Joe writes:
My reason for asking was from a comment left by Kelly Martin on the Wikipedia Review, where she said, "And Cary routinely makes exceptions to the "must identify to the Foundation" policy, too," which seemed odd.
It was such an outrageous comment that I wanted to ask what is checked. Cary, thank you for answering. Is what Greg mentioned he did what happens to all people with private access--do they have to provide a passport, state ID, something like that?
I don't know what Kelly is referring to here. Cary doesn't make exceptions, routinely or otherwise, to the identification policy. Greg's experience is the norm, and it has been since I came on at the Foundation a year ago (one-year anniversary coming up in July!).
--Mike
On Wed, Jun 25, 2008 at 3:45 PM, Mike Godwin mgodwin@wikimedia.org wrote:
Joe writes:
My reason for asking was from a comment left by Kelly Martin on the Wikipedia Review, where she said, "And Cary routinely makes exceptions to the "must identify to the Foundation" policy, too," which seemed odd.
It was such an outrageous comment that I wanted to ask what is checked. Cary, thank you for answering. Is what Greg mentioned he did what happens to all people with private access--do they have to provide a passport, state ID, something like that?
I don't know what Kelly is referring to here. Cary doesn't make exceptions, routinely or otherwise, to the identification policy. Greg's experience is the norm, and it has been since I came on at the Foundation a year ago (one-year anniversary coming up in July!).
--Mike
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
And, for more than a year since Mike joined WMF, real identification was demanded of candidates. I take minor exception to Greg's observation earlier that only the winner would "really" need to supply ID - the whole point of this development historically was to discourage an otherwise unqualified jester from going the entire way through the election process, getting votes, but not having the legal capacity to act as a board member. As Danny used to joke, the rule is "we can't have anyone on the board who needs a permission slip from his mommy."
In meatspace, who you actually are actually matters.
Brad
2008/6/25 Mike Godwin mgodwin@wikimedia.org:
Joe writes:
My reason for asking was from a comment left by Kelly Martin on the Wikipedia Review, where she said, "And Cary routinely makes exceptions to the "must identify to the Foundation" policy, too," which seemed odd.
It was such an outrageous comment that I wanted to ask what is checked. Cary, thank you for answering. Is what Greg mentioned he did what happens to all people with private access--do they have to provide a passport, state ID, something like that?
I don't know what Kelly is referring to here. Cary doesn't make exceptions, routinely or otherwise, to the identification policy. Greg's experience is the norm, and it has been since I came on at the Foundation a year ago (one-year anniversary coming up in July!).
--Mike
Eh back when OTRS was first activated I think ID was required for everyone so some old timers are likely to be confused about how things are run now. Either way it is better than what went before.
On Jun 25, 2008, at 2:45 PM, Mike Godwin wrote:
I don't know what Kelly is referring to here. Cary doesn't make exceptions, routinely or otherwise, to the identification policy. Greg's experience is the norm, and it has been since I came on at the Foundation a year ago (one-year anniversary coming up in July!).
--Mike
In my situation, a good chunk of the WMF staff knows me pretty well, I'm spent a (not insignificant) amount of time in their offices, and been through some fairly thorough questioning on various topics. And yet, when I needed access to private information for the board elections, Cary - who can pick me out of a lineup and knows me reasonably well, I think - asked to see my driver's license.
My gut feel and personal experience says that the policy is being enforced fairly stringently.
Philippe
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Philippe Beaudette wrote:
On Jun 25, 2008, at 2:45 PM, Mike Godwin wrote:
I don't know what Kelly is referring to here. Cary doesn't make exceptions, routinely or otherwise, to the identification policy. Greg's experience is the norm, and it has been since I came on at the Foundation a year ago (one-year anniversary coming up in July!).
--Mike
In my situation, a good chunk of the WMF staff knows me pretty well, I'm spent a (not insignificant) amount of time in their offices, and been through some fairly thorough questioning on various topics. And yet, when I needed access to private information for the board elections, Cary - who can pick me out of a lineup and knows me reasonably well, I think - asked to see my driver's license.
My gut feel and personal experience says that the policy is being enforced fairly stringently.
Philippe
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
I have been asked to provide and have provided two government issued ID's.
Best, Jon
Philippe Beaudette wrote:
On Jun 25, 2008, at 2:45 PM, Mike Godwin wrote:
I don't know what Kelly is referring to here. Cary doesn't make exceptions, routinely or otherwise, to the identification policy. Greg's experience is the norm, and it has been since I came on at the Foundation a year ago (one-year anniversary coming up in July!).
--Mike
In my situation, a good chunk of the WMF staff knows me pretty well, I'm spent a (not insignificant) amount of time in their offices, and been through some fairly thorough questioning on various topics. And yet, when I needed access to private information for the board elections, Cary - who can pick me out of a lineup and knows me reasonably well, I think - asked to see my driver's license.
My gut feel and personal experience says that the policy is being enforced fairly stringently.
Philippe
To me it seems no more than exercising due diligence; I for one would prefer personal data to be overprotected than underprotected, and it seems indicative of the amount of care taken. That could be critical in litigation.
On Jun 29, 2008, at 2:26 PM, Phil Nash wrote:
To me it seems no more than exercising due diligence; I for one would prefer personal data to be overprotected than underprotected, and it seems indicative of the amount of care taken. That could be critical in litigation.
I didn't mean to imply anything else. You're absolutely correct, and I agree with you.
philippe
Like others who have commented here, I was required to prove I was of age with legal ID before accessing OTRS. Were the claim that people _used to be_ lax, I would believe it. To claim they have become lax just seems silly. Part of Sue's remit has been to reduce informality and make processes like this a casual, but required, formality. It should not be a big deal for people who are prepared to take on roles like this and CheckUser to get them. Part and parcel of that is that the office does not turn it into as much of an ordeal as getting a NATO security clearance. The key thing is proving you are old enough to be legally responsible for your actions. To start with, you will not get to the position of being asked that unless you have - online - proven you act mature enough to take responsibility for your actions.
Those who would criticise how the whole thing works would do well to look at the social structure, and to stop looking for the cabals. Wikimedia projects are meritocracies, and administrators as young as fourteen can end up taking the decision to block the entire U.S. Congress from editing Wikipedia. If their reasoning is sound, they will be backed up. To get to that position they've been through a trial of fire and proven themselves mature beyond their years. When they can prove they've hit the right age, they'll get access to the stuff that the privacy policy covers.
I have neither seen, nor heard, anything to contradict this being the way things are run. Neither Wikipedia Review or Kelly Martin should be considered credible sources.
Brian McNeil
-----Original Message----- From: foundation-l-bounces@lists.wikimedia.org [mailto:foundation-l-bounces@lists.wikimedia.org] On Behalf Of Phil Nash Sent: 29 June 2008 21:26 To: Wikimedia Foundation Mailing List Subject: Re: [Foundation-l] identity disclosure and access to OTRS/Checkuser
Philippe Beaudette wrote:
On Jun 25, 2008, at 2:45 PM, Mike Godwin wrote:
I don't know what Kelly is referring to here. Cary doesn't make exceptions, routinely or otherwise, to the identification policy. Greg's experience is the norm, and it has been since I came on at the Foundation a year ago (one-year anniversary coming up in July!).
--Mike
In my situation, a good chunk of the WMF staff knows me pretty well, I'm spent a (not insignificant) amount of time in their offices, and been through some fairly thorough questioning on various topics. And yet, when I needed access to private information for the board elections, Cary - who can pick me out of a lineup and knows me reasonably well, I think - asked to see my driver's license.
My gut feel and personal experience says that the policy is being enforced fairly stringently.
Philippe
To me it seems no more than exercising due diligence; I for one would prefer
personal data to be overprotected than underprotected, and it seems indicative of the amount of care taken. That could be critical in litigation.
_______________________________________________ foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
When I became an OTRS volunteer, I didn't need to send any ID (this was September 2007). When I ran in the steward election, I sent a photo of my passport, which was required. Still, it could be incredibly easy to forge such a thing, or use someone elses.
On Jun 29, 2008, at 5:28 PM, Al Tally wrote:
When I became an OTRS volunteer, I didn't need to send any ID (this was September 2007). When I ran in the steward election, I sent a photo of my passport, which was required. Still, it could be incredibly easy to forge such a thing, or use someone elses.
Mind you, I'm no lawyer, but I would think there are SIGNIFICANT legal penalties to forging a passport to use as identification. Even if not (because you're not presenting it to a government authority), I would think the Foundation has done appropriate due-diligence. In any case, WP:BEANS. _____________________ Philippe Beaudette Tulsa, OK philippebeaudette@gmail.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Al Tally wrote:
When I became an OTRS volunteer, I didn't need to send any ID (this was September 2007). When I ran in the steward election, I sent a photo of my passport, which was required. Still, it could be incredibly easy to forge such a thing, or use someone elses.
Oh my. Serious legal consequences for forging such a thing. I'm sure the foundation has a method to vet these things.
Jon
Oh my. Serious legal consequences for forging such a thing. I'm sure the foundation has a method to vet these things.
How could they do that? They might be able to tell if the passport is real or not, but there's no way they can tell whether or not it's actually yours.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Dalton wrote:
Oh my. Serious legal consequences for forging such a thing. I'm sure the foundation has a method to vet these things.
How could they do that? They might be able to tell if the passport is real or not, but there's no way they can tell whether or not it's actually yours.
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
Really, there is no way? So if I take a photo of myself, and my passport, with the weather channel (with current date and time) behind us, there is no way? There are plenty of methods.
Best, Jon
Really, there is no way? So if I take a photo of myself, and my passport, with the weather channel (with current date and time) behind us, there is no way? There are plenty of methods.
While I've never had to verify my identity with the foundation, my understanding is that they *don't* ask for a picture taken in front of the weather channel along with the passport. Given the information they request, there is no way for them to verify the passport is of the right person.
Even if you do take a picture in front of the weather channel, how do you prove it's you?
One question, 23 very similar responses. Curious... can we assume the question is adequately answered now?
Nathan
Oh, yes, I think so! -Mike
-----Original Message----- From: Nathan [mailto:nawrich@gmail.com] Sent: June 29, 2008 8:29 PM To: Wikimedia Foundation Mailing List Subject: Re: [Foundation-l] identity disclosure and access to OTRS/Checkuser
One question, 23 very similar responses. Curious... can we assume the question is adequately answered now?
Nathan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Dalton wrote:
Really, there is no way? So if I take a photo of myself, and my passport, with the weather channel (with current date and time) behind us, there is no way? There are plenty of methods.
While I've never had to verify my identity with the foundation, my understanding is that they *don't* ask for a picture taken in front of the weather channel along with the passport. Given the information they request, there is no way for them to verify the passport is of the right person.
Even if you do take a picture in front of the weather channel, how do you prove it's you?
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
You could prove its me in front of the weather channel, because I would be holding my passport up to my face.
Best, Jon
You could prove its me in front of the weather channel, because I would be holding my passport up to my face.
No, you could prove it's the passport owner in front of the weather channel. The point is that you can't prove you are the passport owner.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Dalton wrote:
You could prove its me in front of the weather channel, because I would be holding my passport up to my face.
No, you could prove it's the passport owner in front of the weather channel. The point is that you can't prove you are the passport owner.
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
You are correct. I have no answer for this.
Best, Jon
There is an answer for this... Confiscate Thomas' tinfoil.
Brian McNeil
-----Original Message----- From: foundation-l-bounces@lists.wikimedia.org [mailto:foundation-l-bounces@lists.wikimedia.org] On Behalf Of Jon Sent: 30 June 2008 01:39 To: Wikimedia Foundation Mailing List Subject: Re: [Foundation-l] identity disclosure and access to OTRS/Checkuser
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Dalton wrote:
You could prove its me in front of the weather channel, because I would be holding my passport up to my face.
No, you could prove it's the passport owner in front of the weather channel. The point is that you can't prove you are the passport owner.
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
You are correct. I have no answer for this.
Best, Jon
_______________________________________________ foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
2008/6/30 Brian McNeil brian.mcneil@wikinewsie.org:
There is an answer for this... Confiscate Thomas' tinfoil.
The tinfoil protects me from *government* conspiracies. You need more than a hat to protect against rogue Wikimedians!
Thomas Dalton wrote:
2008/6/30 Brian McNeil:
There is an answer for this... Confiscate Thomas' tinfoil.
The tinfoil protects me from *government* conspiracies. You need more than a hat to protect against rogue Wikimedians!
This suggests that the average rogue Wikimedian is smarter than a government. Not an unlikely prospect. :-)
Ec
2008/6/30 Ray Saintonge saintonge@telus.net:
Thomas Dalton wrote:
2008/6/30 Brian McNeil:
There is an answer for this... Confiscate Thomas' tinfoil.
The tinfoil protects me from *government* conspiracies. You need more than a hat to protect against rogue Wikimedians!
This suggests that the average rogue Wikimedian is smarter than a government. Not an unlikely prospect. :-)
Well, yeah, that was the joke...
On Mon, Jun 30, 2008 at 9:39 AM, Thomas Dalton thomas.dalton@gmail.com wrote:
2008/6/30 Ray Saintonge saintonge@telus.net:
Thomas Dalton wrote:
2008/6/30 Brian McNeil:
There is an answer for this... Confiscate Thomas' tinfoil.
The tinfoil protects me from *government* conspiracies. You need more than a hat to protect against rogue Wikimedians!
This suggests that the average rogue Wikimedian is smarter than a government. Not an unlikely prospect. :-)
Well, yeah, that was the joke...
In an era where the Japanese mandated cameras and automatic age-detection software on cigarette vending machines to avoid sales to minors, and those cameras accept a magazine photo of an adult face held up to the camera as legitimate, it never pays to be too pessimistic about "security measures".
sounds funny. source?
On 30/06/2008, George Herbert george.herbert@gmail.com wrote:
On Mon, Jun 30, 2008 at 9:39 AM, Thomas Dalton thomas.dalton@gmail.com wrote:
2008/6/30 Ray Saintonge saintonge@telus.net:
Thomas Dalton wrote:
2008/6/30 Brian McNeil:
There is an answer for this... Confiscate Thomas' tinfoil.
The tinfoil protects me from *government* conspiracies. You need more than a hat to protect against rogue Wikimedians!
This suggests that the average rogue Wikimedian is smarter than a government. Not an unlikely prospect. :-)
Well, yeah, that was the joke...
In an era where the Japanese mandated cameras and automatic age-detection software on cigarette vending machines to avoid sales to minors, and those cameras accept a magazine photo of an adult face held up to the camera as legitimate, it never pays to be too pessimistic about "security measures".
-- -george william herbert george.herbert@gmail.com
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
On Mon, Jun 30, 2008 at 5:26 PM, Mark Williamson node.ue@gmail.com wrote:
sounds funny. source?
Slashdot: http://it.slashdot.org/article.pl?sid=08/06/29/1745256
Ryan wrote:
On Mon, Jun 30, 2008 at 5:26 PM, Mark Williamson node.ue@gmail.com wrote:
sounds funny. source?
Slashdot: http://it.slashdot.org/article.pl?sid=08/06/29/1745256
Great! Maybe after the machines have figured out that a photo is a two dimensional object the kids can start wearing Hallowe'en face masks. :-)
Ec
Ray Saintonge wrote:
Ryan wrote:
On Mon, Jun 30, 2008 at 5:26 PM, Mark Williamson node.ue@gmail.com wrote:
sounds funny. source?
Slashdot: http://it.slashdot.org/article.pl?sid=08/06/29/1745256
Great! Maybe after the machines have figured out that a photo is a two dimensional object the kids can start wearing Hallowe'en face masks. :-)
Then the machine operators wonder why they're selling so many cigarettes to George W. Bush, and why is he spending so much time in Japan anyway.......
Or lock away all the photoshop software for gaming Weather Channel and have volunteers submit DNA samples in a little cup, in person in San Fran, and hand deliver your samples directly to Sue and Mike...
Yeah, I'd say this was all answered. :) Someone if they really wanted could pool one over on the WMF in theory, but no more than a prospective employee could with a bogus state ID or tax ID number. But this is the WMF, not the NSA.
Joe
On Sun, Jun 29, 2008 at 4:42 PM, Brian McNeil brian.mcneil@wikinewsie.org wrote:
There is an answer for this... Confiscate Thomas' tinfoil.
Brian McNeil
-----Original Message----- From: foundation-l-bounces@lists.wikimedia.org [mailto:foundation-l-bounces@lists.wikimedia.org] On Behalf Of Jon Sent: 30 June 2008 01:39 To: Wikimedia Foundation Mailing List Subject: Re: [Foundation-l] identity disclosure and access to OTRS/Checkuser
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Dalton wrote:
You could prove its me in front of the weather channel, because I would be holding my passport up to my face.
No, you could prove it's the passport owner in front of the weather channel. The point is that you can't prove you are the passport owner.
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
You are correct. I have no answer for this.
Best, Jon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIaB0I6+ro8Pm1AtURAtzbAJ9tFqv3Dt2IHIu+NIVDYcdOYMbrkgCfTKft tM12+au9YLhTJFs3nSo9md0= =7o4H -----END PGP SIGNATURE-----
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
Jon wrote:
Thomas Dalton wrote:
Oh my. Serious legal consequences for forging such a thing. I'm sure the foundation has a method to vet these things.
How could they do that? They might be able to tell if the passport is real or not, but there's no way they can tell whether or not it's actually yours.
Really, there is no way? So if I take a photo of myself, and my passport, with the weather channel (with current date and time) behind us, there is no way? There are plenty of methods.
There is a matter of the size ratio between your face and your passport picture; that would require a high resolution photo to get the two together. There are characteristics of a valid passport that only show up under UV light so you might want to do a UV scan ... if you know how to find a UV scanner.
This thread looks so much like a series of solutions in search of a problem. It all presumes that someone will think of these schemes before submitting anything deceptive. One can never find an absolutely safe and secure way of doing these things, only increasingly expensive, complex and intrusive countermeasures for events of diminishing likelihood.
Ec
Thomas Dalton wrote:
Oh my. Serious legal consequences for forging such a thing. I'm sure the foundation has a method to vet these things.
How could they do that? They might be able to tell if the passport is real or not, but there's no way they can tell whether or not it's actually yours.
I can't speak for US passports, or indeed any other than UK, but it's normal for to provide some sort of declaration from a doctor, lawyer or priest who can certify that they've known the applicant for a reasonable length of time. Not completely foolproof, of course, if you've seen "The Day of the Jackal", but good enough for normal purposes. I find it hard to believe anyone would go to such lengths to gain access to OTRS, however. Checkuser may be an entirely different proposition in some of the contexts we have on en:Wikipedia, but again, I think it's such a remote proposition as to be practically discountable.
2008/6/30 Phil Nash pn007a2145@blueyonder.co.uk:
Thomas Dalton wrote:
Oh my. Serious legal consequences for forging such a thing. I'm sure the foundation has a method to vet these things.
How could they do that? They might be able to tell if the passport is real or not, but there's no way they can tell whether or not it's actually yours.
I can't speak for US passports, or indeed any other than UK, but it's normal for to provide some sort of declaration from a doctor, lawyer or priest who can certify that they've known the applicant for a reasonable length of time. Not completely foolproof, of course, if you've seen "The Day of the Jackal", but good enough for normal purposes. I find it hard to believe anyone would go to such lengths to gain access to OTRS, however. Checkuser may be an entirely different proposition in some of the contexts we have on en:Wikipedia, but again, I think it's such a remote proposition as to be practically discountable.
Oh, yes, there are plenty of methods for the passport issuer to confirm the identity of an applicant before issuing the passport, but that doesn't help the WMF. All I have to do I borrow someone else's passport (a perfectly genuine one) and claim that's me and there's no way the WMF could know any different.
wikimedia-l@lists.wikimedia.org