On 07/11/2014 11:45 AM, Brion Vibber wrote:
As I recall, UseModWiki (the perl-based wiki software we used before switching to a custom solution which evolved into MediaWiki) obscured the last octet of the IP address, which still left you with enough information in most cases to track down an ISP or school/business/govt institution. I think UseMod also exposed the IP addresses of logged-in users, but the way logins worked were very different and it was possible to set your name to someone else's name or some such oddities...
Yeah, the main benefit to the current setup (which probably doesn't really require the last octet in most cases) is detecting casual abuse, which includes (but is not limited to) both blatant vandalism and conflict of interest edits. (People have lunch breaks, and I don't claim every edit from a organizational IP is a conflict of interest, but many true COI edits have been caught this way).
If we look into something like proto-accounts or hashing or such, it would be good to try to maintain this benefit (do the lookup on the server, and expose who the IP block belongs to?), but I don't know if it's possible to have it both ways.
Matt Flaschen