I'd compare it to Vector - something that there was
longterm,
active communication about throughout its development cycle, with lots
of
outreach to volunteer developers and to the community, and
opportunities
to
test things out.
I can't stand up for them this time, though. It's not even discussed
well
on Mediawiki, and is mostly in passing on the Roadmap.[1] And the few community-based questions that have come up, specifically on Erik's
meta
userpage, have not been given the courtesy of a reply.
Risker
[1] http://www.mediawiki.org/wiki/Roadmap
On 1 June 2012 19:35, David Gerard <dgerard@gmail.com javascript:;javascript:;> wrote:
On 2 June 2012 00:08, Risker <risker.wp@gmail.com javascript:;javascript:;>
wrote:
Fully enabling IPv6 has been coming a *long* time - over a year, with months of planning and work before even that - as Erik's first
message
in this thread notes, and it was hardly a secret. Your objections may be entirely too late - it is vanishingly unlikely that two years' effort will suddenly be thrown away. Were you literally unaware until now that this was in the works?
- d.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; javascript:; Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Sorry if I'm veering off on a tangent or repeating things here, I only just got added to this list a short while ago but was asked to convey my concerns here.
While this has been discussed for some time, it seems as though the announcement that this is getting turned on was only made just recently; the coverage on January 16th John refers to doesn't seem to mention when this was going to be deployed, and I don't recall any mention on-wiki of IPv6 since then. For such a potentially major change, five day's notice is simply not enough for the entire community to digest. As it is, I still don't see any mention of this change on en.wiki's Technical or Miscellaneous Village Pump, nor either Administrator's Noticeboard, the common announcement locations for such changes.
My second, and more pressing concern, is how well this will work. Speaking quite frankly, the development team has a bit of a bad habit of deploying something on Labs or the test wiki or whatever, deciding it works, and then deploying it straight to Wikipedia and the other public WMF sites. Unfortunately when they do so, hell breaks loose because all sorts of problems crop up - bugs that didn't crop up because the test wiki receives far less traffic than Wikipedia, issues with the interface that weren't addressed now cause problems because the users of Wikipedia don't use the test wiki, and it takes weeks for the issues to get fixed and/or for the community to adjust to the changes. Considering the traffic Wikipedia receives (it's the 5th most popular website in the world, after all), it seems remarkably inappropriate to treat it as a beta testing ground.
I'm very concerned that this is what's going to happen with the IPv6 change - something major is going to fail, and the wiki will become inaccessible, or some major security feature (blocking or protection, for example) will be rendered inoperable, leaving the wikis vulnerable to attack from all fronts. The latter situation seems to be more likely based on past issues, and unfortunately more problematic; once these issues get noted, it'll take only minutes for /b/, GNAA, and a long list of other vandals to figure it out and launch a full-scale attack that'll take weeks to clean up.
Can we receive some sort of assurance from the development team that the IPv6 system has been fully stress-tested, at a level comparable to what Wikipedia and the other wikis may face, and that all extensions used by the wikis were part of this test? If such an assurance cannot be made before June 6th, can the deployment of this update be delayed until that testing can be completed? For such a major website, I feel that consistent operation is more important than adhering to the latest standards.
---- User:Hersfold hersfoldwiki@gmail.com
On 6/1/2012 9:17 PM, George Herbert wrote:
I've been a little busy this spring, but I am interested in the IPv6 transition (at work, too) and missed this here as well.
I don't object as Anne is here, but I'm not doing the work she's doing on project either.
-george
On Fri, Jun 1, 2012 at 5:35 PM, Johnphoenixoverride@gmail.com wrote:
Multiple sign posts January 17 this year. There was also a May 2011 foundation announcement along with countless other notes
On Friday, June 1, 2012, Risker wrote:
I've got about 18 months worth of Wikitech-L in my archives, and there are two threads that talk about IPv6; one from March, that didn't provide a lot of information, and this one. There may be others, but they're not popping up on my search.
Forgive me for failing to read this week's signpost from cover to cover yet; it refers to the previous coverage from June 2011, and quotes Erik Moeller from some unknown and unspecified source. I don't know where he told "the community" that. Do you?
Risker
On 1 June 2012 20:10, John<phoenixoverride@gmail.comjavascript:;> wrote:
Wow Risker, you obviously don't read any mailing lists/ blogs or sign posts. I just did a quick search of my email records for wiki tech and
ipv6
the first result that I see is from July 2007. Almost 5 years ago, I also remember a big push last year about this same time for ipv6.
On Friday, June 1, 2012, Risker wrote:
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even discussed on Wikitech-L. Neither of which 99.99999% of users,
including
many volunteer developers, have time to follow. This is not just a technical change, it's a cultural one.
I've long stood up for the Engineering Department when it is making
changes
that have only minor effects on the public face of the project; I know
that
sometimes users can be hyperactive about minor points. But this isn't
a
minor point. I'd compare it to Vector - something that there was
longterm,
active communication about throughout its development cycle, with lots
of
outreach to volunteer developers and to the community, and
opportunities
to
test things out.
I can't stand up for them this time, though. It's not even discussed
well
on Mediawiki, and is mostly in passing on the Roadmap.[1] And the few community-based questions that have come up, specifically on Erik's
meta
userpage, have not been given the courtesy of a reply.
Risker
[1] http://www.mediawiki.org/wiki/Roadmap
On 1 June 2012 19:35, David Gerard<dgerard@gmail.comjavascript:;javascript:;> wrote:
On 2 June 2012 00:08, Risker<risker.wp@gmail.comjavascript:;javascript:;>
wrote:
Fully enabling IPv6 has been coming a *long* time - over a year, with months of planning and work before even that - as Erik's first
message
in this thread notes, and it was hardly a secret. Your objections may be entirely too late - it is vanishingly unlikely that two years' effort will suddenly be thrown away. Were you literally unaware until now that this was in the works?
- d.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.orgjavascript:; javascript:; Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.orgjavascript:; javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.orgjavascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.orgjavascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
On Fri, Jun 1, 2012 at 8:04 PM, Hersfold hersfoldwiki@gmail.com wrote:
Sorry if I'm veering off on a tangent or repeating things here, I only just got added to this list a short while ago but was asked to convey my concerns here.
While this has been discussed for some time, it seems as though the announcement that this is getting turned on was only made just recently; the coverage on January 16th John refers to doesn't seem to mention when this was going to be deployed, and I don't recall any mention on-wiki of IPv6 since then. For such a potentially major change, five day's notice is simply not enough for the entire community to digest. As it is, I still don't see any mention of this change on en.wiki's Technical or Miscellaneous Village Pump, nor either Administrator's Noticeboard, the common announcement locations for such changes.
Just to be precise, a notice had actually been posted (by Jasper Deng) on the English Wikipedia's Administrator's Noticeboard way before your email (on 22:14, 1 June 2012 UTC). A different one was posted (using Global Message Delivery) to the village pumps of about 600 other Wikimedia projects. At https://meta.wikimedia.org/wiki/IPv6_initiative/2012_IPv6_Day_announcement , Erik's above announcement has already been translated into several languages.
My second, and more pressing concern, is how well this will work. Speaking quite frankly, the development team has a bit of a bad habit of deploying something on Labs or the test wiki or whatever, deciding it works, and then deploying it straight to Wikipedia and the other public WMF sites. Unfortunately when they do so, hell breaks loose because all sorts of problems crop up - bugs that didn't crop up because the test wiki receives far less traffic than Wikipedia, issues with the interface that weren't addressed now cause problems because the users of Wikipedia don't use the test wiki, and it takes weeks for the issues to get fixed and/or for the community to adjust to the changes. Considering the traffic Wikipedia receives (it's the 5th most popular website in the world, after all), it seems remarkably inappropriate to treat it as a beta testing ground.
I'm very concerned that this is what's going to happen with the IPv6 change
- something major is going to fail, and the wiki will become inaccessible,
or some major security feature (blocking or protection, for example) will be rendered inoperable, leaving the wikis vulnerable to attack from all fronts. The latter situation seems to be more likely based on past issues, and unfortunately more problematic; once these issues get noted, it'll take only minutes for /b/, GNAA, and a long list of other vandals to figure it out and launch a full-scale attack that'll take weeks to clean up.
Can we receive some sort of assurance from the development team that the IPv6 system has been fully stress-tested, at a level comparable to what Wikipedia and the other wikis may face, and that all extensions used by the wikis were part of this test? If such an assurance cannot be made before June 6th, can the deployment of this update be delayed until that testing can be completed? For such a major website, I feel that consistent operation is more important than adhering to the latest standards.
User:Hersfold hersfoldwiki@gmail.com
On 6/1/2012 9:17 PM, George Herbert wrote:
I've been a little busy this spring, but I am interested in the IPv6 transition (at work, too) and missed this here as well.
I don't object as Anne is here, but I'm not doing the work she's doing on project either.
-george
On Fri, Jun 1, 2012 at 5:35 PM, Johnphoenixoverride@gmail.com wrote:
Multiple sign posts January 17 this year. There was also a May 2011 foundation announcement along with countless other notes
On Friday, June 1, 2012, Risker wrote:
I've got about 18 months worth of Wikitech-L in my archives, and there are two threads that talk about IPv6; one from March, that didn't provide a lot of information, and this one. There may be others, but they're not popping up on my search.
Forgive me for failing to read this week's signpost from cover to cover yet; it refers to the previous coverage from June 2011, and quotes Erik Moeller from some unknown and unspecified source. I don't know where he told "the community" that. Do you?
Risker
On 1 June 2012 20:10, John<phoenixoverride@gmail.comjavascript:;> wrote:
Wow Risker, you obviously don't read any mailing lists/ blogs or sign posts. I just did a quick search of my email records for wiki tech and
ipv6
the first result that I see is from July 2007. Almost 5 years ago, I also remember a big push last year about this same time for ipv6.
On Friday, June 1, 2012, Risker wrote:
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even discussed on Wikitech-L. Neither of which 99.99999% of users,
including
many volunteer developers, have time to follow. This is not just a technical change, it's a cultural one.
I've long stood up for the Engineering Department when it is making
changes
that have only minor effects on the public face of the project; I know
that
sometimes users can be hyperactive about minor points. But this isn't
a
minor point. I'd compare it to Vector - something that there was
longterm,
active communication about throughout its development cycle, with lots
of
outreach to volunteer developers and to the community, and
opportunities
to
test things out.
I can't stand up for them this time, though. It's not even discussed
well
on Mediawiki, and is mostly in passing on the Roadmap.[1] And the few community-based questions that have come up, specifically on Erik's
meta
userpage, have not been given the courtesy of a reply.
Risker
[1] http://www.mediawiki.org/wiki/Roadmap
On 1 June 2012 19:35, David Gerard<dgerard@gmail.comjavascript:;javascript:;> wrote:
> On 2 June 2012 00:08, > Risker<risker.wp@gmail.comjavascript:;javascript:;>
wrote:
> > Fully enabling IPv6 has been coming a *long* time - over a year, with > months of planning and work before even that - as Erik's first
message
> > in this thread notes, and it was hardly a secret. Your objections may > be entirely too late - it is vanishingly unlikely that two years' > effort will suddenly be thrown away. Were you literally unaware until > now that this was in the works? > > > - d. > > _______________________________________________ > Wikimedia-l mailing list > Wikimedia-l@lists.wikimedia.orgjavascript:; javascript:; > Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.orgjavascript:; javascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.orgjavascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.orgjavascript:; Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
On 02/06/12 05:04, Hersfold wrote:
I'm very concerned that this is what's going to happen with the IPv6 change - something major is going to fail, and the wiki will become inaccessible, or some major security feature (blocking or protection, for example) will be rendered inoperable, leaving the wikis vulnerable to attack from all fronts. The latter situation seems to be more likely based on past issues, and unfortunately more problematic; once these issues get noted, it'll take only minutes for /b/, GNAA, and a long list of other vandals to figure it out and launch a full-scale attack that'll take weeks to clean up.
We could just allow blocking of arbitrarily large IPv6 ranges. Then if there is some emergency, you can just block everyone who is using IPv6 from editing. The collateral damage would be smaller than the IPv4 /16 blocks which admins apply routinely.
-- Tim Starling
On Jun 2, 2012, at 1:05, Tim Starling tstarling@wikimedia.org wrote:
On 02/06/12 05:04, Hersfold wrote:
I'm very concerned that this is what's going to happen with the IPv6 change - something major is going to fail, and the wiki will become inaccessible, or some major security feature (blocking or protection, for example) will be rendered inoperable, leaving the wikis vulnerable to attack from all fronts. The latter situation seems to be more likely based on past issues, and unfortunately more problematic; once these issues get noted, it'll take only minutes for /b/, GNAA, and a long list of other vandals to figure it out and launch a full-scale attack that'll take weeks to clean up.
We could just allow blocking of arbitrarily large IPv6 ranges. Then if there is some emergency, you can just block everyone who is using IPv6 from editing. The collateral damage would be smaller than the IPv4 /16 blocks which admins apply routinely.
-- Tim Starling
Routinely is a little strong. Admins should be taking due care regarding collateral damage for /16s...
But, it is done.
George William Herbert Sent from my iPhone
On Fri, Jun 1, 2012 at 5:12 PM, Erik Moeller erik@wikimedia.org wrote:
Hi all,
June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of this global event is to move more ISPs, equipment manufacturers and web services to permanent adoption of IPv6.
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
Thanks Erik and all who are working on this! It's important work and I'm glad to see us joining the community of sites and organizations who are prepared for this necessity.
(Acknowledging the potential issues others have mentioned, I'm also glad to see it while there are still few users who will be using IPv6, so the problems that arise will be much smaller than they would be in the future.)
Cheers, Kat
Hi folks,
Mark Bergsma just shared the following recap with me, for those who are interested in the details of what happened at the hackathon and next steps. tl;dr: If all goes well we'll be ready to launch full production deployment on Wednesday, starting around 10AM UTC (MediaWiki engineers will be working closely with the ops team Wednesday to monitor bugs/issues).
Keep an eye on the server admin log and the puppet repo if you want to know what's going on in full detail:
http://wikitech.wikimedia.org/view/Server_admin_log https://gerrit.wikimedia.org/r/#/q/status:merged+project:operations/puppet,n...
Erik
- - -
The last few days we've worked on getting the software ready (mainly PyBal/LVS) as well as Puppet support for provisioning of IPv6 addresses to servers and configuration changes for IPv6 connectivity. That's now 90% done. What remains is mostly to actually roll this out for all services in all data centers, which we will be doing tomorrow. Besides that, we have a few "would be nice to haves" left to do, such as having our own 6to4 and miredo relays.
I just got the first LVS service running with IPv6, and am now browsing upload.wikimedia.org over IPv6 (local /etc/hosts entry of course, not in DNS yet). ipv6 support for LVS in Ubuntu Precise was the last major uncertain factor on the infrastructure side; besides a few quick tests in labs we had not really tested this yet in our production setup. Fortunately, it appears to be working fine. Tomorrow the remaining (inactive) LVS balancers will be reinstalled with Precise and made IPv6-ready to support all other services, while the currently active IPv4 balancers will keep their current setup for some time to come - so we won't hit any surprises on IPv4 at least.
But, we haven't done any production tests with MediaWiki yet. We can do some dark testing and actual edits tomorrow. Assuming we see no surprises there, we can enable it for the all wikis and the general public on Wednesday.
To conclude, we're on track on the infrastructure side. It is tight, though. Assuming the MediaWiki side has no unwelcome surprises for us, I expect to be able to make it.
-- Erik Möller VP of Engineering and Product Development, Wikimedia Foundation
Support Free Knowledge: https://wikimediafoundation.org/wiki/Donate
On Fri, Jun 01, 2012 at 11:12:58PM +0200, Erik Moeller wrote:
Hi all,
We're planning to do limited production testing of IPv6 during the Berlin Hackathon 2012 (June 2-3). Provided that the number of issues we encounter are manageable, we may fully enable IPv6 on IPv6 day, and keep it enabled.
What with XS4ALL (my ISP) now also offering IPv6 out-of-the-box, there's at least one extra IPv6 anon on en.wp. ;-)
I noticed that my current IPv6 address appears to be assigned dynamically by XS4ALL. I can probably get static if I choose it. But the dynamic assignment option does alleviate some people's privacy concerns, right?
sincerely, Kim Bruning
ps. We all know that everyone needs to switch to IPv6 eventually. Don't be surprised when people in your neighborhood decide to do so, with or without additional warning.
2012/6/13 Kim Bruning kim@bruning.xs4all.nl:
I noticed that my current IPv6 address appears to be assigned dynamically by XS4ALL. I can probably get static if I choose it. But the dynamic assignment option does alleviate some people's privacy concerns, right?
It depends on their OS. On Windows, OSX, iOS and Ubuntu (so over 95% of all traffic considering an equal distribution of IPv6 addresses), I would say yes, since they have enabled the privacy extension by default. For the rest of the world, not really. Even if the first half of the address is dynamic, the last part will be static and linked to your Ethernet adapter.
Strainu
On Tue, Jun 12, 2012 at 6:39 PM, Kim Bruning kim@bruning.xs4all.nl wrote:
I noticed that my current IPv6 address appears to be assigned dynamically by XS4ALL. I can probably get static if I choose it. But the dynamic assignment option does alleviate some people's privacy concerns, right?
One particular concern, which isn't really much different from IPv4.
And in something like 90% of browser configurations, you're already giving out a semi-static unique string with every request anyway. (see https://panopticlick.eff.org/)
The bigger concern for WMF is the possibility for increased privacy.
ps. We all know that everyone needs to switch to IPv6 eventually.
Unless IPv7 or IPv8 comes out first.
On a separate note about IPv6: I just saw the first IPv6 anon entry appearing on my watchlist. It's exciting! Deryck
On 13 June 2012 13:43, Anthony wikimail@inbox.org wrote:
On Tue, Jun 12, 2012 at 6:39 PM, Kim Bruning kim@bruning.xs4all.nl wrote:
I noticed that my current IPv6 address appears to be assigned dynamically by XS4ALL. I can probably get static if I choose it. But the dynamic assignment option does alleviate some people's privacy concerns, right?
One particular concern, which isn't really much different from IPv4.
And in something like 90% of browser configurations, you're already giving out a semi-static unique string with every request anyway. (see https://panopticlick.eff.org/)
The bigger concern for WMF is the possibility for increased privacy.
ps. We all know that everyone needs to switch to IPv6 eventually.
Unless IPv7 or IPv8 comes out first.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
IPv6 is designed to operate on a "one IP = one device/connection" (non-NAT) basis, far more than IPv4. Privacy policy coversd "personally identifiable information". An IP becomes personally identifying when it broadly allows a person to be identified. If IPv4 can be "personally identifying" then IPv6 is guaranteed to be more so, because of its design and intended usage.
It looks like the switch to making the "UserID on public record" more anonymous for non-logged in users (hashing their IP for example) could usefully be brought in, simultaneous with or parallel to IPv6. As Erik says, both are desirable verging on necessary at some point, and the one mitigates against the issues of the other.
It serves a second purpose - a good system providing a more anonymous "UserID of public record" would also mean that IPv4 and IPv6 users would have similar "names" in the public record and block lists, meaning that the same tools and interfaces would work equally with both. This would simplify matters for future as well.
Without second guessing a suitable method, I would like to see unlogged-in users represented by a "name" of the form "IP user XXXXXXX" or "Not logged in YYYYY" or some such; there would be difficulties in that we want similar IPs to look similar without providing easy ways to identify the genuine underlying IP (eg by noticing other similar XXXX's whose IPs are known). It's also going to have implications for vandalism and abuse related activities, where it is often helpful that action is easily identified as a similar IP. It would be nice not to lose that sense of "similar IP" while not exposing the genuine IP.
Choice of method is a technical matter, I'd suggest if we move on both, then hopefully IPv6 will mark a step where anonymity improves and is available to logged in and not logged in users. But either way, IPv6 does have privacy implications for non-logged in users. IPv4 did too, but historically we let it alone and it was less severe. With IPv6 it may not be, and action would be much more important.
FT2
On Wed, Jun 13, 2012 at 4:34 PM, Deryck Chan deryckchan@wikimedia.hkwrote:
On a separate note about IPv6: I just saw the first IPv6 anon entry appearing on my watchlist. It's exciting! Deryck
On 13 June 2012 13:43, Anthony wikimail@inbox.org wrote:
On Tue, Jun 12, 2012 at 6:39 PM, Kim Bruning kim@bruning.xs4all.nl wrote:
I noticed that my current IPv6 address appears to be assigned dynamically by XS4ALL. I can probably get static if I choose it. But
the
dynamic assignment option does alleviate some people's privacy concerns, right?
One particular concern, which isn't really much different from IPv4.
And in something like 90% of browser configurations, you're already giving out a semi-static unique string with every request anyway. (see https://panopticlick.eff.org/)
The bigger concern for WMF is the possibility for increased privacy.
ps. We all know that everyone needs to switch to IPv6 eventually.
Unless IPv7 or IPv8 comes out first.
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
On Wed, Jun 13, 2012 at 1:36 PM, FT2 ft2.wiki@gmail.com wrote:
IPv6 is designed to operate on a "one IP = one device/connection" (non-NAT) basis, far more than IPv4. Privacy policy coversd "personally identifiable information". An IP becomes personally identifying when it broadly allows a person to be identified. If IPv4 can be "personally identifying" then IPv6 is guaranteed to be more so, because of its design and intended usage.
It looks like the switch to making the "UserID on public record" more anonymous for non-logged in users (hashing their IP for example) could usefully be brought in, simultaneous with or parallel to IPv6. As Erik says, both are desirable verging on necessary at some point, and the one mitigates against the issues of the other.
It serves a second purpose - a good system providing a more anonymous "UserID of public record" would also mean that IPv4 and IPv6 users would have similar "names" in the public record and block lists, meaning that the same tools and interfaces would work equally with both. This would simplify matters for future as well.
Without second guessing a suitable method, I would like to see unlogged-in users represented by a "name" of the form "IP user XXXXXXX" or "Not logged in YYYYY" or some such; there would be difficulties in that we want similar IPs to look similar without providing easy ways to identify the genuine underlying IP (eg by noticing other similar XXXX's whose IPs are known). It's also going to have implications for vandalism and abuse related activities, where it is often helpful that action is easily identified as a similar IP. It would be nice not to lose that sense of "similar IP" while not exposing the genuine IP.
Choice of method is a technical matter, I'd suggest if we move on both, then hopefully IPv6 will mark a step where anonymity improves and is available to logged in and not logged in users. But either way, IPv6 does have privacy implications for non-logged in users. IPv4 did too, but historically we let it alone and it was less severe. With IPv6 it may not be, and action would be much more important.
FT2
Why is "improving anonymity" a goal? Our privacy policy governs the disclosure of non-public information, but the IP addresses of editors without an account have always been effectively public. Are IP editors clamoring for more privacy? Is masking IPv6 addresses more important than the uses to which IP addresses are currently put? Is masking a better way to solve the problem of potentially more identifiable information in IPv6 than, say, a more prominent disclosure and disclaimer? Would masking the IP addresses only for logged-out users be a worthwhile change, given the ease of registering an account? Would they remain masked in the histories of project dumps? There are a lot of questions to answer here before it's reasonable to start suggesting changes be made, and these are only some.
On 13 June 2012 14:09, Nathan nawrich@gmail.com wrote:
<snipping FT2's comment>
Why is "improving anonymity" a goal? Our privacy policy governs the disclosure of non-public information, but the IP addresses of editors without an account have always been effectively public. Are IP editors clamoring for more privacy? Is masking IPv6 addresses more important than the uses to which IP addresses are currently put? Is masking a better way to solve the problem of potentially more identifiable information in IPv6 than, say, a more prominent disclosure and disclaimer? Would masking the IP addresses only for logged-out users be a worthwhile change, given the ease of registering an account? Would they remain masked in the histories of project dumps? There are a lot of questions to answer here before it's reasonable to start suggesting changes be made, and these are only some.
I believe that FT2 is saying that we should seriously consider masking the *publicly viewable* IPv6 addresses. The only reason that we publish the IP addresses of any logged-out user is for attribution purposes, although some use it for other reasons (both positive and nefarious). Quite honestly, it doesn't matter what information is put in place in the publicly viewable logs, provided it's consistent.
Risker
On Wed, Jun 13, 2012 at 2:21 PM, Risker risker.wp@gmail.com wrote:
On 13 June 2012 14:09, Nathan nawrich@gmail.com wrote:
I believe that FT2 is saying that we should seriously consider masking the *publicly viewable* IPv6 addresses. The only reason that we publish the IP addresses of any logged-out user is for attribution purposes, although some use it for other reasons (both positive and nefarious). Quite honestly, it doesn't matter what information is put in place in the publicly viewable logs, provided it's consistent.
Risker
Sure, that's the assertion, but it leaves unanswered a lot of "why" questions. Why should we make publicly viewable attributions less identifiable than they have been for a decade? Is that step valuable at all, given the reality that anyone likely to use the IP address for "nefarious" reasons would simply register an account?
I think a stable, predictable privacy regime that doesn't discourage users is a perfectly good goal which Wikimedia has largely achieved. I'm not sure there is a lot of value in FT2's suggestion from a privacy perspective (it would make far more sense to make the mask applicable to everyone but CUs or admins), let alone whether a significantly more anonymous method for contributing is either necessary or desirable.
~Nathan
On 13 June 2012 14:29, Nathan nawrich@gmail.com wrote:
On Wed, Jun 13, 2012 at 2:21 PM, Risker risker.wp@gmail.com wrote:
On 13 June 2012 14:09, Nathan nawrich@gmail.com wrote:
I believe that FT2 is saying that we should seriously consider masking
the
*publicly viewable* IPv6 addresses. The only reason that we publish the
IP
addresses of any logged-out user is for attribution purposes, although
some
use it for other reasons (both positive and nefarious). Quite honestly,
it
doesn't matter what information is put in place in the publicly viewable logs, provided it's consistent.
Risker
Sure, that's the assertion, but it leaves unanswered a lot of "why" questions. Why should we make publicly viewable attributions less identifiable than they have been for a decade? Is that step valuable at all, given the reality that anyone likely to use the IP address for "nefarious" reasons would simply register an account?
I think perhaps I was not clear in what I meant by "nefarious" purposes. The IP addresses in our contribution logs have been used by others to locate editors, to make allegations against individuals and organizations because their IP address showed up in those logs, and so on. It is a key reason why "accidentally editing logged out" is one of the top reasons for suppression requests, because it can provide a non-negligible amount of information about the user.
I think a stable, predictable privacy regime that doesn't discourage users is a perfectly good goal which Wikimedia has largely achieved. I'm not sure there is a lot of value in FT2's suggestion from a privacy perspective (it would make far more sense to make the mask applicable to everyone but CUs or admins), let alone whether a significantly more anonymous method for contributing is either necessary or desirable.
I would put to you that, actually, our publishing of full IP addresses of our logged-out contributors is a very significant privacy issue. There is no other top-10 website that publishes this information; in fact, the number of websites that attributes contributions to specific (often traceable) IP addresses is minuscule. The only rationale that has ever been given for publishing of IP addresses is for the purpose of edit attribution. That can be done any number of other ways.
Risker
On Wed, Jun 13, 2012 at 2:42 PM, Risker risker.wp@gmail.com wrote:
I think perhaps I was not clear in what I meant by "nefarious" purposes. The IP addresses in our contribution logs have been used by others to locate editors, to make allegations against individuals and organizations because their IP address showed up in those logs, and so on. It is a key reason why "accidentally editing logged out" is one of the top reasons for suppression requests, because it can provide a non-negligible amount of information about the user.
I think I understood what you meant by nefarious, but regardless of the definition, the point remains: unless you restrict any IP-related data to administrators and/or CUs, the type of masking FT2 described is ineffective at improving privacy.
I would put to you that, actually, our publishing of full IP addresses of
our logged-out contributors is a very significant privacy issue. There is no other top-10 website that publishes this information; in fact, the number of websites that attributes contributions to specific (often traceable) IP addresses is minuscule. The only rationale that has ever been given for publishing of IP addresses is for the purpose of edit attribution. That can be done any number of other ways.
Risker
I have to disagree for several reasons. First, while you are correct that no other top 10 website publishes IP information of users, that is in no small part a byproduct of how different Wikipedia is from the other 9. Without belaboring the point too much, search engines and passive viewing sites don't publish user information at all in any format, and commercial social networks have a wholly different set of interests than do Wikimedia projects. Second, more complete anonymity is and has always been available to any editor; while the primary and original purpose of an IP address in edit history is attribution, it has long been put to many other beneficial uses. Given that we've had a stable approach to IP addresses for 10 years, and no rush of demand to change the paradigm, it makes sense to balance the public benefit nature of the projects against the reasonable privacy needs (on which we all generally agree). We should discuss that balance rather than just assume that more perfect privacy is worth significantly less transparency.
On 13 June 2012 15:06, Nathan nawrich@gmail.com wrote:
On Wed, Jun 13, 2012 at 2:42 PM, Risker risker.wp@gmail.com wrote:
I think perhaps I was not clear in what I meant by "nefarious" purposes. The IP addresses in our contribution logs have been used by others to locate editors, to make allegations against individuals and organizations because their IP address showed up in those logs, and so on. It is a key reason why "accidentally editing logged out" is one of the top reasons
for
suppression requests, because it can provide a non-negligible amount of information about the user.
I think I understood what you meant by nefarious, but regardless of the definition, the point remains: unless you restrict any IP-related data to administrators and/or CUs, the type of masking FT2 described is ineffective at improving privacy.
I would put to you that, actually, our publishing of full IP addresses of
our logged-out contributors is a very significant privacy issue. There is no other top-10 website that publishes this information; in fact, the number of websites that attributes contributions to specific (often traceable) IP addresses is minuscule. The only rationale that has ever been given for publishing of IP addresses is for the purpose of edit attribution. That can be done any number of other ways.
Risker
I have to disagree for several reasons. First, while you are correct that no other top 10 website publishes IP information of users, that is in no small part a byproduct of how different Wikipedia is from the other 9. Without belaboring the point too much, search engines and passive viewing sites don't publish user information at all in any format, and commercial social networks have a wholly different set of interests than do Wikimedia projects. Second, more complete anonymity is and has always been available to any editor; while the primary and original purpose of an IP address in edit history is attribution, it has long been put to many other beneficial uses. Given that we've had a stable approach to IP addresses for 10 years, and no rush of demand to change the paradigm, it makes sense to balance the public benefit nature of the projects against the reasonable privacy needs (on which we all generally agree). We should discuss that balance rather than just assume that more perfect privacy is worth significantly less transparency.
The original Wikipedia platform (lo those long years ago) published only partial IP addresses. Today, "significantly less transparency" seems to mean "create an acccount" to many people. However, that is antithetical to the "anyone can edit" principle on which our projects are based. "Anyone can edit, as long as they don't mind that everyone in the world will know where they're from, what ISP they use, and possibly even the physical location from which they are editing and what equipment they're using to do so, unless they create an account" is what it has become.
We want the edits. We don't need to know the rest, and never have. If we needed to know that information, we would have decided not to permit account-based editing in the first place. There's no template at the bottom of the talk pages of editors with accounts that allows identification and geolocation of their IP. If it's useful for logged-out editors, it is just as useful for logged-in ones, according to the "transparency" logic.
One of the reasons that many of us were taken by surprise with the sudden appearance of the IPv6 change was that this very discussion could have taken place beforehand, and would have guided the Engineering team in their progress. I for one have long been concerned about the use of IP addresses to attribute edits, but that may be because I'm one of the few people who winds up suppressing those that happen accidentally to account holders. It's a discussion we need to have, though.
Risker
On Wed, Jun 13, 2012 at 3:18 PM, Risker risker.wp@gmail.com wrote:
The original Wikipedia platform (lo those long years ago) published only partial IP addresses. Today, "significantly less transparency" seems to mean "create an acccount" to many people. However, that is antithetical to the "anyone can edit" principle on which our projects are based. "Anyone can edit, as long as they don't mind that everyone in the world will know where they're from, what ISP they use, and possibly even the physical location from which they are editing and what equipment they're using to do so, unless they create an account" is what it has become.
I'm not sure I understand how "create an account" is antithetical to "anyone can edit". Are you saying there is some bar to creating an account that prevents some people from editing? People can choose to use an account name or choose to edit from an IP address. You're suggesting making account names mandatory and dynamic, I'm not seeing how that is a necessary outgrowth of "anyone can edit."
We want the edits. We don't need to know the rest, and never have. If we needed to know that information, we would have decided not to permit account-based editing in the first place. There's no template at the bottom of the talk pages of editors with accounts that allows identification and geolocation of their IP. If it's useful for logged-out editors, it is just as useful for logged-in ones, according to the "transparency" logic.
Sure - the same principle that makes IP information useful for transparency purposes works as well on IP editors as it does on account holders. But account holders have chosen to restrict access to that information, and IP editors have not. A better solution to mandating automatically assigned account names is to provide reasonable education and disclosure (say, a pop-up on first edit or something else fairly prominent) to people editing without an account. That way we let users judge privacy for themselves, and preserve the usefulness of IP data when a user chooses to disclose it.
Risker wrote:
"I am struggling to think of any other website of any nature that I have ever visited that publicly identifies editors/posters by their IP address, except for a few other wikis. I've seen "unregistered user" before, and similar nomenclature. Can anyone think of another site (regardless of purpose) that links the editor/poster publicly to their full IP address?"
IP address, no. Facebook profile (which is, as for most people, under my real name)? Sure. Even so, a comparison between Wikimedia and Google or the NY Times or Facebook or Gawker etc. fails because it does not recognize the many philosophical and practical differences between those sites and a Wikimedia project.
On 13 June 2012 15:39, Nathan nawrich@gmail.com wrote:
On Wed, Jun 13, 2012 at 3:18 PM, Risker risker.wp@gmail.com wrote: Risker wrote:
"I am struggling to think of any other website of any nature that I have ever visited that publicly identifies editors/posters by their IP address, except for a few other wikis. I've seen "unregistered user" before, and similar nomenclature. Can anyone think of another site (regardless of purpose) that links the editor/poster publicly to their full IP address?"
IP address, no. Facebook profile (which is, as for most people, under my real name)? Sure. Even so, a comparison between Wikimedia and Google or the NY Times or Facebook or Gawker etc. fails because it does not recognize the many philosophical and practical differences between those sites and a Wikimedia project.
Nathan, I'm still trying to come up with *any* site that permits unregistered users to post but also publishes their full IP address. Can you think of any at all? Let's not limit it to the big guys, let's really think this through and explore what is going on outside of our own bailiwick. Just because we've done things for a long time doesn't mean we shouldn't improve ourselves.
Risker
Risker
On Wed, Jun 13, 2012 at 3:49 PM, Risker risker.wp@gmail.com wrote:
Nathan, I'm still trying to come up with *any* site that permits unregistered users to post but also publishes their full IP address. Can you think of any at all? Let's not limit it to the big guys, let's really think this through and explore what is going on outside of our own bailiwick. Just because we've done things for a long time doesn't mean we shouldn't improve ourselves.
Well, there are many sites (my local newspaper for instance) that permit users with no site-specific registration to comment, but only using a Facebook profile. Assuming the commenter is following Facebook's account policies, that is at least as revealing as an IP address.
And we can just as easily look at it from the other direction - are there really other sites out there like Wikipedia, with our mix of mission and global impact for a user-generated product? I think Wikipedia is unique in many ways, and I believe that renders the comparison you're attempting to make not useful. And finally, you take for granted a principle that I have challenged - mandating complete anonymity for all users (other than those who edit using a real name) is not, in my view, the same as "improv[ing] ourselves."
I'd like to get other opinions on this, so I'm going to hold off on posting again in this thread... at least for as long as I can stand it :-P
~Nathan
On 13 June 2012 15:06, Nathan nawrich@gmail.com wrote:
<snip>
I have to disagree for several reasons. First, while you are correct that no other top 10 website publishes IP information of users, that is in no small part a byproduct of how different Wikipedia is from the other 9.
<snip>
I am struggling to think of any other website of any nature that I have ever visited that publicly identifies editors/posters by their IP address, except for a few other wikis. I've seen "unregistered user" before, and similar nomenclature. Can anyone think of another site (regardless of purpose) that links the editor/poster publicly to their full IP address?
Risker
On Jun 13, 2012, at 11:21 AM, Risker wrote:
I believe that FT2 is saying that we should seriously consider masking the *publicly viewable* IPv6 addresses. The only reason that we publish the IP addresses of any logged-out user is for attribution purposes, although some use it for other reasons (both positive and nefarious). Quite honestly, it doesn't matter what information is put in place in the publicly viewable logs, provided it's consistent.
A couple of weeks ago, Brion Vibber and I started walking through a series of thoughts about eliminating publicly viewable IP addresses altogether, creating "Proto Accounts". That is, to completely anonymize anonymous users (by calling them "Anonymous XXXXXX") and at the same time creating system whereby Anonymous users might be encouraged to become registered users (and retain the edits they did anonymously).
This would work by "back-loading" the account creation process:
1) User makes anonymous edit (as "Anonymous 1234"). Edit is logged as "Anonymous 1234"). 2) User is given call-to-action to convert to a registered account. 3) User fills out account form (username, password, email) (let's call them "AwesomeSauce89") 4) Proto account gets renamed to "AwesomeSauce89"; the edits that were under "Anonymous 1234" are now listed as being by "AwesomeSauce89"
I also spoke with Tim Starling about this in Berlin and he agreed that it was a good idea. However, this would be no small feat. A big part of the problems involved in this type of anonymizing involve how we deal with range blocks.
Would this be something people might like to see happen?
--- Brandon Harris, Senior Designer, Wikimedia Foundation
Support Free Knowledge: http://wikimediafoundation.org/wiki/Donate
On Wed, Jun 13, 2012 at 2:29 PM, Brandon Harris bharris@wikimedia.orgwrote:
On Jun 13, 2012, at 11:21 AM, Risker wrote:
I believe that FT2 is saying that we should seriously consider masking
the
*publicly viewable* IPv6 addresses. The only reason that we publish the
IP
addresses of any logged-out user is for attribution purposes, although
some
use it for other reasons (both positive and nefarious). Quite honestly,
it
doesn't matter what information is put in place in the publicly viewable logs, provided it's consistent.
A couple of weeks ago, Brion Vibber and I started walking through
a series of thoughts about eliminating publicly viewable IP addresses altogether, creating "Proto Accounts". That is, to completely anonymize anonymous users (by calling them "Anonymous XXXXXX") and at the same time creating system whereby Anonymous users might be encouraged to become registered users (and retain the edits they did anonymously).
This would work by "back-loading" the account creation process: 1) User makes anonymous edit (as "Anonymous 1234"). Edit
is logged as "Anonymous 1234"). 2) User is given call-to-action to convert to a registered account. 3) User fills out account form (username, password, email) (let's call them "AwesomeSauce89") 4) Proto account gets renamed to "AwesomeSauce89"; the edits that were under "Anonymous 1234" are now listed as being by "AwesomeSauce89"
I also spoke with Tim Starling about this in Berlin and he agreed
that it was a good idea. However, this would be no small feat. A big part of the problems involved in this type of anonymizing involve how we deal with range blocks.
Would this be something people might like to see happen?
In my view, no. I think we need to balance the "risk" argument for anonymity (dissidents, whistleblowers, people editing topics they wouldn't want to be publicly associated with, etc.) with the benefits of partial anonymity. Among these benefits I'd cite the many news items regarding the discovery of fishy editing patterns from Congressional offices, corporate offices, government agencies, political candidates, etc. We're an organization with competing aims: we'd like to be as transparent as possible, and by and large believe in the value of radical transparency, but we also want to protect our users from undue harm. I think we can maintain that balance by having a very stable and predictable approach to privacy, and by being abundantly clear with our disclosures and user education with respect to privacy. The above approach wipes out any transparency in favor of complete privacy, without (to my mind) establishing the particular benefits of that outcome.
~Nathan
Nathan, 13/06/2012 20:37:
In my view, no. I think we need to balance the "risk" argument for anonymity (dissidents, whistleblowers, people editing topics they wouldn't want to be publicly associated with, etc.) with the benefits of partial anonymity. Among these benefits I'd cite the many news items regarding the discovery of fishy editing patterns from Congressional offices, corporate offices, government agencies, political candidates, etc. We're an organization with competing aims: we'd like to be as transparent as possible, and by and large believe in the value of radical transparency, but we also want to protect our users from undue harm.
I'm quite surprised that only Nathan seems to be voicing this concern. For many years when people criticized the lack of responsibility in Wikipedia's authors we've repeated that every word and comma is attributed to a person, either by pen name or IP, and that there's no need of a real name policy. The most important feature of MediaWiki is a [user] "tracking" feature: the diffs, the history, the contributions page; everything is transparent. This is not needed to please some big brother fans but rather for the wiki (the community) to work; replacing IPs with unusable non-identifying strings would be a bad thing and it's not obvious at all that "improving privacy" is the prevalent aim here. In fact, the main problem with how IPv6 addresses are exposed in MediaWiki is that the bytes of information random users have to digest and remember to identify users are just too much and in a user-unfriendly format (even for the standard sysop). On the other hand, IPv6 will improve identification in a very good way; ISP are already heavily using NAT, and quite often hundreds or thousands of users in my city have been blocked on it.wiki by blocking just a single IPv4 address, not to mention community drama around dubious CheckUser results. That said, we've used domains before IPs and it's surely possible to invent something new, although I don't have enough imagination to find a solution.
Nemo
On Jun 14, 2012 1:30 AM, "Brandon Harris" bharris@wikimedia.org wrote:
A couple of weeks ago, Brion Vibber and I started walking through
a series of thoughts about eliminating publicly viewable IP addresses altogether, creating "Proto Accounts". That is, to completely anonymize anonymous users (by calling them "Anonymous XXXXXX") and at the same time creating system whereby Anonymous users might be encouraged to become registered users (and retain the edits they did anonymously).
This would work by "back-loading" the account creation process: 1) User makes anonymous edit (as "Anonymous 1234"). Edit
is logged as "Anonymous 1234").
2) User is given call-to-action to convert to a registered
account.
3) User fills out account form (username, password, email)
(let's call them "AwesomeSauce89")
4) Proto account gets renamed to "AwesomeSauce89"; the
edits that were under "Anonymous 1234" are now listed as being by "AwesomeSauce89"
I also spoke with Tim Starling about this in Berlin and he agreed
that it was a good idea. However, this would be no small feat. A big part of the problems involved in this type of anonymizing involve how we deal with range blocks.
Would this be something people might like to see. .
Yes!
--JV
On Jun 14, 2012 1:30 AM, "Brandon Harris" bharris@wikimedia.org wrote:
A couple of weeks ago, Brion Vibber and I started walking through
a series of thoughts about eliminating publicly viewable IP addresses altogether, creating "Proto Accounts". That is, to completely anonymize anonymous users (by calling them "Anonymous XXXXXX") and at the same time creating system whereby Anonymous users might be encouraged to become registered users (and retain the edits they did anonymously).
This would work by "back-loading" the account creation process: 1) User makes anonymous edit (as "Anonymous 1234"). Edit
is logged as "Anonymous 1234").
2) User is given call-to-action to convert to a registered
account.
3) User fills out account form (username, password, email)
(let's call them "AwesomeSauce89")
4) Proto account gets renamed to "AwesomeSauce89"; the
edits that were under "Anonymous 1234" are now listed as being by "AwesomeSauce89"
I also spoke with Tim Starling about this in Berlin and he agreed
that it was a good idea. However, this would be no small feat. A big part of the problems involved in this type of anonymizing involve how we deal with range blocks.
Would this be something people might like to see. .
If I understand it well, YEAH.
Aubrey
_______________________________________________
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Yes. Risker has understood.
Her word "masking" means for me, that we would like to make it hard or create a high hurdle, for third parties wanting to find or prove a link between the public displayed ID of non-logged in users and other off-site ID such as their IP address that can be used to externally correlate or identify a real-world individual. (Which is not really any more than we do for logged in users)
What exact label is publicly displayed is secondary. Otherwise pseudonymity wouldn't work either. Its functions are (1) attribution, (2) a convenient shorthand for "the unknown real world individual responsible for this edit" in wiki-discussions, and (3) some minimal consistency of identification.
FT2
On Wed, Jun 13, 2012 at 7:21 PM, Risker risker.wp@gmail.com wrote:
On 13 June 2012 14:09, Nathan nawrich@gmail.com wrote: (more snipping)
I believe that FT2 is saying that we should seriously consider masking the *publicly viewable* IPv6 addresses. The only reason that we publish the IP addresses of any logged-out user is for attribution purposes, although some use it for other reasons (both positive and nefarious). Quite honestly, it doesn't matter what information is put in place in the publicly viewable logs, provided it's consistent.
Risker
Wikipedia has held since the start, a philosophy that some aspects of neutral accessible editing are enhanced by pseudonymity. One only need look at early policies and current policies to see they started with strong strict views on this, and retain strong strict views. Reasons where it matters are codified in policies themselves - freedom to edit without fear of social backlash, freedom to edit unpopular views and topics or those which would be professionally harmful, freedom to edit from places and regimes where uninhibited authorship would be dangerous, freedom to be judged by the edits one makes and not the person one is.
Obviously there are negatives too - ease of abuse, reduced ease of detecting bad behavior, and so on. None the less over time the view has stuck, pseudonymity is a cornerstone of the environment we offer users and that users may rely upon. In that context, improving pseudonymity is a valid goal. That an area established 10 years ago has not yet been fully revised or brought into the 2010-2020 era is not salient. The same could be said of many Mediawiki functions. Pseudonymity is "de facto" in the culture, and part of our multi-branched attempt to facilitate neutral open editing. It is an area of interest and an area where improvemenet and advancement are worthwhile to seek. It is odd to rationalize that a user with an account has safeguards which users without accounts should not "deserve".
Most of the rest of your questiopns are technical - how would this or that be done? Those technical questions need technical consideration, but the basic question is a non technicval one, as is my comment. This is a desirable area to dovetail. How that works and to what extent cost v benefit means we do some things but accept limitations on others, are questions that technical people will need to consider.
FT2
On Wed, Jun 13, 2012 at 7:09 PM, Nathan nawrich@gmail.com wrote:
On Wed, Jun 13, 2012 at 1:36 PM, FT2 ft2.wiki@gmail.com wrote:
(snip)
Why is "improving anonymity" a goal? Our privacy policy governs the disclosure of non-public information, but the IP addresses of editors without an account have always been effectively public. Are IP editors clamoring for more privacy? Is masking IPv6 addresses more important than the uses to which IP addresses are currently put? Is masking a better way to solve the problem of potentially more identifiable information in IPv6 than, say, a more prominent disclosure and disclaimer? Would masking the IP addresses only for logged-out users be a worthwhile change, given the ease of registering an account? Would they remain masked in the histories of project dumps? There are a lot of questions to answer here before it's reasonable to start suggesting changes be made, and these are only some.
On 13/06/12 00:39, Kim Bruning wrote:
What with XS4ALL (my ISP) now also offering IPv6 out-of-the-box, there's at least one extra IPv6 anon on en.wp. ;-)
I noticed that my current IPv6 address appears to be assigned dynamically by XS4ALL. I can probably get static if I choose it. But the dynamic assignment option does alleviate some people's privacy concerns, right?
A 'privacy problem' of IPv6 addresses is that they could be tied to your network card identification number (the MAC), so even if you changed networks, and got a different ip, the lower bytes would remain constant indentifying you. Then privacy extensions were developed to avoid that. I think you should check how much dynamic it by looking not just but what ranges change. Maybe it's static but your OS is making it look dynamic on each reboot. Or viceversa, your OS could be leaking your MAC even though your ISP gives you a dynamic one.
wikimedia-l@lists.wikimedia.org