I would imagine that we would see a big drop in registered accounts if IPs were hashed.
Why? Most casual web users don't even know what an IP address is, let alone what their own address is. In fact the evolution of browsers tends to even hide the URL. This is the sort of technical information that an ever-shrinking portion of web users know about these days.
an alternative scheme that makes things more readable
A hash can take many forms. In fact it could be formatted just like an IP address. Even if the hash format mixes letters and numbers, as long as the length is similar, I don't see how IP addresses are superior in terms of readability.
On Fri, Jul 11, 2014 at 10:25 AM, Tyler Romeo tylerromeo@gmail.com wrote:
I agree that it’s a double standard, but looking at the bright side, it becomes a big encouragement to anonymous users to register and log in. The Account Creation Experience Team (or whoever the hell is in charge of that) can correct me, but I would imagine that we would see a big drop in registered accounts if IPs were hashed.
Also, it’d be really annoying to have hashes as usernames, so we’d have to think of an alternative scheme that makes things more readable. -- Tyler Romeo 0x405D34A7C86B42DF
From: Gilles Dubuc gilles@wikimedia.org gilles@wikimedia.org Reply: Wikimedia developers wikitech-l@lists.wikimedia.org> wikitech-l@lists.wikimedia.org Date: July 11, 2014 at 9:34:18 To: Wikimedia developers wikitech-l@lists.wikimedia.org> wikitech-l@lists.wikimedia.org Subject: [Wikitech-l] Anonymous editors & IP addresses
This interesting bot showed up on hackernews today: https://news.ycombinator.com/item?id=8018284
While in this instance the access to anonymous' editors IP addresses is definitely useful in terms of identifying edits with probable conflict of interest, it makes me wonder what the history is behind the fact that anonymous editors are identified by their IP addresses on WMF-hosted wikis.
IP addresses are closely guarded for registered users, why wouldn't anonymous users be identified by a hash of their IP address in order to protect their privacy as well? The exact same functionality of being able to see all edits by a given anonymous IP would still exist, the IP itself just wouldn't be publicly available, protected with the same access rights as registered users'.
The "use case" that makes me think of that is someone living in a totalitarian regime making a sensitive edit and forgetting that they're logged out. Or just being unaware that being anonymous on the wiki doesn't mean that their local authorities can figure out who they are based on IP address and time. Understanding that they're somewhat protected when logged in and not when logged out requires a certain level of technical understanding. The easy way out of this argument is to state that these users should be using Tor or something similar. But I still wonder why we have this double standard of protecting registered users' privacy in regards to IP addresses and not applying the same for anonymous users, when simple hashing would do the job. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l